vkv

command module

v0.5.0-rc5 Latest Latest Go to latest Published: Nov 18, 2023 License: MIT Imports: 3 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/FalcoSuessgott/vkv

README ¶

vkv

vkv is a little CLI tool written in Go, which enables you to list, compare, import, document, backup & encrypt secrets from a HashiCorp Vault KV-v2 engine:

Features

recursively print secrets of any KVv2 Engine in json, yaml, markdown and other formats
engine export shows the secret version as well as its custom metadata
customize the output (show only-keys, only-paths, mask/unmask secrets) via flags or environment
print the CRUD-capabilities of the authenticated token for each KV-path (format: policy)
print secrets in export <key>=<value> format for variable exporting (format: export)
import secrets back to Vault from vkv's json or yaml format
save and restore KVv2 snapshots (including namespaces) and running on kubernetes
list all engines or namespaces for scripting purposes
handy snippets for managing KVv2 engines using fzf, sops & diff, gitlab-CI Examples

Checkout the Quickstart Guide to learn more about vkv

Quickstart

# Installation
curl -OL https://github.com/FalcoSuessgott/vkv/releases/download/v0.4.0/vkv_$(uname)_$(uname -m).tar.gz
tar xzf vkv_$(uname)_$(uname -m).tar.gz
chmod u+x vkv
./vkv version
vkv 0.4.0

# set required env vars
export VAULT_ADDR=https://vault-server:8200
export VAULT_TOKEN=<your-vault-token>

# verify connection
vault status
Key             Value
---             -----
Seal Type       shamir
Initialized     true
Sealed          false
Total Shares    1
Threshold       1
Version         1.12.1
Build Date      2022-10-27T12:32:05Z
Storage Type    inmem
Cluster Name    vault-cluster-ffd05212
Cluster ID      42ef92d5-eb21-0cb5-dd0b-804dac04e505
HA Enabled      false

# list secrets recursively of a KVv2 engine
vkv export --path <KVv2-engine path>
secret/
├── v1: admin [key=value]   # v1 -> secret version; "admin" -> secrets name; "[key=value]" -> secrets custom metadata
│   └── sub=********        # "sub" -> key; "*****" -> masked value (disable with --show-values)
├── v1: demo
│   └── foo=***
└── sub/
    ├── v1: demo
    │   ├── demo=***********
    │   ├── password=******
    │   └── user=*****
    └── sub2
        └── v2: demo [admin=false key=value]
            ├── admin=***
            ├── foo=***
            ├── password=********
            └── user=****

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
cmd
docs
export
imp
list
manpage
server
snapshot
version
pkg
exec
fs
printer/engine
printer/namespace
printer/secret
regex
render
testutils
utils
vault

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL