86bcbb6efd
* add edge-3 Signed-off-by: Volkan Özçelik <me@volkan.io> * remove unused addons Signed-off-by: Volkan Özçelik <me@volkan.io> * update missing bundle entry Signed-off-by: Volkan Özçelik <me@volkan.io> --------- Signed-off-by: Volkan Özçelik <me@volkan.io> |
||
|---|---|---|
| .github/workflows | ||
| app | ||
| assets | ||
| ci | ||
| config | ||
| dockerfiles | ||
| docs | ||
| docs-src | ||
| examples | ||
| hack | ||
| internal | ||
| makefiles | ||
| .gitignore | ||
| .golangci.yml | ||
| CNAME | ||
| CODEOWNERS | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| CONTRIBUTING_DCO.md | ||
| LICENSE | ||
| MAINTAINERS.md | ||
| Makefile | ||
| README.md | ||
| SECURITY.md | ||
| drafts.txt | ||
| go.mod | ||
| go.sum | ||
| jira.xml | ||
| qodana.yaml | ||
| tools.go | ||
README.md
Secure Production Identity for Key Encryption (SPIKE)
SPIKE is a lightweight secrets store that uses SPIFFE as its identity control plane.
SPIKE protects your secrets and helps your ops, SREs, and sysadmins
#sleepmore.
For more information, see the documentation.
The Elevator Pitch
SPIKE is a streamlined, highly reliable secrets store that leverages SPIFFE framework for strong, production-grade identity control.
Built with simplicity and high availability in mind, SPIKE empowers ops teams,
SREs, and sysadmins to protect sensitive data and #sleepmore by securing
secrets across distributed environments.
Key components include:
- SPIKE Nexus: The heart of SPIKE, handling secret encryption, decryption, and root key management.
- SPIKE Keeper: A redundancy mechanism that safely holds root keys in memory, enabling fast recovery if Nexus fails.
- SPIKE Pilot: A secure CLI interface, translating commands into mTLS API calls, reducing system vulnerability by containing all admin access.
With its minimal footprint and robust security, SPIKE provides peace of mind for your team and critical data resilience when it counts.
Project Maturity: Development 
SPIKE is a SPIFFE-affiliated project that has reached Development maturity as defined in the SPIFFE Project Lifecycle. This means:
- SPIKE is functionally stable and suitable for broader experimentation and community involvement.
- SPIKE is not yet production-ready, and certain features or interfaces may continue to evolve.
- Stability and polish are improving, but users should expect occasional bugs or breaking changes.
We invite developers and early adopters to explore, test, and contribute. Your input is invaluable in helping us shape a robust and reliable product.
Use in critical systems is not advised at this time. We'll announce when the project is ready for production adoption.
🦔 Thanks for your patience and support. We welcome your thoughts at 📬 team@spike.ist.
Getting Your Hands Dirty
Check out the quickstart guide to start playing with the project.
You can also read the documentation to learn more about SPIKE's architecture and design philosophy.
A Note on Security
We take SPIKE's security seriously. If you believe you have found a vulnerability, please responsibily disclose it to security@spike.ist.
See SECURITY.md for additional details.
Community
Open Source is better together.
If you are a security enthusiast, join SPIFFE's Slack Workspace and let us change the world together 🤘.
Links
- Homepage and Docs: https://spike.ist
- Community:
Folder Structure
Here are the important folders and files in this repository:
./app: Contains SPIKE components' source code:./app/keeper: SPIKE Keeper./app/nexus: SPIKE Nexus./app/spike: SPIKE Pilot
./config: Contains configuration files to run SPIRE in a development environment../docs: Public documentation../hack: Useful scripts to build and test the project../internal: Internal modules shared among SPIKE components.
Code Of Conduct
Contributing
To contribute to SPIKE, follow the contributing guidelines to get started.
Use GitHub issues to request features or file bugs.