https://github.com/sapcc/mutavault

Additional utilities for interacting with Hashicorp Vault
https://github.com/sapcc/mutavault

Last synced: about 1 year ago
JSON representation

Additional utilities for interacting with Hashicorp Vault

• Host: GitHub
• URL: https://github.com/sapcc/mutavault
• Owner: sapcc
• License: apache-2.0
• Archived: true
• Created: 2024-02-26T13:18:20.000Z (over 2 years ago)
• Default Branch: master
• Last Pushed: 2024-08-23T03:33:50.000Z (almost 2 years ago)
• Last Synced: 2025-03-11T19:49:31.160Z (over 1 year ago)
• Language: Go
• Size: 83 KB
• Stars: 4
• Watchers: 43
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Mutavault

mutavault provides additional utilities for interacting with Hashicorp Vault.

## Installation

```sh

git clone github.com/sapcc/mutavault

cd mutavault

make

```

## Usage

The vault address is read from `VAULT_ADDR` the environment variable respectively.

The token is read from the `VAULT_TOKEN` the environment variable or the `~/.vault-token` file created by `vault login`.

### kv

The `kv` subcommand interacts with a kvv2 engine.

Use the `-mount=path` argument to specify the mountpoint.

The following subcommands are available:

- listall: List all accessible paths in a kv engine

- getcustommetas: Gets the custom metadata of provided paths to secrets

- setcustommetas: Takes custommetadata and paths on stdin and updates vault

These comannds can be combined to update the `custom_metadata` of multiple secrets in a single pipeline, e.g.:

```

mutavault kv -mount=path listall | grep secrets-i-care-about | xargs mutavault kv -mount=path getcustommetas | jq '.[].val = "banana"' | mutavault kv -mount=path setcustommetas

```