https://github.com/7mind/ghpub
NodeJS script which sets up a repository with secrets for Scala/Nuget/etc publishing
https://github.com/7mind/ghpub
Last synced: about 1 month ago
JSON representation
NodeJS script which sets up a repository with secrets for Scala/Nuget/etc publishing
- Host: GitHub
- URL: https://github.com/7mind/ghpub
- Owner: 7mind
- Created: 2022-12-23T18:26:37.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-06-18T16:42:55.000Z (about 2 years ago)
- Last Synced: 2024-06-18T21:09:57.728Z (about 2 years ago)
- Language: TypeScript
- Size: 78.1 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# ghpub
NodeJS script which sets up a repository with secrets for Scala/Nuget/etc publishing
## Intended use
1. Have Hashicorp Vault address set in `VAULT_ADDR` environment variable with LDAP authentication configured,
2. Run `export VAULT_TOKEN=$(vault login --method=ldap --field token username=$USER)`. If you use other login method, change the command accordingly. If you use LDAP, you may just run `source auth-ldap.sh`.
3. Run `./pub-prepare --owner GITHUBPREFIX --repo GITHUBREPO`
The script expects Vault to have mount `ghpub` configured with versioned v2 KV storage. The mount name can be altered with a command line option (use `--help`)
## Fill the vault
### Automatically
```bash
./pub-prepare --owner 7mind --repo test --writeVault true --readVault false
```
This will read the secrets from terminal and write them into vault.
### Manually
Vault may be provisioned with a script like:
```bash
#!/usr/bin/env bash
set -x
set -e
vault kv put -mount=$VPATH github token=ghp_blah123
vault kv put -mount=$VPATH nuget token=oyblah123
vault kv put -mount=$VPATH sonatype user=7mind password=blah123 email=team@7mind.io
```