You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
About a year ago, the concept of "external secret storage" was introduced to let parties use key storage other than HashiCorp Vault by implementing an API. As far as I know, this was to cater Azure Key Vault users since. At the time, we thought you needed the quite bloated Azure SDK completely, and we didn't want/couldn't implement/test the feature (since no core maintainer was actually using Azure).
Things now changed:
People are that use Azure Key Vault want to contribute this feature (me)
Using the Azure SDK for a specific service (Key Vault) only requires you to depend on azcore and azkeys, which aren't that big dependencies at all
The external secret store API in still marked "experimental" since it's missing feature (e.g. security), which nobody seems willing to contribute. So it's another unmaintained feature.
Suggestion:
Drop support for secret store API (or at least deprecate it) in favor of directly supporting stores (HashiCorp Vault and Azure Key Vault).
Find out impact of people having to migrate from using HashiCorp Vault through Secret Store API to directly using it from the Nuts node (just configuration, or does it require migration?)
The text was updated successfully, but these errors were encountered:
About a year ago, the concept of "external secret storage" was introduced to let parties use key storage other than HashiCorp Vault by implementing an API. As far as I know, this was to cater Azure Key Vault users since. At the time, we thought you needed the quite bloated Azure SDK completely, and we didn't want/couldn't implement/test the feature (since no core maintainer was actually using Azure).
Things now changed:
azcoreandazkeys, which aren't that big dependencies at allSuggestion:
The text was updated successfully, but these errors were encountered: