https://github.com/nagyesta/lowkey-vault-example-docker

POC example for using Lowkey Vault with Docker
https://github.com/nagyesta/lowkey-vault-example-docker

Last synced: 13 days ago
JSON representation

POC example for using Lowkey Vault with Docker

• Host: GitHub
• URL: https://github.com/nagyesta/lowkey-vault-example-docker
• Owner: nagyesta
• License: mit
• Created: 2022-07-24T21:25:23.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2024-09-10T17:01:21.000Z (about 2 months ago)
• Last Synced: 2024-09-11T09:57:15.194Z (about 2 months ago)
• Language: Handlebars
• Size: 248 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • Contributing: CONTRIBUTING.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md
  • Security: SECURITY.md

Awesome Lists containing this project

README

        
![LowkeyVault](https://raw.githubusercontent.com/nagyesta/lowkey-vault/main/.github/assets/LowkeyVault-logo-full.png)

[![GitHub license](https://img.shields.io/github/license/nagyesta/lowkey-vault-example-docker?color=informational)](https://raw.githubusercontent.com/nagyesta/lowkey-vault-example-docker/main/LICENSE)

[![Docker test](https://img.shields.io/github/actions/workflow/status/nagyesta/lowkey-vault-example-docker/docker.yml?logo=github&branch=main)](https://github.com/nagyesta/lowkey-vault-example-docker/actions/workflows/docker.yml)

[![Lowkey secure](https://img.shields.io/badge/lowkey-secure-0066CC)](https://github.com/nagyesta/lowkey-vault)

# Lowkey Vault - Example Docker

This is an example for [Lowkey Vault](https://github.com/nagyesta/lowkey-vault). It shows how you can start Lowkey Vault

while using most of the features it provides.

### Points of interest

* [docker/example.sh](docker/example.sh) shows how you can

  * start up your Lowkey Vault container attaching the [keyvault.json.hbs](docker/import/keyvault.json.hbs)

    backup file from the import sub-folder as well as using an external configuration file named 

    [application.properties](docker/config/application.properties) from the config sub-folder. 

  * start up an Assumed Identity container listening on port 8080 (only needed for the Managed Identity tests).

* [docker-compose/docker-compose.yml](docker-compose/docker-compose.yml) shows how to 

  * start up your container using Docker compose including the import of the 

    [keyvault.json.hbs](docker-compose/import/keyvault.json.hbs) backup and use configuration overrides from

    [application.properties](docker-compose/config/application.properties).

  * start up an Assumed Identity container listening on port 8080 (only needed for the Managed Identity tests).

* [docker-compose-multiarch/docker-compose.yml](docker-compose-multiarch/docker-compose.yml) shows how you need to

  change the Docker compose setup to use a multiarch image and achieve the same outcome, i.e. 

  * import the [keyvault.json.hbs](docker-compose-multiarch/import/keyvault.json.hbs) backup and load the 

    configuration from [application.properties](docker-compose-multiarch/config/application.properties).

  * start up an Assumed Identity container listening on port 8080 (only needed for the Managed Identity tests).

* The two sets of tests are the following

  * [example_test.go](test/example_test.go) contains the core set of tests using the Lowkey Vault container with a

    `FakeCredential` for authentication.

  * [example_managed_id_test.go](test/example_managed_id_test.go) is focusing on the changes that are necessary to

    allow using the `DefaultAzureCredential` utilizing the fake Managed Identity tokens provided by the Assumed

    Identity container. For these cases to work, please  don't forget to set the following environment variables:

    * `IDENTITY_ENDPOINT` pointing to the Assumed Identity containers token endpoint. 

      e.g., http://localhost:8080/metadata/identity/oauth2/token

    * `IDENTITY_HEADER` using the word `header` (won't be used, just needed for an exists check)