Retrieves secrets from Vault and saves to disk as JSON files
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Vladimir Smagin 3f0e6bb4a1 Изменить 'README.md' 1 month ago
test import 2 months ago
.gitignore import 2 months ago
README.md Изменить 'README.md' 1 month ago
go.mod import 2 months ago
go.sum import 2 months ago
main.go import 2 months ago
test-config.yaml import 2 months ago
vault.go import 2 months ago

README.md

Vault secrets retriever

This small program can retrieve secret from Vault’s path and save as local json file.

Config and run

You need to create a config file somewhere (or mount it from Secret resource) and provide ENV variable with path to this file.

Sample config file with connection parameters and secrets:

vault:
  address: https://vault.blindage.org
  token: s.otBH1tQ5IMDZRBJC1SEuTEPX
secrets:
  - path: /ssh-vault-test/public/vlad
    file: test/secret-vlad.json
  - path: /ssh-vault-test/public/anya
    file: test/secret-anya.json

Use variable VAULT_RETRIEVER_FILE to set filename with connection parameters and secrets to retrieve:

VAULT_RETRIEVER_FILE=test-vault.yaml ./vault-retriever

If no vault section defined in config file program will check variables VAULT_RETRIEVER_ADDRESS and VAULT_RETRIEVER_TOKEN:

export VAULT_RETRIEVER_ADDRESS=https://vault.blindage.org
export VAULT_RETRIEVER_TOKEN=s.otBH1tQ5IMDZRBJC1SEuTEPX
export VAULT_RETRIEVER_FILE=test-vault.yaml 
./vault-retriever

Good luck.


Copyright by Vladimir Smagin (21h) 2019
http://blindage.org email: 21h@blindage.org
Project page: https://git.blindage.org/21h/vault-retriever