Skip to content

noleme/noleme-vault-squared

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

101 Commits
.github
.github
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Noleme Vault module² for Hashicorp Vault

Maven Build Maven Central Repository javadoc coverage GitHub

A noleme-vault module for loading variables from a Hashicorp Vault instance.

Note: This library is considered as "in beta" and as such significant API changes may occur without prior warning.

I. Installation

Add the following in your pom.xml:

<dependency>
    <groupId>com.noleme</groupId>
    <artifactId>noleme-vault-squared</artifactId>
    <version>0.1</version>
</dependency>

II. Notes on Structure and Design

TODO

III. Usage

In order to use a noleme-vault module, you need to register it on the VaultParser, the simplest way is to register it in the defaultParser, but you may of course do it on a dedicated VaultFactory/VaultParser pair.

VaultFactory.defaultParser.register(new HashicorpVaultModule());

Afterwards, noleme-vault will be able to understand hashicorp_vault sections. Here is a basic example of using it in a yml configuration file:

hashicorp_vault:
    address: "http://my-vault-instance:8200"
    token: "my-token"
    variables: # Here we list variables we want to recover from the vault and their corresponding (noleme) vault identifier
        secret/my-path: # Variables path
            some_key: my_var # Mapping (hashicorp) vault key to a (noleme) vault id
            some_other_key: another_var

variables:
  # In this example, this value will be overridden by the value found under secret/my-path.some_key in Hashicorp Vault
  my_var: "interesting"

Afterwards, these will be injectable like any other variable in a noleme-vault container.

At the time of this writing, here are the available vault options you can specify:

hashicorp_vault:
    address: "http://my-vault-instance:8200" # defaults to the VAULT_ADDR env var
    token: "my-token" # defaults to the VAULT_TOKEN env var
    engine_version: 2 # defaults to 2
    open_timeout: 10 # in seconds, defaults to the VAULT_OPEN_TIMEOUT env var
    read_timeout: 10 # in seconds, defaults to the VAULT_READ_TIMEOUT env var
    on_failure: ABORT # available values are IGNORE and ABORT, defaults to ABORT

Note on on_failure: a "failure" can occur if the specified secret cannot be found, in which case:

  • ABORT will fail the configuration loading
  • IGNORE will simply keep on trucking and whatever value previously available in the Definitions container will remain

TODO

IV. Dev Installation

This project will require you to have the following:

  • Java 11+
  • Git (versioning)
  • Maven (dependency resolving, publishing and packaging)

About

A noleme-vault module for Hashicorp Vault.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

 
 
 

Contributors

Languages