README
¶
VMware Secrets Manager for cloud-native apps
Project Status
Active Maintenance Mode
We are currently focusing our development efforts on SPIKE to reach its v1.0 milestone.
During this period:
- Security Issues: We will promptly address any security vulnerabilities or CVE announcements in VSecM.
- Feature Development: New feature implementations will be deferred until SPIKE achieves v1.0.
- Community Contributions: We welcome and encourage community contributions to VSecM during this time. We will review and merge PRs as quickly as possible. We will provide guidance and support to contributors.
Thank you for your understanding and continued support.
About
VMware Secrets Manager (VSecM) redefines secrets management for cloud native apps.
By using VSecM you can #sleepmore while keeping your secrets… secret.
Want to get started quickly? Check out our quickstart tutorial.
🐢⚡️
The Elevator Pitch
VMware Secrets Manager is a delightfully-secure Kubernetes-native secrets store.
VMware Secrets Manager (VSecM) keeps your secrets secret.
With VMware Secrets Manager, you can rest assured that your sensitive data is always secure and protected.
VMware Secrets Manager is perfect for securely storing arbitrary configuration information at a central location and securely dispatching it to workloads.
Tell Me More
VMware Secrets Manager is a cloud-native secure store for secrets management. It provides a minimal and intuitive API, ensuring practical security without compromising user experience.
VMware Secrets Manager is resilient and secure by default, storing sensitive data in memory and encrypting any data saved to disk.
Endorsed by industry experts, VMware Secrets Manager is a ground-up re-imagination of secrets management, leveraging SPIFFE for authentication and providing a cloud-native way to manage secrets end-to-end.
Getting Your Hands Dirty
Before trying VMware Secrets Manager, you might want to learn about its architecture and design goals.
Once you are ready to start, see the Quickstart guide.
Or, if you are one of those who "learn by doing", you might want to dig into the implementation details later. If that's the case, you can directly jump to the fun part and follow the steps here to install VMware Secrets Manager to your Kubernetes cluster.
Dive Into Example Use Cases
There are several examples demonstrating VMware Secrets Manager sample use
cases inside the ./examples/ folder.
Container Images
Pre-built container images of VMware Secrets Manager components can be found at: https://hub.docker.com/u/vsecm.
Build VMware Secrets Manager From the Source
You can also build VMware Secrets Manager from the source.
Status of This Software
VMware Secrets Manager is under dynamic and progressive development.
The code we've officially signed and released maintains a high standard of stability and dependability. However, we do encourage it to be used in a production environment (at your own risk--see LICENSE).
It's important to note that, technically speaking, VMware Secrets Manager
currently holds the status of an alpha software. This means that as we
journey towards our milestone of v1.0.0, it's possible for changes to
occur--both major and minor. While this might mean some aspects are not backward
compatible, it's a testament to our unwavering commitment to refining and
enhancing VMware Secrets Manager.
In a nutshell, we are ceaselessly pushing the boundaries of what's possible while ensuring our software stays dependable and effective for production use.
🦆🦆🦆 (Docs)
A Note on Security
We take VMware Secrets Manager's security seriously. If you believe you have found a vulnerability, please follow this guideline to responsibly disclose it.
A Tour Of VMware Secrets Manager
Check out this quickstart guide for an overview of VMware Secrets Manager.
Community
Open Source is better together.
If you are a security enthusiast, join these communities and let us change the world together 🤘:
- Join VMware Secrets Manager's Slack Workspace
- Join the VMware Secrets Manager channel on Kampus' Discord Server
Links
General Links
- Homepage and Docs: https://vsecm.com/
- Changelog
- Community:
- Contact
Guides and Tutorials
- Installation and Quickstart
- Local Development Instructions
- Developer SDK
- CLI
- Architecture
- Configuration
- Production Deployment Tips
Installation
Check out this quickstart guide for an overview of VMware Secrets Manager, which also covers installation and uninstallation instructions.
You need a Kubernetes cluster and sufficient admin rights on that cluster to install VMware Secrets Manager.
Usage
Here is a list of step-by-step tutorials covers several usage scenarios that can show you where and how VMware Secrets Manager could be used.
Architecture Details
Check out this VMware Secrets Manager Deep Dive article for an overview of VMware Secrets Manager system design and how each component fits together.
Folder Structure
VSecM == "VMware Secrets Manager for Cloud-Native Apps"
Here are the important folders and files in this repository:
./app: Contains core VSecM components' source code../app/init_container: Contains the source code for the VSecM Init Container../app/inspector: Contains the source code for the VSecM Inspector../app/keygen: Contains the source code for the VSecM Keygen../app/keystone: Contains the VSecM KeyStone source code../app/safe: Contains the VSecM Safe source code../app/sentinel: Contains the source code for the VSecM Sentinel../app/sidecar: Contains the source code for the VSecM Sidecar.
./ci: Automation and CI/CD scripts../lib: Contains independent code that can be used in other projects too../helm-charts: Contains VSecM helm charts../core: Contains core modules shared across VSecM components../dockerfiles: Contains Dockerfiles for building VSecM container images../examples: Contains the source code of example use cases../hack: Contains scripts for building, publishing, development , and testing../k8s: Contains Kubernetes manifests that are used to deploy VSecM and its use cases../sdk: Contains the source code of the VSecM Developer Go SDK../sdk-cpp: Contains the source code of the VSecM Developer C++ SDK../sdk-java: Contains the source code of the VSecM Developer Java SDK../sdk-python: Contains the source code of the VSecM Developer Python SDK../sdk-rust: Contains the source code of the VSecM Developer Rust SDK../docs: Contains the source code of the VSecM Documentation website (https://vsecm.com)../CODE_OF_CONDUCT.md: Contains VSecM Code of Conduct../CONTRIBUTING_DCO.md: Contains VSecM Contributing Guidelines../SECURITY.md: Contains VSecM Security Policy../LICENSE: Contains VSecM License../Makefile: TheMakefileused for building, publishing, deploying, and testing the project.
Branches
There are special long-living branches that the project maintains.
main: This is the source code that is in active development. We try out best to keep it stable; however, there is no guarantees. We tag stable releases off of this branch during every release cut.gh-pages: This branch is where VSecM Helm charts are maintained. ArtifactHub references this branch.docs: This branch contains versioned documentation snapshots that we take
during releases.tcx: This is an internal "experimental" branch that is not meant for public consumption.
Changelog
You can find the changelog and migration/upgrade instructions (if any) on VMware Secrets Manager's Changelog Page.
Code Of Conduct
Contributing
To contribute to VMware Secrets Manager, follow the contributing guidelines to get started.
Use GitHub issues to request features or file bugs.
Communications
Maintainers
Check out the Maintainers Page for a list of maintainers of VMware Secrets Manager.
Please send your feedback, suggestions, recommendations, and comments to feedback@vsecm.com.
We'd love to have them.
Directories