README
¶
Harp
Harp is for Harpocrates (Ancient Greek: Ἁρποκράτης) the god of silence, secrets and confidentiality in the Hellenistic religion. - Wikipedia
New to harp, let's start with onboarding tutorial ! TL;DR - Features overview
Harp provides :
- An automation compatible secret management implementation
- CI/CD integration;
- Human readable definitions (YAML);
- Auditable and reproductible pipelines.
- A secret container specification to store and manipulate data;
- A container manipulation library exposed as
github.com/elastic/harp/pkg/bundle; - An extensible CLI tool.
And allows :
- bundle level operations
- Create a container from scratch / template / json (more via plugins);
- Read value stored in the K/V virtual filesystem;
- Update the K/V virtual filesystem;
- Delete keys.
- immutable container level operations
- Seal / Unseal a container for integrity and confidentiality property conservation;
- Generate a complete set of data using a YAML Descriptor (
BundleTemplate); - Reproductible patch applied on immutable container (copy-on-write);
- Import / Export to Vault.
License
harp artifacts and source code is released under Apache 2.0 Software License.
Homebrew install
Download a release or build from source.
For stable version
brew tap elastic/harp
brew install elastic/harp/harp
brew install elastic/harp/harp-server
Build instructions
Download a release or build from source.
First time
Check your go version
Only last 2 minor versions of a major are supported.
Harp is compiled with :
$ go version
go version go1.15.7 darwin/amd64
Simple go version manager - https://github.com/stefanmaric/g
Install mage
Mage is an alternative to Make where language used is Go. You can install it using 2 different methods.
# Install mage
git clone https://github.com/magefile/mage
cd mage
go run bootstrap.go
brew install mage
Clone repository
git clone git@github.com:elastic/harp.git
# Go to tools submodule
cd harp/tools
# Pull tools sources, compile them and install executable in tools/bin
mage
Daily
export PATH=$HARP_REPO/tools/bin:$PATH
# Build harp in bin folder
mage
Docker
For Tools
You have to build this image before executing artifact pipelines.
mage docker:tools
For CLI
# or docker image [distroless:static, rootless, noshell]
mage docker:harp
# To execute in the container
docker run --rm -ti --read-only elastic/harp:<version>
For container server
# or docker image [distroless:static, rootless, noshell]
mage docker:harpServer
# To execute in the container
docker run --rm -ti --read-only elastic/harp-server:<version>
Community
Here is the list of external projects used as inspiration :
Documentation
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
api
|
|
|
build
|
|
|
cmd
|
|
|
harp-server
Module
|
|
|
Package pkg exposes public Harp SDK.
|
Package pkg exposes public Harp SDK. |
|
bundle
Package bundle exposes Bundle object manipulation functions.
|
Package bundle exposes Bundle object manipulation functions. |
|
container
Package container exposes Secret Container operations.
|
Package container exposes Secret Container operations. |
|
sdk/tlsconfig
Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers.
|
Package tlsconfig provides primitives to retrieve secure-enough TLS configurations for both clients and servers. |
|
test
|
|
|
tools
module
|