Closed joryirving closed 4 months ago
I don't think such a feature is fit for this. The point of bws-cache is to be a read cache for BWS, not a complete BWS API. Bitwarden said in this post that a Kubernetes integration is "coming soon". Whether that will support reading and writing from K8s I don't know, but it seems like a waste of time to build a feature which may well be provided by BW themselves in short time.
There would also be several security considerations involved in such a feature that I'm sure neither @rippleFCL nor myself have any desire to take responsibiltity for. We're not security professionals, this was just a quick side project for us both to solve a problem we had in Ansible. bws-cache was only ever supposed to be just that - a cache.
Hopefully Bitwarden's planned Kubernetes integration will have the features you want :)
Since ExternalSecrets supports pushsecrets, could we leverage bws-cache to push secrets up to BW Secret Manager?
https://external-secrets.io/latest/guides/pushsecrets/