https://github.com/silentsokolov/dagster-hashicorp
Package for integrating Hashicorp Vault with Dagster.
https://github.com/silentsokolov/dagster-hashicorp
dagster hashicorp vault
Last synced: 4 months ago
JSON representation
Package for integrating Hashicorp Vault with Dagster.
- Host: GitHub
- URL: https://github.com/silentsokolov/dagster-hashicorp
- Owner: silentsokolov
- License: mit
- Created: 2022-07-06T16:02:50.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2023-08-23T04:45:25.000Z (about 2 years ago)
- Last Synced: 2025-04-24T02:12:44.786Z (6 months ago)
- Topics: dagster, hashicorp, vault
- Language: Python
- Homepage:
- Size: 81.1 KB
- Stars: 10
- Watchers: 1
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
![]()
[](https://github.com/silentsokolov/dagster-hashicorp/actions/workflows/build.yml) [](https://codecov.io/gh/silentsokolov/dagster-hashicorp)
# dagster-hashicorp
A package for integrating [Hashicorp Vault](https://www.vaultproject.io/) with [Dagster](https://dagster.io/).
### Requirements
* Dagster 0.14+
### Installation
Use your favorite Python package manager to install the app from PyPI, e.g.
```bash
pip install dagster-hashicorp
```# Usage Notes
## Vault
#### Auth method
- [x] Token
- [x] User / Password
- [x] Approle
- [x] Kubernetes#### Example
```python
from dagster import build_op_context, job, op
from dagster_hashicorp.vault import vault_resource@op(required_resource_keys={"vault"})
def example_vault_op(context):
# Path of secret uses pattern /data/# Read
secret_data = context.resources.vault.read_secret(
secret_path="secret/data/foo/bar"
)
context.log.debug(f"Secret: {secret_data}")# Write
context.resources.vault.create_or_update_secret(
secret_path="secret/data/foo/bar", {"bar": "foo"}
)@job(resource_defs={"vault": vault_resource})
def example_job():
example_vault_op()example_job.execute_in_process(
run_config={
"resources": {
"vault": {
"config": {
"url": "vault-host:8200",
"auth_type": {"token": {"token": "s.your-token"}},
}
}
}
}
)# OR use environment variables
example_job.execute_in_process(
run_config={
"resources": {
"vault": {
"config": {
"url": "vault-host:8200",
"auth_type": {"token": {"token": {"env": "VAULT_TOKEN"}}},
# or
# "auth_type": {"userpass": {"username": {"env": "VAULT_USER"}, "password": {"env": "VAULT_PASS"}}},
# or
# "auth_type": {"approle": {"role_id": {"env": "VAULT_ROLE_ID"}, "secret_id": {"env": "VAULT_SECRET_ID"}}},
# or
# "auth_type": {"kubernetes": {"role": {"env": "VAULT_ROLE"}, "jwt_path": {"env": "VAULT_JWT_PATH"}}},
}
}
}
}
)
```