{"id":27040433,"url":"https://github.com/ldb/vaulter-white","last_synced_at":"2025-04-05T03:29:12.625Z","repository":{"id":57520781,"uuid":"129520537","full_name":"ldb/vaulter-white","owner":"ldb","description":"A tool to pass Vault secrets to other processes via environment variables.","archived":false,"fork":false,"pushed_at":"2019-01-28T16:01:56.000Z","size":20,"stargazers_count":32,"open_issues_count":0,"forks_count":2,"subscribers_count":0,"default_branch":"master","last_synced_at":"2024-06-19T02:06:19.730Z","etag":null,"topics":["golang","vault"],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ldb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-04-14T13:41:17.000Z","updated_at":"2024-06-19T02:06:19.731Z","dependencies_parsed_at":"2022-09-26T18:01:06.728Z","dependency_job_id":null,"html_url":"https://github.com/ldb/vaulter-white","commit_stats":null,"previous_names":["cosmonawt/vaulter-white"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ldb%2Fvaulter-white","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ldb%2Fvaulter-white/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ldb%2Fvaulter-white/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ldb%2Fvaulter-white/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ldb","download_url":"https://codeload.github.com/ldb/vaulter-white/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247284910,"owners_count":20913691,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["golang","vault"],"created_at":"2025-04-05T03:29:12.087Z","updated_at":"2025-04-05T03:29:12.609Z","avatar_url":"https://github.com/ldb.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# vaulter-white\nA tool to pass Vault secrets to other processes via environment variables.\n\n[![Build Status](https://travis-ci.org/cosmonawt/vaulter-white.svg?branch=master)](https://travis-ci.org/cosmonawt/vaulter-white)\n[![Go Report Card](https://goreportcard.com/badge/github.com/cosmonawt/vaulter-white)](https://goreportcard.com/report/github.com/cosmonawt/vaulter-white)\n\n## About\nvaulter-white reads secrets from [Vault](https://vaultproject.io) and passes them into a newly spawned process using environment variables.\nIt is particularly useful in containerized applications. For example it can be set as the `ENTRYPOINT` in a Docker container to retrieve production Keys for your App.\nAfter loading the secrets into the environment (while also including all existing variables) it will replace itself with a freshly spawned instance of the configurable process.\n\n_Note:_ At the moment only [AppRole](https://www.vaultproject.io/docs/auth/approle.html) authentication is supported.\n\n## Configuration\nvaulter-white is configured via vaulter-white.yaml which will be read from the current directory if not specified otherwise using the `-c` flag.\n\n_Example:_\n```yaml\ncommand: [\"bash\", \"-c\", \"env\"]         # Specifies the command to run after loading the secrets.\nhost: http://vault.rocks:8200          # Host of Vault server.\nhostEnv: HOST                          # If \"host\" is not set, it will be read from this environment variable.\nroleId: myAppRole                      # RoleID for AppRole Authentication in Vault.\nroleIdEnv: ROLE_ID                     # If \"roleId\" is not set, it will be read from this environment variable.\nsecretId: mySuperSecretId              # SecretID for AppRole Authentication in Vault.\nsecretIdEnv: SECRET_ID                 # If \"secretId\" is not set, it will be read from this environment variable.\nsecretMount: /secret/appConfig/        # \"secretMount\" contains the path to the secret backend holding your keys in Vault.\nsecrets:                               # \"secrets\" is a collection of environment variable name overrides for each key.\n  awsConfig:\n    region: AWS_REGION\n    access_key_id: AWS_KEY_ID\n    secret_access_key: AWS_SECRET_KEY\n  googleAPI:\n    apiKey: GOOGLE_API_KEY\n\n```\n\n- `command` is optional and can be passed as command line argument as well (for example: `vaulter-white -c config.yaml bash -c env`).\n- `host` will be read from the environment if not set (either by looking at `hostEnv` or using `VAULT_HOST` as a fallback). This makes it easy to include vaulter-white in Docker images that are built by CI.\n- `secretId` will also be read from the environment if not set (either by looking at `secretIdEnv` or using `VAULT_SECRET_ID` as a fallback).\n- `roleId` will also be read from the environment if not set (either by looking at `roleIdEnv` or using `VAULT_ROLE_ID` as a fallback).\n- `secrets` is optional as well. Any keys not listed there will be exported as `SECRETNAME_KEY=value`.\n\n_Note:_ Secret values should always store flat data types and no marshaled data (e.g JSON Objects). Values that are not strings will be exported as JSON.\n\n## Run\n\nTo pass the configuration use the `-c` flag: `vaulter-white -c configuration.yaml`\nIf no command was specified in the configuration it should be passed as a commandline argument: `vaulter-white -c config.yaml bash -c env`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fldb%2Fvaulter-white","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fldb%2Fvaulter-white","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fldb%2Fvaulter-white/lists"}