Who is the customer behind the request?

Telco.

What is the nature and description of the request?

The customer needs to securely hydrate a custom resource from information stored in Hashicorp Vault. The External Secrets Operator has an implementation for just this feature in code review. We need to prioritize completion of the implementation, and a Red Hat supported operator release.

Why does the customer need this? (List the business requirements here)

The customer is in a highly regulated environment, and needs to configure a CoreOS user password hash using a machine config. This password hash cannot be stored in git. And they would like a general facility for securely sync'ing other custom resources from Vault in the future.

The customer has been considering use of the Argo CD Vault plugin. However, the Argo CD project discourages the use of Argo CD plugins now due to performance impacts and implementation complexity, and the customer strongly prefers a supported solution.

How would the customer like to achieve this? (List the functional requirements here)

Using the ESO Sync Custom Resources implementation.

For each functional requirement listed, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented.

An appropriate test would be to specify an ExternalSecret to create a machine config that sets a user's (e.g. the `core` user's) password hash.

Does the customer have any specific timeline dependencies and which release would they like to target?

ASAP, or January 2026, if possible. Next generation mobile core infrastructure is being implemented and replacing the workaround before going to customer production is important.