README
¶
secret-init
Minimalistic init system for containers injecting secrets from various secret stores.
Features
- Multi-provider support - Automatically deduces and initializes required secret providers from environment variable references.
- Async loading - Secrets are loaded asynchronously to improve speed.
- Renew secrets - Use daemon mode to renew secrets in the background.
| Supported Providers | Stability |
|---|---|
| Local provider | ✅ Production Ready |
| HashiCorp Vault | ✅ Production Ready |
| OpenBao | 🟡 Beta |
| AWS Secrets Manager / AWS Systems Manager Parameter Store | ✅ Production Ready |
| Google Cloud Secret Manager | ✅ Production Ready |
| Azure Key Vault | ✅ Production Ready |
Getting started
secret-initis designed for use with the Kubernetes mutating webhook. It can also function as a standalone tool.- Take a look at some of the examples that showcase the use of
secret-init.
Development
Install Go on your computer then run make deps to install the rest of the dependencies.
Make sure Docker is installed with Compose and Buildx.
Run project dependencies:
make up
Build a binary:
make build
Run the test suite:
make test
make test-e2e
Run linters:
make lint # pass -j option to run them in parallel
Some linter violations can automatically be fixed:
make fmt
Build artifacts locally:
make artifacts
Once you are done either stop or tear down dependencies:
make stop
# OR
make down
License
The project is licensed under the Apache 2.0 License.
Documentation
¶
There is no documentation for this package.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.