Matti Niemelä

I hope you don't end up using exit codes. That would have a really bad smell to it, since I've never come across another tool that would report success (or...

This is 100% my opinion: SSH already provides a way to solve the mentioned problem (namely `IdentitiesOnly=yes` and `IdentityFile=key-created-in-Secretive-and-this-file-contains-its-public-key.pub`. I hope development work and efforts are directed towards features that...

This is what I have done with a kustomize + flux cd repo: regenerate.sh ``` #!/usr/bin/env bash set -euo pipefail HELM_OPERATOR_VERSION=1.2.0 helm repo list | grep fluxcd &>/dev/null || helm...

I'm curious, wouldn't the TF-created token need to be stored in the Terraform state? Since the token cannot be re-read from the API, it must be stored in the terraform...

Wow, I had no idea that terraform-enabled protection didn't protect against `terraform destroy`! Yikes!

@moolen Thanks, but that is a completely different thing to mTLS. mTLS requires you to have a key+cert present for ALL requests to Vault. They do not provide any identity...

For authentication I use OIDC (personal login), AppRole, JWT (gitlab $CI_JOB_JWT) and also the Kubernetes backend for Kubernetes auth. Altough I fail to see the relevance of my auth methods...

@gusfcarvalho Can you please read this carefully: I am not talking about auth methods right now. I am talking about the actual TLS connection to the Vault **itself**. In my...

Ok, I misunderstood what you were saying, my bad!

Exactly the same problem. `terraform plan` works A-OK but PHPStorm doesn't find the module files EDIT: This got fixed by just restarting the IDE.