Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Support of Hashicorp Vault into Helidon #2395

Closed
ak98neon opened this issue Sep 25, 2020 · 5 comments · Fixed by #2895
Closed

Add Support of Hashicorp Vault into Helidon #2395

ak98neon opened this issue Sep 25, 2020 · 5 comments · Fixed by #2895
Assignees
@tomas-langer
Labels
enhancement New feature or request P2
Milestone
2.3.0

Comments

@ak98neon
Copy link

Please add support of Hashicorp Vault https://www.vaultproject.io/ into Helidon Framework.
@m0mus m0mus added enhancement New feature or request P3 labels Oct 1, 2020
@tomas-langer
Copy link
Member

Hello, could you please describe the use case - esp. what you expect from Helidon.
I can see an integration as a config source - so you could inject @ConfigProperty into CDI beans with configuration obtained from the Vault.

If you have ideas how this could work, we would welcome them. If not, we will choose the mode of integration as we see fit, which may not be aligned with the use case(s) you have.

Thanks a lot!

@paulparkinson paulparkinson mentioned this issue Oct 6, 2020
Closed
@maheshmuthulankkat
Copy link

maheshmuthulankkat commented Nov 24, 2020
edited
Loading

Hi,
I have given below some of our use cases related to Hashicorp Vault. We currently use Spring vault.

  1. Connect to vault and retrieve secrets. Interface something similar to Spring vault VaultVersionedKeyValueOperations.
  2. Core vault interaction. Interface something similar to Spring vault VaultTemplate
  3. Kubernetes based authentication to vault. Details at https://docs.spring.io/spring-vault/docs/current/reference/html/#vault.authentication.kubernetes

@tomas-langer tomas-langer removed the P3 label Nov 24, 2020
@vipinjnair
Copy link

Hi,

It would be great if a Vault Rest based client be added to the Helidon package.

Listing out some Vault use cases that we are currently using :

-- Authentication : 1) Token based
2) Kubernetes based

-- Reading and Writing to KeyValue secret engine

-- Reading and Writing to Transit Engine. Creating new encryption key, key rotation and version based key fetch.

The proposed Helidon based Vault client can provide interfaces to interact with different vault secret engines and to manage authentication.

thanks
Vipin

@rijureghunath1
Copy link

Few additional use-case, based on our experience on working with Hashicorp and OCI vault.

  1. The implementation should work with different vault impl (Hashicorp, OCI etc.).

  2. Support to design an application without real or minimal knowledge of Vault and its API's. For Hashcorp vault provides init / sidecar pattern for containers on Kubernetes based deployments.

  3. Library support should be there to export transit key to the caller based on provided parameter's such as transit key path and name.

  4. Multiple engine support. Key engines we uses with our applications are KV, PKI and Transit

  5. Good support for muti-tenant SAAS applications. For e.g each tenant could be owning different KV data storage containing data specific to that tenant An easy way for CRUD is desirable by abstracting necessary stuffs within the library.

@m0mus m0mus added P3 P2 and removed P3 labels Dec 4, 2020
This was referenced Mar 24, 2021
Merged
Merged
@tomas-langer
Copy link
Member

tomas-langer commented Mar 29, 2021
edited
Loading

Todos after the draft PR:

There is now an epic for follow up: #2966

@tomas-langer tomas-langer mentioned this issue Mar 29, 2021
Merged
@tomas-langer tomas-langer added this to the 2.3.0 milestone Apr 22, 2021
@arjav-desai arjav-desai mentioned this issue May 28, 2021
Closed
6 tasks
@m0mus m0mus added this to Backlog Aug 12, 2024
@m0mus m0mus moved this to Closed in Backlog Aug 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tomas-langer tomas-langer

Labels
enhancement New feature or request P2
Projects
Backlog
Archived in project
Milestone
2.3.0
Development

Successfully merging a pull request may close this issue.

Vault integration tomas-langer/helidon
8 participants
@m0mus @tomas-langer @ak98neon @arjav-desai @paulparkinson @maheshmuthulankkat @vipinjnair @rijureghunath1