/
2025-05-27 SIG Security Minutes (Discussion on OpenBao/ESO/Vault-Config-Operator)

2025-05-27 SIG Security Minutes (Discussion on OpenBao/ESO/Vault-Config-Operator)

 

Community Attendees:

@Byung-Woo Jun

@Phil Porras

@Gaurav Kumar

@Prashant Mishra

@Francois Duthilleul

Raffaele Spazzoli

@Rahul Jadhav

Community Attendees:

LF Staff:

Agenda

Antitrust Policy

  • Action Items Review

  • Updates Secrets Manager action item

  • IaC scanning updates

Minutes

IaC Scan

  • Need a discussion with Automation team to come up with the best solution

Secrets Manager

  • Thanks Raffaele for joining the call.

  • OpenBAO and Hashicorp vault API seems to be same

  • the vault-config-operator should readily work with OpenBao since the APIs seem to match

  • ESO would be only orchestrating secrets injection within the workloads

Action items

@Prashant Mishra to check if we can handle the secrets manager demo using openbao (just by replacing hashicorp vault)
@Rahul Jadhav to talk to SIG-Automation and provide them an update on @Gaurav Kumar 's work and check for final options