Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proposed Bundle Publisher destinations and formats #4034

Open
6 tasks
azdagron opened this issue Mar 30, 2023 · 5 comments
Open
6 tasks

Proposed Bundle Publisher destinations and formats #4034

azdagron opened this issue Mar 30, 2023 · 5 comments
Labels
help wanted Issues with this label are ready to start work but are in need of someone to do it priority/backlog Issue is approved and in the backlog

Comments

@azdagron
Copy link
Member

Please comment below for others that should be considered.

  • K8s Secret (PEM,JWKS,SPIFFE)
  • K8s ConfigMap (PEM,JWKS,SPIFFE)
  • K8s Webhook (PEM)
  • K8s Service (PEM)
  • AWS S3 (PEM,JWKS,SPIFFE)
  • Google Cloud Storage (PEM,JWKS,SPIFFE)
@azdagron azdagron mentioned this issue Mar 30, 2023
Closed
@azdagron azdagron added help wanted Issues with this label are ready to start work but are in need of someone to do it priority/backlog Issue is approved and in the backlog labels Apr 11, 2023
@EItanya
Copy link

EItanya commented Jul 14, 2023

Hello @azdagron, can I get a little primer on bundle publisher vs notifier. I have an S3 notifier plugin I'm going to publish a PR for hopefully soon.

@amartinezfayo
Copy link
Member

Hi @EItanya, the plan is to depreciate the Notifier plugin interface in favor of the BundlePublisher interface. Please see #2909 for more details. Unfortunately, we don't really plan to add new Notifier plugins at this time.
We already have support for BundlePublisher plugins in SPIRE, and I have an aws_s3 plugin PR mostly ready to be submitted, so we should have that support soon.

@EItanya
Copy link

EItanya commented Jul 14, 2023

Oh ok, thanks so much for the context!

@ahoze-r7
Copy link

also publishing the bundle to "K8s Secret" or "AWS secret manager" can helm
if you publish it to regular secret , we can use pushSecret crd of external secret in order to sync with AWS secret manager/ Vault etc...

@kfox1111
Copy link
Contributor

Maybe azure blob as well

c4rlo added a commit to c4rlo/spire that referenced this issue Mar 6, 2024
@c4rlo
Document BundlePublisher
c3a6c22 
Mention the BundlePublisher plugin type, and its built-in aws_s3
implementation, on the SPIRE Server Configuration Reference page.

This plugin type was introduced in spiffe/spire-plugin-sdk#38.
See also 2909, spiffe#4034.

While I'm touching this, couple other tweaks:

- Add CredentialComposer to plugin type list (its uniqueid
  implementation was already mentioned in the built-in plugin table).
- Reorder the tables of plugin types and built-in plugins to hopefully
  make a little more sense, and to be consistent with each other.
- Change a "sql" to a "SQL".
c4rlo added a commit to c4rlo/spire that referenced this issue Mar 6, 2024
@c4rlo
Document BundlePublisher
0806f8c 
Mention the BundlePublisher plugin type, and its built-in aws_s3
implementation, on the SPIRE Server Configuration Reference page.

This plugin type was introduced in spiffe/spire-plugin-sdk#38.
See also 2909, spiffe#4034.

While I'm touching this, couple other tweaks:

- Add CredentialComposer to plugin type list (its uniqueid
  implementation was already mentioned in the built-in plugin table).
- Reorder the tables of plugin types and built-in plugins to hopefully
  make a little more sense, and to be consistent with each other.
- Change a "sql" to a "SQL".
c4rlo added a commit to c4rlo/spire that referenced this issue Mar 6, 2024
@c4rlo
Document BundlePublisher
ddf7548 
Mention the BundlePublisher plugin type, and its built-in aws_s3
implementation, on the SPIRE Server Configuration Reference page.

This plugin type was introduced in spiffe/spire-plugin-sdk#38.
See also spiffe#2909, spiffe#4034.

While I'm touching this, couple other tweaks:

- Add CredentialComposer to plugin type list (its uniqueid
  implementation was already mentioned in the built-in plugin table).
- Reorder the tables of plugin types and built-in plugins to hopefully
  make a little more sense, and to be consistent with each other.
- Change a "sql" to a "SQL".
c4rlo added a commit to c4rlo/spire that referenced this issue Mar 6, 2024
@c4rlo
Document BundlePublisher
0a982b0 
Mention the BundlePublisher plugin type, and its built-in aws_s3
implementation, on the SPIRE Server Configuration Reference page.

This plugin type was introduced in spiffe/spire-plugin-sdk#38.
See also spiffe#2909, spiffe#4034.

While I'm touching this, a couple of other tweaks:

- Add CredentialComposer to plugin type list (its uniqueid
  implementation was already mentioned in the built-in plugin table).
- Reorder the tables of plugin types and built-in plugins to hopefully
  make a little more sense, and to be consistent with each other.
- Change a "sql" to a "SQL".
c4rlo added a commit to c4rlo/spire that referenced this issue Mar 6, 2024
@c4rlo
Document BundlePublisher
efb28f9 
Mention the BundlePublisher plugin type, and its built-in aws_s3
implementation, on the SPIRE Server Configuration Reference page.

This plugin type was introduced in spiffe/spire-plugin-sdk#38.
See also spiffe#2909, spiffe#4034.

While I'm touching this, a couple of other tweaks:

- Add CredentialComposer to plugin type list (its uniqueid
  implementation was already mentioned in the built-in plugin table).
- Reorder the tables of plugin types and built-in plugins to hopefully
  make a little more sense, and to be consistent with each other.
- Change a "sql" to a "SQL".

Signed-off-by: Carlo Teubner <cteubner1@bloomberg.net>
@c4rlo c4rlo mentioned this issue Mar 6, 2024
Merged
amartinezfayo pushed a commit that referenced this issue Mar 8, 2024
@c4rlo
Document BundlePublisher (#4951)
91ddf4f 
Mention the BundlePublisher plugin type, and its built-in aws_s3
implementation, on the SPIRE Server Configuration Reference page.

This plugin type was introduced in spiffe/spire-plugin-sdk#38.
See also #2909, #4034.

While I'm touching this, a couple of other tweaks:

- Add CredentialComposer to plugin type list (its uniqueid
  implementation was already mentioned in the built-in plugin table).
- Reorder the tables of plugin types and built-in plugins to hopefully
  make a little more sense, and to be consistent with each other.
- Change a "sql" to a "SQL".

Signed-off-by: Carlo Teubner <cteubner1@bloomberg.net>
rushi47 pushed a commit to rushi47/spire that referenced this issue Apr 11, 2024
@c4rlo @rushi47
Document BundlePublisher (spiffe#4951)
7b32f68 
Mention the BundlePublisher plugin type, and its built-in aws_s3
implementation, on the SPIRE Server Configuration Reference page.

This plugin type was introduced in spiffe/spire-plugin-sdk#38.
See also spiffe#2909, spiffe#4034.

While I'm touching this, a couple of other tweaks:

- Add CredentialComposer to plugin type list (its uniqueid
  implementation was already mentioned in the built-in plugin table).
- Reorder the tables of plugin types and built-in plugins to hopefully
  make a little more sense, and to be consistent with each other.
- Change a "sql" to a "SQL".

Signed-off-by: Carlo Teubner <cteubner1@bloomberg.net>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Issues with this label are ready to start work but are in need of someone to do it priority/backlog Issue is approved and in the backlog
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@kfox1111 @EItanya @azdagron @amartinezfayo @ahoze-r7