mirror of
https://github.com/Luzifer/git-credential-vault.git
synced 2024-12-22 18:51:16 +00:00
Implementation of the Git Credential Storage utilizing Vault as storage backend
|
||
---|---|---|
.gitignore | ||
.repo-runner.yaml | ||
go.mod | ||
go.sum | ||
LICENSE | ||
main.go | ||
main_test.go | ||
Makefile | ||
README.md | ||
vault.go |
Luzifer / git-credential-vault
git-credential-vault
is an implementation of the Git Credential Storage utilizing Vault as storage backend.
The only supported action is get
as storage is managed through Vault related tools / the web-UI. The tool expects to find Vault keys per host containing username
/ password
fields in it. Those fields are then combined with the data received from git and sent back for authentication.
Expected Vault structure
secret/git-credentials
+- github.com
| +- username = api
| +- password = verysecrettoken
+- gitlab.com
+- username = user
+- password = anothertoken
Usage
# export VAULT_ADDR=http://localhost:8200
# export VAULT_TOKEN=somesecretvaulttoken
# echo -e "protocol=https\nhost=github.com\n\n" | ./git-credential-vault --vault-path-prefix secret/git-credentials get
host=github.com
username=api
password=myverysecrettoken
protocol=https