I'm starting to wonder if this is intentional to make it harder or impossible to do this with helm, since the "community" version of this fully open source project has a hard-coded disable for upgrades, and well, having a helm chart provides an upgrade path for something that #EnvKey seems to be attempting to paywall.
This unfortunately has the opposite effect than they are probably wishing it has, in that I'm less likely to continue to want use the paid EnvKey, or EnvKey at all.
So, given these shenanigans, the reason to consider #EnvKey over #Infisical is that EnvKey is, on-paper, fully FOSS where Infisical is "open core". But Infisical has no problem with you shipping their "community" version with a helm chart. They even provide one!
I'm all for adopting a FOSS project that almost meets my needs and making it better until it does, but seeing EnvKey do some apparent self-sabotage really turns me off from wanting to contribute to it.
I do understand that the company behind EnvKey needs a stream of revenue. But in practice it seems quite tricky finding the right balance when offering both FOSS and proprietary solutions. I guess the conflict of interest is kinda hard to avoid!?
Not sure what to make of it all.
I think a lot of companies will continue with Vault, or other proprietary SaaS solutions. But that won’t do for those who want a fully FOSS solution.
I have a feeling that more resources needs to be poured into FOSS solutions for #SecretsManagement so that the products can get a chance to mature further.
@giffengrabber I agree to all of the above. The fact that #Hashicorp#Vault existed and was so ubiquitous for so long has meant that other FOSS competition just hasn't matured at the same pace.
There is absolutely a business opportunity here for a fully FOSS, commercially supported key manager. If it has a clean web UI and CLI; can run on/integrate with cloud envs, kubernetes, and CI/CD environments; and supports RBAC, it'll become popular real fast.
@giffengrabber As far as the commercial support side, there's plenty of opportunities for curated a hosted experience and providing support for handling upgrades and such for self-hosted users without needing to go open core with it, especially if it integrates with cloud provider kms stores as well. IOW, it just needs to basically do what Vault has already been for us.
Yeah I will be “watching this space”, there seems to be quite much room for improvement.
While where on the topic of credentials, have you ever looked into Teleport?
They seem to aim for developing solutions that avoid the need of sending stuff like API keys around. The idea seems to be to use short-lived certificates instead, when possible. Quite interesting.
@vwbusguy PS. Make of this what you will, but you might want to consider filing an issue (or start new discussion thread) on GitHub regarding the web sockets thing. Not sure why they did it that way, but it could be pure oversight.
Add comment