vault-token-injector

command module
v1.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 20, 2021 License: Apache-2.0 Imports: 1 Imported by: 0

README

Automatic Vault Token Injector

vault-token-injector

A loop to keep vault access tokens up-to-date in circleci and/or terraform cloud

Injects new tokens into circleci build environments or terraform cloud workspaces on startup and every 30 minutes. Also injects the VAULT_ADDR variable.

Configuration

An example configuration file is present here. Whatever circleci projects or terraform cloud workspaces are mentioned will update the given token_variable in the project workspace. The vault token for that project is created with the provided vault_role. In addition, the vault_address field is injected as the VAULT_ADDR environment variable.

Future Planned Enhancements

  • Customizable Timing (not hard-coded to 30m)
  • Staggered token injections
  • Disable VAULT_ADDR injection
  • Use Vault API instead of vault binary
  • Prometheus endpoint to bubble up errors and successes

Documentation

Overview

Copyright © 2021 FairwindsOps

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at 

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Source Files

View all Source files

Directories

Path Synopsis
pkg
app
circleci
tfcloud
vault

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.