sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets

  •        100

Solution: Encrypt your Secret into a SealedSecret, which is safe to store - even to a public repository. The SealedSecret can be decrypted only by the controller running in the target cluster and nobody else (not even the original author) is able to obtain the original Secret from the SealedSecret. See https://github.com/bitnami-labs/sealed-secrets/releases for the latest release.

https://github.com/bitnami-labs/sealed-secrets

Tags
Implementation
License
Platform

   




Related Projects

kamus - An open source, git-ops, zero-trust secret encryption and decryption solution for Kubernetes applications

  •    CSharp

An open source, GitOps, zero-trust secrets encryption and decryption solution for Kubernetes applications. Kamus enable users to easily encrypt secrets than can be decrypted only by the application running on Kubernetes. The encryption is done using strong encryption providers (currently supported: Azure KeyVault, Google Cloud KMS and AES). To learn more about Kamus, check out the blog post and slides. If you're running Kamus locally the Kamus URL will be like http://localhost:<port>. So you need to add --allow-insecure-url flag to enable http protocol.

kubernetes-external-secrets - 💂 Kubernetes External Secrets

  •    Javascript

Kubernetes External Secrets allows you to use external secret management systems (e.g., AWS Secrets Manager) to securely add secrets in Kubernetes. Read more about the design and motivation for Kubernetes External Secrets on the GoDaddy Engineering Blog. The project extends the Kubernetes API by adding a ExternalSecrets object using Custom Resource Definition and a controller to implement the behavior of the object itself.

habitus - A Build Flow Tool for Docker

  •    Go

Habitus adds workflows to Docker build. This means you can create a chain of builds to generate your final Docker image based on a workflow. This is particularly useful if your code is in compiled languages like Java or Go or if you need to use secrets like SSH keys during the build.Habitus is a standalone build flow tool for Docker. It’s a command line tool that builds Docker images based on their Dockerfile and a build.yml.

konfd - Manage application configuration using Kubernetes secrets, configmaps, and Go templates.

  •    Go

Manage application configuration using Kubernetes secrets, configmaps, and Go templates.See the templates docs for more details.

kubernetes-vault - Use Vault to store secrets for Kubernetes!

  •    Go

The Kubernetes-Vault project allows pods to automatically receive a Vault token using Vault's AppRole auth backend.To run Kubernetes-Vault on your cluster, follow the quick start guide.


landscaper - Takes a set of Helm Chart references with values (a desired state), and realizes this in a Kubernetes cluster

  •    Go

Landscaper takes a set of Helm Chart references with values (a desired state), and realizes this in a Kubernetes cluster. The intended use case is to have this desired state under version control, and let Landscaper first test and then apply the state as part of the CI/CD stages. Binaries are available here; Docker images here. On macOS using Homebrew, a brew install landscaper should do.

habitus - A Build Flow Tool for Docker

  •    Go

Habitus adds workflows to Docker build. This means you can create a chain of builds to generate your final Docker image based on a workflow. This is particularly useful if your code is in compiled languages like Java or Go or if you need to use secrets like SSH keys during the build. Habitus is a standalone build flow tool for Docker. It’s a command line tool that builds Docker images based on their Dockerfile and a build.yml.

kubefwd - Bulk port forwarding Kubernetes services for local development.

  •    Go

Read Kubernetes Port Forwarding for Local Development for background and a detailed guide to kubefwd. kubefwd is a command line utility built to port forward some or all pods within a Kubernetes namespace. kubefwd uses the same port exposed by the service and forwards it from a loopback IP address on your local workstation. kubefwd temporally adds domain entries to your /etc/hosts file with the service names it forwards.

kube-cert-manager - Manage Lets Encrypt certificates for a Kubernetes cluster.

