Open dbones opened 2 years ago
apiVersion: lab.dev/v1
kind: Organization
metadata:
name: dbones-labs
namespace: lab # sets the org namespace
labels:
lab.dev/verison: 1
spec:
service:
retainFor: 300
gitSecret:
rotate: 43200
---
apiVersion: lab.dev/v1
kind: GitSecret
metadata:
name: login-dbones
namespace: spike
labels:
secrect.internal.lab.dev/component: postgres
lab.dev/verison: 1
spec:
password:
length: 32
azLower: true
azUpper: true
number: true
special: true
avoid: "\""
---
apiVersion: lab.dev/v1
kind: Postgres
metadata:
name: spike
namespace: frontier
labels:
lab.dev/verison: 1
spec:
credentials: spike
Secrets need to support
Quick notes
secrets need to be stored in K8s (how the applications and logic access their secrets)
ways to handle secrets
design ideas
consider Hashi Vault + the library below