Definitely appreciate your comment, so thank you. It means a lot.
I think fortunately, I'm not doing all that much with vault aside from initializing it, configuring k8s auth, writing some small policies depending on some inputs for the specific user, and then setting cert-manager up to use it. It's definitely one of the more simple projects to rip and replace.
But it's frustrating, for sure. I got some of my coolest code set up to unseal and initialize vault programmatically, and was hoping to eventually get it to a point where I'd be able to orchestrate that on a user's behalf without having control myself, via e2e crypto. Maybe with another CA project I could achieve the same thing. But yeah, looking at the new license file in the vault project, I'm not sure how well any of this would work out if my code was orchestrating it. And certs are pretty fundamental to the project.
I think fortunately, I'm not doing all that much with vault aside from initializing it, configuring k8s auth, writing some small policies depending on some inputs for the specific user, and then setting cert-manager up to use it. It's definitely one of the more simple projects to rip and replace.
But it's frustrating, for sure. I got some of my coolest code set up to unseal and initialize vault programmatically, and was hoping to eventually get it to a point where I'd be able to orchestrate that on a user's behalf without having control myself, via e2e crypto. Maybe with another CA project I could achieve the same thing. But yeah, looking at the new license file in the vault project, I'm not sure how well any of this would work out if my code was orchestrating it. And certs are pretty fundamental to the project.