kubesec icon indicating copy to clipboard operation
kubesec copied to clipboard

Published 20 hours ago verified publisher icon shyiko

Integration with kustomize

Open davinkevin opened this issue 5 years ago • 4 comments

After some (laborious) investigation, I conclude I can't use this very good plugin with a tool like kustomize because the standard generator doesn't allow to add some extra "comments" required by kubesec.

I can choose to not use the secret-generator from kustomize, but I lose auto rolling of deployment attached to a secret and the capacity to have immutable secrets in K8S.

Do you think an integration inside kustomize with an extension of the current secretGenerator (https://github.com/kubernetes-sigs/kustomize/tree/master/plugin/builtin/secretgenerator) or something else is possible? Would be great to have access to this 👍.

Thanks

/cc @neonox31

davinkevin avatar Aug 16 '19 14:08 davinkevin

I started to use kubesec before kustomize removed SecretGenerator. So as a workaround today, on each deploy, I generate secrets using kubesec and then apply it.

This would be a real boost for kubesec if this could be part of kustomize !

confiq avatar Aug 16 '19 16:08 confiq

I created a kustomize plugin for SOPS if anyone is searching for a solution with a kustomize integration or looking for a template for creating a kubesec kustomize plugin!

devstein avatar Mar 31 '20 14:03 devstein

If anyone is interested in testing kubesec integration with kustomize: have a look at https://github.com/yseop/kustomize-plugins/pull/1. It only supports PGP decryption, but can serve as basic for deeper integration. Reviews and comments are very welcome.

nbendafi-yseop avatar Apr 06 '20 14:04 nbendafi-yseop

I search also a kustomize kubesec integration. this will be great. fit for our setup.

marzelwidmer avatar May 30 '20 18:05 marzelwidmer