{"id":37116110,"url":"https://github.com/indellient/vault-helper","last_synced_at":"2026-01-14T13:37:30.856Z","repository":{"id":47008554,"uuid":"149511147","full_name":"Indellient/vault-helper","owner":"Indellient","description":null,"archived":false,"fork":false,"pushed_at":"2021-09-17T14:16:57.000Z","size":70,"stargazers_count":2,"open_issues_count":0,"forks_count":2,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-06-19T15:17:16.698Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Indellient.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-09-19T20:55:04.000Z","updated_at":"2021-09-17T14:16:52.000Z","dependencies_parsed_at":"2022-09-26T20:11:14.107Z","dependency_job_id":null,"html_url":"https://github.com/Indellient/vault-helper","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/Indellient/vault-helper","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Indellient%2Fvault-helper","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Indellient%2Fvault-helper/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Indellient%2Fvault-helper/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Indellient%2Fvault-helper/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Indellient","download_url":"https://codeload.github.com/Indellient/vault-helper/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Indellient%2Fvault-helper/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28421398,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T13:30:50.153Z","status":"ssl_error","status_checked_at":"2026-01-14T13:29:08.907Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-01-14T13:37:30.065Z","updated_at":"2026-01-14T13:37:30.839Z","avatar_url":"https://github.com/Indellient.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# vault-helper\n\n## Summary\n\nThis is the vault-helper repo built using golang and Habitat.\n\n## Building\n\nTo build the repo, check it out from GitHub, and enter a local studio. Run `build`, the resulting binaries are output\nto `bin/vault-helper-*`, and packaged in to the Habitat .hart file.\n\nYou can specify `DO_INSTALL=false` if you want a quick `build` command that lets you iterate on the build + test + change \ncycle without Habitat getting in the way.\n\n## Unit Test\n\nThe only package that has unit tests right now is the `vault` package, specifically the `Client{}` object. This is \nmostly to cover cases where we may get invalid input from a user.\n\nUnit tests are run with every `build` in the studio.\n\n## Integration Test\n\nThere are some InSpec tests that can be invoked to perform a basic set of integration tests. Perform the following steps\non your system to run the tests:\n\n```\nme@mybox ~/vault-helper $ rm -rf results \u0026\u0026 hab studio build -D\nme@mybox ~/vault-helper $ kitchen converge \"vault\" --concurrency=1\nme@mybox ~/vault-helper $ kitchen verify vault-helper\nme@mybox ~/vault-helper $ kitchen destroy \"vault\"\n```\n\nNote that the Test Kitchen environment does not use the `kitchen-habitat` plugin, as we need to bootstrap a very minimal\nenvironment to run our `vault-helper` InSpec tests against.  `vault-helper` tests do not require a running hab service,\nbut do require a valid Vault instance to perform tests against (see `.kitchen.yml` for more info).\n\n## Invocation\n\nYou can specify the following environment variables to help mask secret information from the system `vault-helper` is\nrunning on.\n\n`VAULT_ADDR`        - Vault URL\n`VAULT_SKIP_VERIFY` - Set to `true` to disable SSL cert checking\n`VAULT_ROLE_ID`     - The vault approle role id\n`VAULT_SECRET_ID `  - The vault approle secret id\n`VAULT_TOKEN`       - The vault token\n\nTo avoid conflicts with habitat double-curly-braces replacements in files, use double-parens instead: `((.username))`\n\nSee --help for more information and detailed invocation examples.\n\n## Caveats\n\nBelow are a list of known caveats with `vault-helper`.  If you find other limitations with it, please update this section.\n\n### Vault Keys with Hyphens\n\nVault keys can have a hyphen, as long as it's double-quoted.  Due to how the GO template engine works, when specifying\na substitution like: `(( \".user-name\" ))`, that key `user-name` must be double-quoted.\n\n### Secret Replacement\n\n`vault-helper` assumes that all secrets at a given path like `secret/data/jenkins/admin` are to be parsed on a single\nfile at a time.  This is in part due to how `vault-helper` parses and re-writes the file to disk, as well as to simplify\nmanagement of secrets.\n\nVault helper supports either kv-v1 or kv-v2 secret stores, make sure to pass the correct `--path` in at invocation time.\n\nA good rule-of-thumb is to make sure you invoke `vault-helper` once on a single file at a given time.  Do not put secrets\nat different paths in the same file to be parsed by `vault-helper`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Findellient%2Fvault-helper","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Findellient%2Fvault-helper","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Findellient%2Fvault-helper/lists"}