Retrieves secrets from Vault and saves to disk as JSON files
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Vladimir Smagin dd11c004d9
readme fix
3 weeks ago
test import 3 weeks ago
.gitignore import 3 weeks ago
README.md readme fix 3 weeks ago
go.mod import 3 weeks ago
go.sum import 3 weeks ago
main.go import 3 weeks ago
test-config.yaml import 3 weeks ago
vault.go import 3 weeks ago

README.md

Vault secrets retriever

Sample config file with connection parameters and secrets. You can store it inside docker image or mount during deployment process.

vault:
  address: https://vault.blindage.org
  token: s.otBH1tQ5IMDZRBJC1SEuTEPX
secrets:
  - path: /ssh-vault-test/public/vlad
    file: test/secret-vlad.json
  - path: /ssh-vault-test/public/anya
    file: test/secret-anya.json

Use variable VAULT_RETRIEVER_FILE to set filename with connection parameters and secrets to retrieve.

VAULT_RETRIEVER_FILE=test-vault.yaml ./vault-retriever

If no vault section defined in config file program will check variables VAULT_RETRIEVER_ADDRESS and VAULT_RETRIEVER_TOKEN.

export VAULT_RETRIEVER_ADDRESS=https://vault.blindage.org
export VAULT_RETRIEVER_TOKEN=s.otBH1tQ5IMDZRBJC1SEuTEPX
export VAULT_RETRIEVER_FILE=test-vault.yaml 
./vault-retriever

If you want to start it inside Docker or Kubernetes provide these ENV variables to your container during run.


Copyright by Vladimir Smagin (21h) 2019
http://blindage.org email: 21h@blindage.org
Project page: https://git.blindage.org/21h/vault-retriever