search

minio / kes

Key Managament Server for Object Storage and more
https://min.io/docs/kes/concepts/
GNU Affero General Public License v3.0
456 stars 95 forks source link

Integrate OpenStack Barbican Secret Manager #373

Open artashesbalabekyan opened 1 year ago

artashesbalabekyan commented 1 year ago

The KES doesn't support OpenStack Barbican Secret Manager.

This PR adds the support of Openstack Barbican Secret Manager along with other Key Management providers.

Testing this PR

  1. Setup two KES instance (source and target). Therefore create a new TLS private/public key pair:

    kes identity new --ip 127.0.0.1 --dns localhost localhost
  2. 
address: 0.0.0.0:7373 # Listen on all network interfaces on port 7373

admin: identity: 273de8a8d40c110047de8dcbaaa85896704fad73c9b0e093c8bb822e872b41c2

tls: key: private.key # The KES server TLS private key cert: public.crt # The KES server TLS certificate

policy: my-app: allow:

keystore: openstack: barbican: auth_url: barbican_url: credentials: user_domain: "Default" username: password: project_domain: "default" project_name: 


### Run the test

go test edge/*.go -test.run ^TestOpenStack$ -openstack.config ./config.yml

A1ca7raz commented 1 year ago

After Hashicorp Vault changing their license, I was looking for an open-source alternative until I saw this pr. Thank you!

allanrogerr commented 10 months ago

@artashesbalabekyan Is this still being worked on?

artashesbalabekyan commented 10 months ago

@artashesbalabekyan Is this still being worked on?

@allanrogerr Yes. It is tested, and it works

harshavardhana commented 1 month ago

Please rebase the PR with the latest master, sorry for the delay.