https://github.com/wanmail/viper-vault-injector

a package help you inject vault secret in viper config automatically
https://github.com/wanmail/viper-vault-injector

hashicorp-vault mapstructure vault viper

Last synced: about 1 year ago
JSON representation

a package help you inject vault secret in viper config automatically

• Host: GitHub
• URL: https://github.com/wanmail/viper-vault-injector
• Owner: wanmail
• Created: 2023-07-27T07:12:25.000Z (almost 3 years ago)
• Default Branch: main
• Last Pushed: 2023-08-03T03:12:44.000Z (almost 3 years ago)
• Last Synced: 2025-02-12T06:30:52.500Z (over 1 year ago)
• Topics: hashicorp-vault, mapstructure, vault, viper
• Language: Go
• Homepage:
• Size: 21.5 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# vipervaultinjector

Package vipervaultinjector is a package help you inject vault secret in viper config automatically.

It will replace the secret url with the secret vaule in vault automatically, when you unmarshal the map to the struct.

So it can be used anywhere that uses mapstructure for unmarshal, not just viper.

## Examples

### StringToVaultSecretHookFunc

StringToVaultSecretHookFunc Hook function for convert vault url string to vault secret.

For example, set {vault://vault.example/_/test/foo/password1} in vault string, and it will replace it to password1 value in vault when unmarshalled by mapstructure

```golang

client, err := initClient()

if err != nil {

    log.Fatal(err)

}

err = setupSecret(client)

if err != nil {

    log.Fatal(err)

}

defer teardownSecret(client)

viper.SetConfigType("yaml") // or viper.SetConfigType("YAML")

type DBExample struct {

    Address  string `mapstructure:"address"`

    Database string `mapstructure:"database"`

    Username string `mapstructure:"username"`

    Password string `mapstructure:"password"`

}

// any approach to require this configuration into your program.

var yamlExample = []byte(`

        address: 127.0.0.1

        database: example

        username: root

        password: {vault://vault.org/_/test/foo/password1}

        `)

err = viper.ReadConfig(bytes.NewBuffer(yamlExample))

if err != nil {

    log.Fatal(err)

}

var db DBExample

err = viper.Unmarshal(&db, viper.DecodeHook(vipervaultinjector.StringToVaultSecretHookFunc(client)))

if err != nil {

    log.Fatal(err)

}

if db.Password != value1 {

    log.Fatalf("value1[%s] incorrect", db.Password)

}

```

---