FEATURE: Decomission hashicorp-vault and create certificates signed by CSM CA and create users in gitea #26

Masber · 2024-02-12T00:44:44Z

currently, we store k8s and gitea authentication details in a hashicorp-vault instance which can only be accessed through VPN, this make difficult for manta to be portable.
A solution would be creating an user certificate CSM k8s can accept and create individual users in gitea

miguelgila · 2024-02-12T08:00:36Z

I think with CSM 1.3+ we can get this working without a lot of work on the mesa/manta side of things::

TAPMS brings functionality that allows K8s to use OIDC tokens
The version of Gitea installed can connect to an OIDC provider, we could set it up to use the one within CSM.

Masber changed the title ~~decomission hashicorp-vault and create certificates signed by CSM CA and create users in gitea~~ FIX: Decomission hashicorp-vault and create certificates signed by CSM CA and create users in gitea Feb 25, 2024

Masber changed the title ~~FIX: Decomission hashicorp-vault and create certificates signed by CSM CA and create users in gitea~~ FEATURE: Decomission hashicorp-vault and create certificates signed by CSM CA and create users in gitea Feb 26, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FEATURE: Decomission hashicorp-vault and create certificates signed by CSM CA and create users in gitea #26

FEATURE: Decomission hashicorp-vault and create certificates signed by CSM CA and create users in gitea #26

Masber commented Feb 12, 2024

miguelgila commented Feb 12, 2024

FEATURE: Decomission hashicorp-vault and create certificates signed by CSM CA and create users in gitea #26

FEATURE: Decomission hashicorp-vault and create certificates signed by CSM CA and create users in gitea #26

Comments

Masber commented Feb 12, 2024

miguelgila commented Feb 12, 2024