Skip to content
/ k8s-secret-injector Public

k8s-secret-injector is a tool that can connect with multiple secret managers to fetch the secrets

License

Apache-2.0 license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

OT-CONTAINER-KIT/k8s-secret-injector

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

42 Commits

.azure-pipeline

.azure-pipeline

 
 

.goreleaser

.goreleaser

 
 

cmd

cmd

 
 

pkg

pkg

 
 

scripts

scripts

 
 

static

static

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

DEVELOPMENT.md

DEVELOPMENT.md

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

VERSION

VERSION

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

main.go

main.go

 
 

Repository files navigation

K8s Secret Injector

k8s-secret-injector is a tool that can connect with multiple secret managers to fetch the secrets and then inject them into the environment variable in a secure way. The motive is to create this injector is to use it with another project of our k8s-vault-webhook but this can be used independently outside Kubernetes as well.

The secret managers which are currently supported:-

There are some secret managers which are planned to be implemented in future.

Supported Features

  • k8s-secret-injector can connect with Vault using Kubernetes as backend
  • Authenticate with Kubernetes using Serviceaccount mechanism
  • Support AWS Secret Manager as secret manager backend
  • Inject secrets directly to the process, i.e. after the injection you cannot read secrets from the environment variable
  • Inject secret to pod's application process from AWS Secret Manager

Architecture

Installation

We can simply clone the repo and compile the binary according to the OS architecture and environment.

make build-code

In any case, if you don't want to compile the code. The binary can be installed by downloading from Releases as well.

Usage

For using the k8s-secret-injector, simple --help flag can list out all the available options. For example:-

$ k8s-secret-injector --help
K8s Secret Injector Version: 1.0

A tool which can connect with multiple secret manager and inject them in environment variable

Usage:
  k8s-secret-injector [command]

Available Commands:
  aws         Fetch secrets from AWS Secret Manager
  azure       Fetch secrets from Azure Key Vault
  help        Help about any command
  vault       Fetch and inject secrets from Vault to a given command
  version     Print the version of k8s secret injector

Flags:
      --config string      config file (default is $HOME/.k8s-injector.yaml)
  -h, --help               help for k8s-secret-injector
  -t, --toggle             Help message for toggle
  -v, --verbosity string   Log level (debug, info, warn, error, fatal, panic (default "info")

Use "k8s-secret-injector [command] --help" for more information about a command.

Development

If you like to contribute to this project, you are more than welcome. Please see our DEVELOPMENT.md for details.

Release History

Please see our CHNANGELOG.md for details.

Contact

If you have any suggestion or query. Contact us at

opensource@opstree.com

About

k8s-secret-injector is a tool that can connect with multiple secret managers to fetch the secrets

Topics

kubernetes vault webhook secret secret-management secret-injection

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

3 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 4

v4.0 Latest
May 15, 2021
+ 3 releases

Packages 2

 
 

Languages