https://github.com/invalidusrname/vault-demo
https://github.com/invalidusrname/vault-demo
Last synced: 4 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/invalidusrname/vault-demo
- Owner: invalidusrname
- Created: 2019-03-18T21:49:20.000Z (about 7 years ago)
- Default Branch: master
- Last Pushed: 2019-04-15T14:40:50.000Z (about 7 years ago)
- Last Synced: 2026-02-01T13:49:03.532Z (5 months ago)
- Language: HCL
- Size: 15.6 KB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Vault README
This demo repository shows how to use single source of truth for the storage of secrets
using Vault. Data items such as database passwords, api keys, etc are all stored in
configuration management here for auditing and collaborative purposes.
## Directory Structure
secret//.json
Example:
secret/
|── dev
│ ├── common.json
│ ├── my_app.json
├── prod
│ ├── common.json
│ ├── my_app.json
├── test
│ ├── common.json
│ ├── my_app.json
## Environment Variables
The following environment variables need to be setup for the app to function:
For changes to production instance of Vault:
$ export VAULT_ADDR='https://localhost:8200'
$ export VAULT_TOKEN='CHANGEME'
$ ./script/write_secrets.sh
## Setting up locally
$ docker-compose up
$ docker-compose exec vault /bin/sh
# cd /app && VAULT_TOKEN=$VAULT_DEV_ROOT_TOKEN_ID ./script/provision.sh
### Reading some stuff
# vault kv list secret/dev
# apk add jq
# vault kv get -format=json secret/dev/my_app | jq ".data[]"