encryption-provider-operator

command module
v0.5.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 13, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

README

CircleCI

encryption-provider-operator

encryption-provider-operator is creating and updating encryption config for k8s secret encryption of secret in etcd

simplified process of key rotation

  • trigger new keyrotation -> either via annotation or after some period
  • new encryption config file is generated with old and new key, the new key on the first position
  • install encryption config hasher on the cluster and calculate hashes
  • operator waits until all nodes have the hash of the config that is equal to what it sees in the MC
  • operator will recreate all secrets
  • operator will update the encryption config and remove the old key the * last step is to roll all master nodes again but it's not required or watched by the controller

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
pkg
config
encryption
key
label
project
record

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.