Skip to content
This repository has been archived by the owner on Mar 24, 2022. It is now read-only.

vmware-archive/secret-syncer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits

secretsyncer

secretsyncer

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

NOTICE

NOTICE

 
 

README.md

README.md

 
 

docker-compose.yml

docker-compose.yml

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

main.go

main.go

 
 

main_test.go

main_test.go

 
 

Repository files navigation

concourse secret syncer

This is a little tool for using a structured YAML file as the source of truth for the set of credentials that should exist in a Vault instance to be accessed by concourse.

You declare your secrets like so:

# pipeline-scoped secrets
team_name/pipeline_name/secret_name: simple_value
team_name/pipeline_name/other_secret_name:
  compound: multi
  field: value
# shared secrets
shared:
  secret_name: secret_value
  other_secret:
    compound: value
    for: other_secret
# team-scoped secrets
team_name/secret_name: value

you configure the program using the same environment variables that would be used to target a Vault instance with the vault CLI:

  • VAULT_ADDR
  • VAULT_TOKEN
  • ... etc

The program will recursively delete all the secrets under the path concourse/* and then write every secret declared in the YAML file (in the above format) passed as a positional argument:

VAULT_ADDR=http://127.0.0.1 VAULT_TOKEN=myroot go run main.go secrets.yml

About

No description, website, or topics provided.

Resources

Readme

License

BSD-2-Clause license

Security policy

Security policy
Activity
Custom properties

Stars

2 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages