nelm Secrets access levels

Access control when users work with secrets. For example, according to a specific company security policy, developers should not have access to production secrets.

Nov 29 '17 15:11 alexey-igrychev

Шифровать разными ключами? Подсунул ключ, доступно для редактирования только то, что расшифровалось. Подсунул другой, правишь продовые секреты.

Feb 02 '18 11:02 diafour

There should be a way to store multiple layers of secrets in the single repo. Werf should have a way to give access to some secrets for some users only.

Mar 06 '20 18:03 distorhead

Maybe we can add support for 3rd-party secret management engines? For example, ansible-vault with vault ids as a simple solution or/and Mozilla SOPS?

Aug 21 '21 20:08 Roman513

We are planning to switch to Mozilla SOPS in v1.3.

Aug 23 '21 21:08 alexey-igrychev

We are planning to switch to Mozilla SOPS in v1.3.

@alexey-igrychev it has any ETA?

Aug 24 '21 16:08 Roman513

The priority now is to stabilize version 1.2 and complete the remaining features, as well as to switch to the new update manager instead of multiwerf. After that, we will start with version 1.3.

I think November/December is the real ETA.

Aug 26 '21 18:08 alexey-igrychev

The priority now is to stabilize version 1.2 and complete the remaining features, as well as to switch to the new update manager instead of multiwerf. After that, we will start with version 1.3.

I think November/December is the real ETA.

Any updates on integration with SOPS?

Dec 04 '22 08:12 lorantalas

We will most likely add it in version 1.2, but not as a priority. Now we focus on the documentation and the site. After that, we will reflect on the priority of this task in our Roadmap.

It feels like the Q1/Q2 of next year.

Dec 06 '22 09:12 alexey-igrychev

Hello! Any updates with SOPS plans?

May 26 '24 02:05 Roman513

We are planning to migrate to SOPS in the next major release at the end of the year (3.0).

May 29 '24 13:05 alexey-igrychev