Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mangadex-pub/argocd-vault
ArgoCD with Vault plugin integration for Kusotmize loop
https://github.com/mangadex-pub/argocd-vault
Last synced: 13 days ago
JSON representation
ArgoCD with Vault plugin integration for Kusotmize loop
- Host: GitHub
- URL: https://github.com/mangadex-pub/argocd-vault
- Owner: mangadex-pub
- License: apache-2.0
- Created: 2022-12-08T17:32:35.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2024-03-20T22:17:31.000Z (11 months ago)
- Last Synced: 2024-03-20T23:34:48.503Z (11 months ago)
- Language: Dockerfile
- Homepage:
- Size: 15.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Argo CD + argo-vault-plugin
Aside from a few critical infrastructure components, MangaDex relies on [ArgoCD](https://argoproj.github.io/cd) to render Kustomize manifests
within a control k8s cluster and apply the rendered manifests on our workloads clusters.
The best way we are aware of to tie good security into this is to keep secrets in a HashiCorp Vault instance and pull them at rendering time to inject them in
manifests. Which [argocd-vault-plugin](https://github.com/argoproj-labs/argocd-vault-plugin) (AVP) facilitates greatly.
From an operational standpoint, and as per the Argo CD project's own recommendation, the best approach to plugins is to bake them directly in your Argo CD
image. This is what this image is for.
---
The published tags are in the format
```
argocd$ARGOCD_VERSION-avp$AVP_VERSION
```
We obviously provide no support for this all. We use it and share it mainly so you can fork it if you so desire.