ArgoCD Vault Plugin Spike (aka Secrets Spike) #2914
Comments
nelsestu
changed the title
|
Having presented the team with the ArgoCD POC, there was mixed response, and while the spec review seemed to indicate a "yes" we should use ArgoCD, the POC left the team with less confidence. Following the demo, the team continued sharing feedback and concerns in slack. While inconclusive, Megan and Erik met the following monday, and resolved to try and mitigate/eliminate some of the team's concerns with a spike that would dive into secrets more deeply. As my health declined throughout the rest of last week, it complicated working on this issue. At no point was this issue going particularly well, and while I was able to continue experimenting with the secrets retrieval mechanisms in ArgoCD, I was still struggling to resolve the mysterious "default branch" issue, which had broken part of the POC. So finally after significant pain and multiple things still pointing towards giving up on ArgoCD, I spent some of Monday morning continuing with experiments I began over the weekend... and just prior to sprint retro, I finally declared defeat. |
|
Closing ticket since Erik's work is done. Berni will create a workshop to regroup as a team to discuss alternatives (meeting invite for team to come). |
User Story
As a VRO Engineer, I want to identify the scope of any secret refactoring work that is necessary in order to make an informed decision about ArgoCD.
Acceptance Criteria
a. Can VRO's use of mixed content type secrets work in ArgoCD vault plugin?
a. what is the potential implementation for mapping a directory of secrets
b. if one to one mapping is required, then how many individual secrets are we talking about?
Notes about work
The text was updated successfully, but these errors were encountered: