GSoC Final Submission

This page describes the work I have done over three months (June - September) for deepmind/kapitan as a student in GSoC 2020. I was warmly mentored by Pawel and Ricardo during the course of my work.

Task 1: Remote Inventory Federation

This feature allows kapitan to fetch inventory items from remote sources during compile time recursively. The original issue can be viewed here.

The documentation can be viewed here and the code can be found on this and this PR on GitHub.

Contributing to this task made me more aware of opensource best practices and made me more efficient in debugging. Few issues related to Python & Golangs' environment configuration accompanied by slow download speed impeded my ability to test the code. I overcame this challenge by setting up TravisCI on my GitHub account for testing.

Merged

Inventory
Secret Manager

Task 2: GCP Secret Manager Secret Backend (read-only)

This feature enables kapitan users to access secrets stored in GCP Secret Manager. The original issue can be viewed here.

The documentation and code can be found in this PR on GitHub.

Todo:

  • This feature can be extended to upload secrets to GCP Secret Manager.

The main challenge in this task was to figure out the working of Ref Backends due to its complex yet elegant design. A key takeaway from this task is my refined understanding of Object Oriented Design and the fundamentals of GCP. Furthermore, I also learned about pyinstaller hooks while tackling a build breaking bug.

Merge pending

commit 0529773cf58b9e021a3d5f43c3cbae863a566fa2

Task 3: Azure KMS Secret Backend

This feature enables users to use encryption keys from Azure KeyVault to encrypt their secrets locally. The original issue can be viewed here.

The documentation and code and be viewed in this PR on GitHub.

This task made me realize the subtle difference between the GCP and Azures' services to solve similar problems.

Merged

KeyVault
Packaging

Task 4: Modularize Kapitan

This packages kapitan into essential modules and addon modules for uploading to PyPI. The original issue can be viewed here.

The documentation and code and be viewed in this PR on GitHub.

Todo:

  • Make gsm and azkms as addon modules once they are merged.

This helped me develop a deeper understanding of PyPI packaging and wheels.

Merge pending