search

openbao / openbao

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.
https://openbao.org/
Mozilla Public License 2.0
2.89k stars 119 forks source link

Reaching out from project Bank-Vaults #27

Open sagikazarmark opened 9 months ago

sagikazarmark commented 9 months ago

Hello!

I'm a core maintainer of Bank-Vaults, an umbrella project that helps operate HashiCorp Vault on Kubernetes.

We have a CLI tool to help with configuration management, a Kubernetes operator, and a webhook for injecting secrets from Vault. Recently, we created a tool to help detect secret changes to automatically trigger rollouts in Kubernetes.

We've been looking for opportunities to extend the project to support other secret providers (e.g. we are adding support for cloud-based secret stores to our injection webhook), and due to the nature of OpenBao (being a Vault fork), it looks like a good match.

I know there is a mailing list and Matrix as well, but it seemed easier to make introductions here. I'd love to chat with you sometime to see if we can work together on something.

joewxboy commented 9 months ago

@sagikazarmark Thanks for the intro, and welcome! You might want to take a look at the sponsoring project Open Horizon as well. They deploy containerized applications to bare Linux hosts as well as to Kube clusters using Operators, and they provide runtime secrets bindings formerly via Vault, now moving to OpenBao. I'm curious if there might be some synergy between your project and mine. :)

@naphelps and @dabooz FYI ...

cipherboy commented 8 months ago

@sagikazarmark Have you had a chance to look at #64? Will it affect your project much, to move the non-OSI integrations to external plugins? Is Raft OK for a storage backend?

sagikazarmark commented 7 months ago

@cipherboy apologies for the late reply!

I briefly looked at the proposal, but from what I can tell, there are no interface changes.

Bank-Vaults configures Vault through it's API, so as long as the interface remains the same, removing plugins from the official distribution should be fine.

@joewxboy I'm not familiar with Open Horizon. We are certainly open to any kind of cooperation (resources in Open Source are generally scarce, so efficiency is key). One thing we have to keep in mind though is that Bank-Vaults has an established user base who use Vault. Ideally, that compatibility shouldn't be broken. I kinda hope OpenBao will keep that for the most part.

Do you have a regular community meeting? Would it make sense for us to hop on a call sometime?

cipherboy commented 1 week ago

@sagikazarmark Apologies, I just now realized we never replied to this last item.

Our meetings our held on Thursdays at 11AM Eastern: https://openbao.org/docs/contributing/#community-calls