You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I personally prefer sops with helm-secrets than AVP as it's visible in git tree when secret changes and you can actually follow the changes later. Not talking about encrypting with spare key (eg. GPG) for some disaster case.
This allows usage of sops with helm-secrets in argocd-repo-server without providing any token to HC Vault, just using ServiceAccount.
Probably more usecases can be found, but IMO this one is major and it's actually my usecase.
The text was updated successfully, but these errors were encountered:
There are code examples here: https://developer.hashicorp.com/vault/docs/auth/kubernetes#code-example
argocd-vault-plugin
can already use it and it would be the best possible KMS alternative for on-premise usagehttps://argocd-vault-plugin.readthedocs.io/en/stable/backends/#kubernetes-authentication
I personally prefer sops with helm-secrets than AVP as it's visible in git tree when secret changes and you can actually follow the changes later. Not talking about encrypting with spare key (eg. GPG) for some disaster case.
This allows usage of sops with helm-secrets in argocd-repo-server without providing any token to HC Vault, just using ServiceAccount.
Probably more usecases can be found, but IMO this one is major and it's actually my usecase.
The text was updated successfully, but these errors were encountered: