The secrets-injector is an add-on tool to the external-secrets operator (https://external-secrets.io/).
The main goal of the secrets-injector tool is to facilitate the creation and management of external-secrets resources in a Kubernetes cluster. It allows users to create external-secrets resources in a declarative way, by defining a variety of secrets with just a few lines of code.
Secrets Injector for external-secrets operator
| Name | Url | |
|---|---|---|
| Marcus Aleksandravicius | [email protected] |
| Key | Type | Default | Description |
|---|---|---|---|
| clustersecretstore.azurekv.identityid | string |
"changeme" |
|
| clustersecretstore.azurekv.tenantid | string |
"changeme" |
|
| clustersecretstore.azurekv.vaulturl | string |
"changeme" |
|
| clustersecretstore.name | string |
"cluster-azure-backend" |
|
| clustersecretstore.providerType | string |
"azurekv" |
|
| externalsecrets[0].argocd | bool |
false |
|
| externalsecrets[0].clustersecstore | string |
"cluster-azure-backend" |
|
| externalsecrets[0].keyvaultsecretname | string |
"changeme" |
|
| externalsecrets[0].multivalue | bool |
true |
|
| externalsecrets[0].namespace | string |
"changeme" |
|
| externalsecrets[0].namespacesecretname | string |
"changeme" |
|
| externalsecrets[0].secret | string |
"changeme" |
Install the secrets-injector chart:
helm install secrets-injector oci://ghcr.io/marcus1aleksand/helm-charts/secrets-injectorSecurity checks in this repository are performed by a pipeline that executes Checkov whenever a Pull Request is created against the main branch.
Checkov is a static code analysis tool for infrastructure as code (IaC) and also a software composition analysis (SCA) tool for images and open source packages.
It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Helm charts, Kustomize, Dockerfile, Serverless, Bicep, OpenAPI or ARM Templates and detects security and compliance misconfigurations using graph-based scanning.
It performs Software Composition Analysis (SCA) scanning which is a scan of open source packages and images for Common Vulnerabilities and Exposures (CVEs).
Checkov also powers Prisma Cloud Application Security, the developer-first platform that codifies and streamlines cloud security throughout the development lifecycle. Prisma Cloud identifies, fixes, and prevents misconfigurations in cloud resources and infrastructure-as-code files.
This repository has pre-commit hooks configuration within it. This is utilized to run a set of validations locally such as automatically fixing formatting issues before the code is pushed to a remote branch.git s
In order to have the pre-commit working in your local IDE, after cloning this repository locally, run the following commands:
- Install pre-commit locally
brew install pre-commit
- After cloning this repository and having pre-commit installed in your locall computer, run the following command via CLI in the repository directory:
pre-commit install
Done! now whenever a commit command is executed, your code terraform code will be fully validated and documentation will be automatically updated before it is pushed to the remote repository's branch.
Autogenerated from chart metadata using helm-docs v1.14.2