Just over a month ago we released v0.2.0 of Acorn and today we are announcing v0.3.0. If you haven’t guessed, we’re targeting a monthly release cycle. You can check out the full release notes or read on for the feature highlights of the release.
Encrypting and Decrypting Sensitive Data
Getting sensitive data into a Kubernetes application has always been a challenge. A common complaint amongst Kubernetes users is that they can manage all of their resources through GitOps EXCEPT for secrets – they need to create and manage those manually. This adds friction, complexity, and human error to the deployment process. To address this, Acorn now has first-class support for encrypting and decrypting secrets.
Encrypting sensitive data is done through the acorn CLI:
acorn secret encrypt "my_root_password" ACORNENC:eyItQmxPXzRxQ1Zla2NuSGVQa0xBbGFZS2pCY2hXcTFfNU93TE...
And feeding that encrypted data into an Acorn application is just as easy:
acorn run db --root-password ACORNENC:eyItQmxPXzRxQ1Zla2NuSGVQa0xBbGFZS2pCY2hXcTFfNU93TE...
This example is just scratching the surface of this feature. To learn more, checkout our docs on using encrypted secrets.
Securing Endpoints with TLS
What’s better than TLS? Free TLS via Let’s Encrypt! With this feature, Acorn can automatically secure your app endpoints with a valid certificate. This feature takes the hassle out of certificate management. It doesn’t require any other third-party operators or CRDs – simply turn it on and Acorn-generated endpoints will be served over HTTPS. Once you install or upgrade to v0.3.0, enable the feature with the following command:
acorn install --lets-encrypt enabled
You can read about how to configure and use this feature here. In the future, we plan to add support for securing endpoints that use custom vanity domains. This will eliminate the need for other certificate management software for the majority of Acorn use cases.
Wrapping it up
Those are the major features of the v0.3.0 release. Along the way, we made many other improvements and bug fixes. Once again, thanks for your support and as alway, you can reach us on Github, Slack, Twitter, and LinkedIn with feedback or questions.