Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hashicorp Vault lookup Plugin #11674

Merged
merged 1 commit into from
Aug 11, 2015
Merged

Hashicorp Vault lookup Plugin #11674

merged 1 commit into from
Aug 11, 2015

Conversation

juliedavila
Copy link
Contributor

This is a lookup plugin to be able to read secrets from a Hashicorp Vault endpoint.

Requires pip install hvac

Usage is like
lookup('hashi_vault', 'secret=secret/hello token=c975b780-d1be-8016-866b-01d0f9b688a5 url=http://myvault:8200')

Where url is optional and defaults to localhost and can also read in from the VAULT_ADDR environment variable.

This first iteration doesn't support other authentication mechanisms other than token and also presumes the vault is unsealed prior to executing the lookup.

@bcoca bcoca added feature_pull_request new_plugin This PR includes a new plugin. labels Jul 21, 2015
bcoca
bcoca reviewed Aug 7, 2015
View reviewed changes
lib/ansible/plugins/lookup/hashi_vault.py
from ansible.errors import *
from ansible.plugins.lookup import LookupBase

try:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this should be moved into the run method, as we only want this to error on running, not on loading, which will always happen if this is included in ansible.

or in the hasivault class init, which gets called from run.

@bcoca bcoca added the needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. label Aug 7, 2015
@juliedavila
Copy link
Contributor Author

@bcoca done

bcoca added a commit that referenced this pull request Aug 11, 2015
@bcoca
Merge pull request #11674 from defionscode/hashi_vault_lookup
4399ddc 
Hashicorp Vault lookup Plugin
@bcoca bcoca merged commit 4399ddc into ansible:devel Aug 11, 2015
@ansibot ansibot added feature This issue/PR relates to a feature request. and removed feature_pull_request labels Mar 4, 2018
@ansible ansible locked and limited conversation to collaborators Apr 26, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
feature This issue/PR relates to a feature request. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. new_plugin This PR includes a new plugin.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@juliedavila @darxriggs @bcoca @ansibot