ADR-056: No opinionated backup or secret management¶

Category: architecture Provenance: human

Decision¶

Operator does not provide built-in backup/restore or secret encryption features. Recommend external tools and support integration via Helm chart extraManifests.

Rationale¶

Secret management and backup strategies are organization-specific. Some use Vault, others AWS Secrets Manager, some Sealed Secrets. Forcing one approach reduces adoption. External Secrets Operator and Sealed Secrets are mature, well-maintained solutions - no need to reinvent. CNPG (decision 015) already provides robust database backups. Velero handles cluster-level backups including CRDs. Operator focuses on Keycloak management, not cross-cutting concerns. extraManifests (decision 044) provides integration point without coupling. Tool-agnostic design maximizes compatibility with existing infrastructure.

Agent Instructions¶

For secret management: recommend External Secrets Operator (ESO) or Sealed Secrets. Secrets from these tools can be referenced in CRD SecretKeySelector fields. For backups: recommend Velero for cluster backups, CNPG built-in backups for database. Operator does not implement backup CRDs. Users add required manifests (ExternalSecret, SealedSecret, VeleroBackup) via extraManifests in Helm charts. Document integration patterns in docs/ but do not enforce specific tools. Operator remains tool-agnostic.

Rejected Alternatives¶

Build backup CRDs into operator¶

Would require maintaining backup storage connectors (S3, GCS, Azure Blob). Duplicates Velero and CNPG functionality. Increases complexity.

Integrate specific secret manager (Vault)¶

Vendor lock-in. Many organizations use different secret managers. ESO provides abstraction layer.

Too opinionated. Users may have existing tool choices. Better to show integration patterns for multiple options.