ADR-0003: VSecM Will Be Scoped to Work on Kubernetes Only
- Status: accepted
- Date: 2024-05-09
- Tags: integration
Context and Problem Statement
VMware Secrets Manager leverages SPIFFE as its identity control plane. SPIFFE is platform and infrastructure agnostic; so if we want we can add support for non-Kubernetes environments too.
However, this would mean the project will need to use alternatives to its Kubernetes
tooling (such as ClusterSPIFFEIDs, ServiceAccounts, Kubernetes RBAC, and similar)
This will increase the scope of the project a lot.
At least for version 1.0, we shall not be considering a non-Kubernetes solution.
This decision may be revisited when we reach 1.0 and project gains adequate maturity, and there are not many major features to implement.
Decision Drivers
- Increase in scope and complexity
- Increase in the attack surface
- Increase in unit and integration testing needs
Considered Options
- No Kubernetes work until version 1.0
- Provide limited support, offering a subset of features.
- Plan for non-Kubernetes support anyway.
- Create an experimental branch and work on it without any commitments.
Decision Outcome
Chosen option: Option 1, because of increased scope not matching our limited time and resources; and also because we’d rather keep the project secure and well-tested.
Positive Consequences
- Less scope means more focus.
- Less complexity in the project.
- The Kubernetes machinery can do a lot of the heavy-lifting.
Negative Consequences
- The project will not solve secrets management need of those who will not use Kubernetes.
ADRs
You can view the ADRs by browsing this following list:
- ADR-0001: Use Log4brains to manage the ADR
- ADR-0002: Use Markdown Architectural Decision Records
- ADR-0003: VSecM Will Be Scoped to Work on Kubernetes Only
- ADR-0004: Be Practically Secure
- ADR-0005: Be Resilient by Default
- ADR-0006: Be Secure by Default
- ADR-0007: Document All Public Methods
- ADR-0008: Have a Minimal and Intuitive API
- ADR-0009: Have at Least 50% Test Coverage Across the Project
- ADR-0010: Keep Non-Public Function in Separate Files from the Public Functions
- ADR-0011: Keep Things Minimal: Do One Thing Well
- ADR-0012: All Files Shall Have a SPDX License Header
- ADR-0013: Scan the Codebase for Vulnerabilities and Code Smells Regularly
- ADR-0014: Get OpenSSF Best Practices Compliance
- ADR-0015: Keep Source Code Line Length Around 80 Characters
- ADR-0016: Centralize Magic Words, Numbers, and Configuration Constants in Common Modules
- ADR-0017: VSecM OIDC Resource Server Shall Be Secure by Default“
- ADR-0018: Use Asciinema for Use Case Examples in the Documentation“
- ADR-0019: Use RESTful APIs for Communication Between Components
- ADR-0020: VSecM will not enforce expiration and invalid before time for secrets
- ADR-0021: VSecM Shall Use Environment Variables for Configuration
- ADR-0022: VSecM Shall Use the Latest Stable Dependencies