Feature Request: Create a provider for external-secrets

[egandro]

External Secrets is a kubernetes integration for secrets.

There are a lot of providers. Please add support for passbolt (based on this go-passbolt library)

Discussed here: https://github.com/external-secrets/external-secrets/issues/2188

Existing providers here: https://external-secrets.io/v0.8.1/provider/aws-secrets-manager/

Probably it's much simpler - External Secrets has a "Webhock" and you can integrate this in the main product.

[speatzle]

Hi, External-Secrets having support for Passbolt would indeed be cool but this issue is in the wrong place.

go-passbolt can be used as a Credential Provider. Any Changes needed to make this work would need to happen in the External-Secrets Repository.

Additionally: go-passbolt is a Community Project and is not Associated with Passbolt SA (as stated in the Repositories Readme). I have built this library (and go-passbolt-cli) in my free time to be able to automate my own Passbolt Server.

[egandro]

external secrets has a generic webhock - probably we can hack this by using the go-passbolt-cli.

Unfortunately I just found out, how limited passbolt ist :(

I have no freaking idea how to add a ssh key.

[dlen]

Hi @egandro custom secrets is part of the roadmap. In the meantime you could workaround this by saving a SSH key on the description field. Descriptions are encrypted.

Hope this helps.

Also I think promoting passbolt as part of the external-secrets project it is a nice idea!

[egandro]

Thx for this info. I was using the description field - but - not 100% sure if this is the way to go.

Thx for the clarification :)

Can we do some discussion about the external secrets here - https://github.com/external-secrets/external-secrets/issues/2188?

[bakito]

passbolt feature request: https://community.passbolt.com/t/as-a-sre-id-like-to-be-able-to-use-secrets-from-passbolt-in-the-external-secrets-operator-for-kubernetes/7065