Contribute to VSecM
This section contains instructions to test and develop VMware Secrets Manager locally.
📚 Familiarize Yourself with the Contributing Guidelines
Good First Issues for New Contributors
If you are new to VMware Secrets Manager or looking for smaller tasks to start contributing, we have a set of issues labeled as “good first issue” on our GitHub repository. These issues are a great place to start if you are looking to make your first contribution.
How to Find Good First Issues
- Navigate to the Issues tab in the GitHub repository.
- Use the label filter and select the “good first issue” label.
- Browse through the list and pick an issue that interests you.
Claiming an Issue
Before starting work on an issue, it’s a good practice to comment on it, stating that you intend to work on it. This prevents multiple contributors from working on the same issue simultaneously.
If you have questions or need further clarification on a “good first issue,” feel free to ask in the issue comments or reach out to the maintainers.
Code Review Requirements
While we value pragmatism over process, we do have some basic requirements for code reviews to ensure the quality and consistency of the codebase.
Conducting Code Reviews
- Pull Requests: All code changes must be submitted through a pull request (PR) on GitHub.
- Minimum Reviews: Each PR must be reviewed by at least one other person before it can be merged.
- Open for Feedback: PRs are open for comments and suggestions from any team member, not just the designated reviewer.
What Must Be Checked
These are the minimum set of items that must be checked during a code review. More items may be checked depending on the nature of the change.
- Canonical Go: The code should adhere to canonical Go practices.
- Formatting: The code must pass
gofmtwithout any issues.
- Consistency: The code should look like the rest of the codebase, as if it were written by a single individual.
- Approval: At least one reviewer must approve the PR.
- Automated Checks: All automated tests and checks must pass.
- No Conflicts: Resolve any merge conflicts before merging.
How to Conduct a Code Review
- Navigate to the Pull Requests tab in the GitHub repository.
- Choose a PR that is awaiting review.
- Review the code changes and provide your feedback, keeping the above criteria in mind.
- If the PR meets all the criteria, approve it; otherwise, request changes and provide constructive feedback.
What Technologies Do I Need to Know?
You don’t have to be an expert in all of these technologies to contribute to VMware Secrets Manager. However, being familiar with the following concepts and technologies will help you get started faster.
VMware Secrets Manager is a Kubernetes-native application, so you should be familiar with the basics of Kubernetes. If you are new to Kubernetes, we recommend going through the Kubernetes Basics.
VMware Secrets Manager is packaged as a Helm chart, so you should be familiar with the basics of Helm. If you are new to Helm, we recommend going through the Helm Quickstart Guide.
SPIFFE and SPIRE
VMware Secrets Manager uses SPIFFE and SPIRE to establish an identity control plane, so you should be familiar with the basics of SPIFFE and SPIRE. If you are new to SPIFFE and SPIRE, we recommend going through the quickstart guides on the SPIFFE.
VMware Secrets Manager uses the
to interact with the SPIFFE and SPIRE APIs, so you should be familiar with the
go-spiffe. If you are new to
go-spiffe, we recommend going through
VMware Secrets Manager uses the
to dispatch identities to workloads, and federate cluster, respectively. If you
are new to these concepts, we recommend you check out the SPIRE Controller Manager
VMware Secrets Manager has several components, each with its own responsibilities. Check out the architecture overview to get a high-level understanding of the components and their interactions.
While you are at there, we strongly recommend going through the entire documentation to get a good understanding of the product.