mirror of https://github.com/Luzifer/git-credential-vault.git synced 2024-09-19 08:02:57 +00:00

Implementation of the Git Credential Storage utilizing Vault as storage backend

Go to file

Knut Ahlers 3458345434 Add META files Signed-off-by: Knut Ahlers <knut@ahlers.me>		2020-04-01 15:07:41 +02:00
.gitignore	Initial version	2020-04-01 14:19:29 +02:00
.repo-runner.yaml	Add auto-build	2020-04-01 14:24:09 +02:00
go.mod	Initial version	2020-04-01 14:19:29 +02:00
go.sum	Initial version	2020-04-01 14:19:29 +02:00
LICENSE	Add META files	2020-04-01 15:07:41 +02:00
main_test.go	Initial version	2020-04-01 14:19:29 +02:00
main.go	Handle missing credentials gracefully	2020-04-01 15:05:58 +02:00
Makefile	Add auto-build	2020-04-01 14:24:09 +02:00
README.md	Add META files	2020-04-01 15:07:41 +02:00
vault.go	Handle missing credentials gracefully	2020-04-01 15:05:58 +02:00

README.md

Luzifer / git-credential-vault

git-credential-vault is an implementation of the Git Credential Storage utilizing Vault as storage backend.

The only supported action is get as storage is managed through Vault related tools / the web-UI. The tool expects to find Vault keys per host containing username / password fields in it. Those fields are then combined with the data received from git and sent back for authentication.

Expected Vault structure

secret/git-credentials
 +- github.com
 |   +- username = api
 |   +- password = verysecrettoken
 +- gitlab.com
     +- username = user
     +- password = anothertoken

Usage

# export VAULT_ADDR=http://localhost:8200
# export VAULT_TOKEN=somesecretvaulttoken
# echo -e "protocol=https\nhost=github.com\n\n" | ./git-credential-vault --vault-path-prefix secret/git-credentials get
host=github.com
username=api
password=myverysecrettoken
protocol=https