Agustín Martínez Fayó

The possibility to introduce a disk-based SVIDStore plugin has been explored in #2647. When a new built-in plugin is being introduced, it's crucial to analyze the different usability patterns and...

>The agent relies on explicit configuration to determine what to expect (i.e. another configurable in the agent configuration). I'm inclined to this option. IMO seems to be the most simple...

Thank you for taking this, @guilhermocc!

Thank you @evan2645 for your feedback. >I am wondering if you have considered a "push" approach rather than a "pull" approach, e.g. by pushing SVIDs into platform-specific secret stores rather...

Thank you @efe-selcuk for your observations. > The aws-iam-authenticator does something similar, and there have been some learnings about its shortcomings that I recently read. We will be working on...

Thank you @mweissbacher for the feedback, it's really helpful! We are exploring all the options, including how a push model would look like. We should be able to share an...

Thank you @mtitolo for you comment, it's very valuable for us to get this kind of feedback. >The first thing I'd like to do is clear up the misconception that...

Based on all the feedback received, we explored some alternatives using a push model. We explored options that include the development of external helper programs and also options that introduce...

>I'm assuming rotation of the certificates is same as with other plugin types, at half-life? @mweissbacher Correct. This is designed to run on top of the cache manager implementation, so...

This is a fork of SPIRE with the POC that is being developed: - https://github.com/MarcosDY/spire/tree/agentless_proposal - Diff: https://github.com/MarcosDY/spire/pull/1/files