@samhammer/vault-client-sag
TypeScript icon, indicating that this package has built-in type declarations

1.1.1 • Public • Published

vault-client-sag

This library can be used if you want to load specific keys from vault, but works only for interal usage of Samhammer.

It uses specific authentication logic:

  • Locally: Uses the url and token returned by sagctl
  • Kubernetes: Does a kubernetes role auth

Prerequirements:

Locally

Sagctl has to be installed: https://samhammer.atlassian.net/wiki/spaces/K8S/pages/158793743/How+to+use+sagctl

In the cluster

Use following environment variables for this configuration:

  • VaultUrl: With the url to vault (required)
  • VaultKubernetesRole: The vault role of the application (required)

With AppRole (e.g. for github actions)

Use following environment variables for this configuration:

  • VaultUrl: With the url to vault (required)
  • VaultAppRoleId: The vault role id of the application (required)
  • VaultAppRoleSecretId: The vault secret id (password) of the application (required)

How to add:

How to use:

Sample with Javascript:

const { getVault } = require("@samhammer/vault-client-sag");

const vaultMap = {
  [`VaultKey--kv-v2/data/MySecret/Username`]: "UserName",
  [`VaultKey--kv-v2/data/MySecret/Password`]: "Password",
};

getVault()
  .then(vault => vault.loadSecretsToEnv(vaultMap));
  .then(() => console.log(`Username: ${process.env.UserName} Password: ${process.env.Password}`);

Sample with Typescript:

import { getVault } from "@samhammer/vault-client-sag";

const vaultMap = {
    [`VaultKey--kv-v2/data/MySecret/Username`]: "UserName",
    [`VaultKey--kv-v2/data/MySecret/Password`]: "Password"
};

const vault = await getVault();
await vault.loadSecretsToEnv(vaultMap);
console.log(`Username: ${process.env.UserName} Password: ${process.env.Password}`);

Configuration:

Available Options:

  • Timeout in milliseconds (default: 3000 )
    • as param getVault({ timeout: 5000 })
    • as env variable VaultTimeout = 5000

How to publish

  • Increase version by 'yarn version' command on local machine. This updates package.json and creates tag
  • Check github action to validated, that package was released to npm registry.

Readme

Keywords

Package Sidebar

Install

npm i @samhammer/vault-client-sag

Weekly Downloads

22

Version

1.1.1

License

MIT

Unpacked Size

541 kB

Total Files

11

Last publish

Collaborators

  • vijoplays
  • friedelbaumann
  • domi2120
  • datlam162
  • agentschmitt
  • npolauer
  • teranovalp
  • devroemer