Thor K.

Before doing this, we might make a "proof of concept" with the much easier task of making an [appimage](https://appimage.org/) or similar. At least, I assume it's a lot easier to...

This is a low confidence answer, but under the assumption that an infrastructure target would have a predefined set of dependencies and such, I can't imagine it being a lot...

I've been looking at this for a little while, and I don't necessarily think it is feasible to fix on our end. [The documentation](https://swagger.io/docs/specification/authentication/cookie-authentication/) says cookie authentication doesn't work for...

I know of no option that's more "free as in freedom" than hashicorp vault's open source offering, they're the only real game in town I know of that's any degree...

Authproxy is a really interesting concept, great find! I'd be amiss if I didn't note that there's a known race condition that the article mentions and gives a few links...

I feel like limiting ourselves to _only_ supporting an open core standard, is dangerous. I'm all for supporting hashicorp vault in addition to what we already have, but supporting it...

The alternative is supporting vault, without having it as explicitly the only option. Keep the old secrets management as well - or rip it out, but provide vault as some...

If it's deemed too difficult to make secrets management plugins, then I'd rather keep secrets management in ITPs. Whether that be a load of ITPs like `plugin-kubernetes-infrastructure-vault`, `plugin-kubernetes-infrastructure-k8s-secrets`, and so...

Actually, we could also add all the secrets stuff to racetrack core probably, but I still think that having it as plugins makes the most sense.

Good enough for me, not perfect - I'd prefer to just have it as a plugin - but perfect is the enemy of good. If it's easier to bake support...