Skip to main content

OpenBao's Roadmap and Community Direction for 2025-2026

· 3 min read
Alex Scheel
Alex Scheel

As the summer of 2025 closed, OpenBao's Dev WG and TSC put together and approved a new technical direction and roadmap for 2025-2026. But before we get into the details, I think is important to look back at and celebrate what all we've accomplished this year:

  1. Many technical initiatives have landed, from namespaces to transactional storage, to CEL support, and many smaller things in between.

  2. Many continuing working groups and large technical initiates have been started, from the horizontal scalability WG, focused on read scalability; the UI WG, focused on a rewrite of our EmberJS Web UI into React; to the PKCS#11/KMS WG, focused on including external keys into OpenBao. Thank you to everyone who participates in these!

  3. Many, many contributions from many, many contributors! We welcomed:

    • 741 commits to main,
    • 287 contributors in the past year,
    • 10 new committers, and
    • 4 new moderators!

    And like I say nearly every meeting, a special thanks to all net-new contributors! A fresh set of eyes brings wonders to a storied project, and often revisiting earlier design choices let us improve the experience.

And yes, not everything on the 2024-2025 roadmap was completed. Don't worry, you can still contribute items from it if you want! But for a community just starting out, with its first formal direction proposal, I think the response we got exceeded my wildest expectations.

Much like last year, this roadmap opens with three major categories:

  1. "Operator Experience": to enable easier or safer operation of OpenBao, through changes like profiles, break-glass and backup/restore procedures, and improved monitoring capabilities;
  2. "Scalability": to improve optimization and utilization of OpenBao in large, complex environments; and
  3. "Sustainability": to ensure the long-term viability of the code base, react to changing secrets management directives, and stabilize our ability to maintain the project indefinitely.

Together, these spell OSS, reaffirming our commitment to an open-source project lead under open governance principals.

Like last time, our roadmap features several items I'd especially like to highlight:

  1. Expanding CEL Support for non-ACL policies, in the profile system, and other plugins. This allows greater operator control over authentication and authorization. Operator Experience.
  2. Lazy loading of mounts, namespaces, removing them from memory when no requests have accessed the path in a while. This would allow OpenBao to be substantially over-committed if workload allows. Scalability.
  3. KMIP Server for Transit and PKCS#11 client for Transit, to allow consumption and safe usage of Transit-stored keys from other servers via KMIP and PKCS#11 protocols. Sustainability.
  4. Usage guides and tutorials for various components. Sustainability.
  5. Versioned documentation so that pre-release features do not show in the documentation by default and documentation for particular releases are maintained accordingly. Sustainability.
info

Interested in some of these features? We need your help!

React (👍) to issues on GitHub to show your support, help contribute use cases or design documents, or submit code implementing these features! If you need help getting started, just reach out!