mirror of
https://github.com/Luzifer/vault2env.git
synced 2024-12-30 00:51:19 +00:00
Update README for new version
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
fa236753ec
commit
c64fa046da
1 changed files with 10 additions and 11 deletions
21
README.md
21
README.md
|
@ -1,32 +1,32 @@
|
||||||
[![Download on GoBuilder](http://badge.luzifer.io/v1/badge?title=Download%20on&text=GoBuilder)](https://gobuilder.me/github.com/Luzifer/vault2env)
|
![License](https://badges.fyi/github/license/Luzifer/vault2env)
|
||||||
[![License: Apache v2.0](https://badge.luzifer.io/v1/badge?color=5d79b5&title=license&text=Apache+v2.0)](http://www.apache.org/licenses/LICENSE-2.0)
|
|
||||||
[![Go Report Card](https://goreportcard.com/badge/github.com/Luzifer/vault2env)](https://goreportcard.com/report/github.com/Luzifer/vault2env)
|
[![Go Report Card](https://goreportcard.com/badge/github.com/Luzifer/vault2env)](https://goreportcard.com/report/github.com/Luzifer/vault2env)
|
||||||
|
|
||||||
# Luzifer / vault2env
|
# Luzifer / vault2env
|
||||||
|
|
||||||
`vault2env` is a really small utility to transfer fields of a key in [Vault](https://www.vaultproject.io/) into the environment. It uses the [`app-role`](https://www.vaultproject.io/docs/auth/approle.html), [`app-id` authentication mechanism](https://www.vaultproject.io/docs/auth/app-id.html) or simple [token authentication](https://www.vaultproject.io/docs/auth/token.html) to identify itself with the Vault server, fetches all fields in the specified key and returns export directives for bash / zsh. That way you can do `eval` stuff and pull those fields into your ENV.
|
`vault2env` is a really small utility to transfer fields of a key in [Vault](https://www.vaultproject.io/) into the environment. It uses the [`app-role`](https://www.vaultproject.io/docs/auth/approle.html) or simple [token authentication](https://www.vaultproject.io/docs/auth/token.html) to identify itself with the Vault server, fetches all fields in the specified keys and returns export directives for bash / zsh. That way you can do `eval` stuff and pull those fields into your ENV. If you don't want to use export directives you also can pass commands to `vault2env` to be executed using those environment variables.
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
In general this program can either output your ENV variables to use with `eval` or similar or it can run a program with populated environment.
|
In general this program can either output your ENV variables to use with `eval` or similar or it can run a program with populated environment.
|
||||||
|
|
||||||
```
|
```
|
||||||
# vault2env [secret path] [command]
|
# vault2env --key=<secret path> <command>
|
||||||
<program is started, you see its output>
|
<program is started, you see its output>
|
||||||
|
|
||||||
# vault2env --export [secret path]
|
# vault2env --export --key=<secret path>
|
||||||
export ...
|
export ...
|
||||||
```
|
```
|
||||||
|
|
||||||
### Using evironment variables
|
### Using evironment variables
|
||||||
```bash
|
```bash
|
||||||
# export VAULT_ADDR="https://127.0.0.1:8200"
|
# export VAULT_ADDR="https://127.0.0.1:8200"
|
||||||
# export VAULT_APP_ID="29c8febe-49f5-4620-a177-20dff0fda2da"
|
# export VAULT_ROLE_ID="29c8febe-49f5-4620-a177-20dff0fda2da"
|
||||||
# export VAULT_USER_ID="54d24f66-6ecb-4dcc-bdb7-0241a955f1df"
|
# export VAULT_SECRET_ID="54d24f66-6ecb-4dcc-bdb7-0241a955f1df"
|
||||||
# vault2env --export secret/my/path/with/keys
|
# vault2env --export --key=secret/my/path/with/keys
|
||||||
export FIRST_KEY="firstvalue"
|
export FIRST_KEY="firstvalue"
|
||||||
export SECOND_KEY="secondvalue"
|
export SECOND_KEY="secondvalue"
|
||||||
# eval $(vault2env --export secret/my/path/with/keys)
|
|
||||||
|
# eval $(vault2env --export --key=secret/my/path/with/keys)
|
||||||
# echo "${FIRST_KEY}"
|
# echo "${FIRST_KEY}"
|
||||||
firstvalue
|
firstvalue
|
||||||
```
|
```
|
||||||
|
@ -36,11 +36,10 @@ firstvalue
|
||||||
The command does differ only with its parameters specified for the different authentication mechanisms:
|
The command does differ only with its parameters specified for the different authentication mechanisms:
|
||||||
|
|
||||||
- When using AppRole you need to specify `--vault-role-id` and optionally `--vault-secret-id` if you're using the `bind_secret_id` flag for your AppRole
|
- When using AppRole you need to specify `--vault-role-id` and optionally `--vault-secret-id` if you're using the `bind_secret_id` flag for your AppRole
|
||||||
- When using AppID specify `--vault-app-id` and `--vault-user-id`
|
|
||||||
- When using Token auth only specify `--vault-token`
|
- When using Token auth only specify `--vault-token`
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
# vault2env --vault-addr="..." --vault-app-id="..." --vault-user-id="..." secret/my/path/with/keys
|
# vault2env --vault-addr="..." --vault-app-id="..." --vault-user-id="..." --key=secret/my/path/with/keys
|
||||||
export FIRST_KEY="firstvalue"
|
export FIRST_KEY="firstvalue"
|
||||||
export SECOND_KEY="secondvalue"
|
export SECOND_KEY="secondvalue"
|
||||||
```
|
```
|
||||||
|
|
Loading…
Reference in a new issue