  •    Go

This is not an official Google Project.The secrets created by the Kubernetes Certificate Manager can be used to configure any TLS terminating load balancer.

devspace - Cloud Native Software Development with Kubernetes and Docker - simply run "devspace up" in any of your projects and start coding directly on top of Kubernetes (works with minikube, self-hosted and cloud-based clusters)

  •    Go

With a DevSpace, you can build, test and run code directly inside any Kubernetes cluster. You can run devspace up in any of your projects and the client-only DevSpace CLI will start a DevSpace within your Kubernetes cluster. Keep coding as usual and the DevSpace CLI will sync any code change directly into the containers of your DevSpace. No more waiting for re-building images, re-deploying containers and restarting applications on every source code change. Simply edit your code with any IDE and run your code instantly inside your DevSpace.

torus-cli - A secure, shared workspace for secrets

  •    Go

A secure, shared workspace for secrets. Manifold provides binaries of torus-cli for OS X, Linux and Windows on amd64.

EnvKey - Protect API keys and credentials, Keep configuration in sync everywhere.

  •    Javascript

This is EnvKey's cross-platform native application. It supports Mac, Windows, and Linux. EnvKey is an end-to-end encrypted secrets and configuration management tool. It keeps your configuration securely and automatically in sync for all your developers and servers.

origin - Enterprise Kubernetes for Developers

  •    Go

OpenShift Origin is a distribution of Kubernetes optimized for continuous application development and multi-tenant deployment. OpenShift adds developer and operations-centric tools on top of Kubernetes to enable rapid application development, easy deployment and scaling, and long-term lifecycle maintenance for small and large teams.For questions or feedback, reach us on IRC on #openshift-dev on Freenode or post to our mailing list.

kapitan - Generic templated configuration management for Kubernetes, Terraform and other things

  •    Python

Kapitan is a tool to manage complex deployments using jsonnet and jinja2. Use Kapitan to manage your Kubernetes manifests, your documentation, your Terraform configuration or even simplify your scripts.

argo - Get stuff done with container-native workflows for Kubernetes.

  •    Go

If you actively use Argo in your organization and believe that your organization may be interested in actively participating in the Argo Community, please ask a representative to contact saradhi_sreegiriraju@intuit.com for additional information. Argo is an open source container-native workflow engine for getting work done on Kubernetes. Argo is implemented as a Kubernetes CRD (Custom Resource Definition).

Okteto - A Tool for Cloud Native Developers

  •    Go

Kubernetes has made it very easy to deploy applications to the cloud at a higher scale than ever, but the development practices have not evolved at the same speed as application deployment patterns. Today, most developers try to either run parts of the infrastructure locally, or just test these integrations directly in the cluster via CI jobs or the "docker build, docker push, kubectl apply" cycle. It works, but this workflow is painful and incredibly slow.

kubeform - Form your :boat: Kubernetes :anchor: cluster anywhere using CoreOS, Terraform and Ansible

  •    Python

Deploy yourself a high-availability Kubernetes cluster, in minutes. Built on Terraform, CoreOS and Ansible.Our recipes for bootstrapping HA Kubernetes clusters on any cloud or on-premise.

kubernetes - Production-Grade Container Scheduling and Management

  •    Go

Kubernetes is an open source system for managing containerized applications across multiple hosts, providing basic mechanisms for deployment, maintenance, and scaling of applications.Kubernetes builds upon a decade and a half of experience at Google running production workloads at scale using a system called Borg, combined with best-of-breed ideas and practices from the community.

choerodon - The open source PaaS for Kubernetes.

  •    

Choerodon is an open source enterprise service platform based on container orchestration and management capabilities of Kubernetes. It integrates the tool chain of DevOps, microservices, and mobile application framework to help companies achieve Scrum application delivery and automated operations management, and provide business components such as IoT, payment, data, smart insight, and enterprise application market to help companies focus on business and accelerate digital transformation. A comprehensive tool chain supporting DevOps best practices, supporting Scrum management from planning, programming, building, testing, publishing, and operations.

workflow - The open source PaaS for Kubernetes.

  •    CSS

Deis Workflow is an open source Platform as a Service (PaaS) that adds a developer-friendly layer to any Kubernetes cluster, making it easy to deploy and manage applications.Deis Workflow is the second major release (v2) of the Deis PaaS. If you are looking for the CoreOS-based PaaS visit https://github.com/deis/deis.