Open Stack

Mikhail Fedosin wrote:
>             Does the above mean you are implementing a share secret storage
>             solution or that you are going to use an existing solution like
>             Barbican that does that?
> 
>         Sectets is a plugin for Glare we developed for Nokia CloudBand
>         platform,   and they just decided to opensource it. It doesn't
>         use Barbican, technically it is oslo.versionedobjects class.
> 
>     Sorry to hear that you opted not to use Barbican.
> 
> I think it's only because Keycloak integration is required by Nokia's
> system and Barbican doesn't support it. 

Any technical reason why it couldn't be added to Barbican ? Any chance
Keycloak integration could be added as a Castellan backend ? Secrets
management is really one of those things that should *not* be reinvented
in every project. It is easier to get wrong than people think, and you
end up having to do security audits on 10 repositories instead of one.

-- 
Thierry Carrez (ttx)