Skip to content
Applications secrets access library
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
example
mocks
testing
vendor
.gitignore
Gopkg.lock
Gopkg.toml
LICENSE
README.md
all_test.go
circle.yml
envvar.go
envvar_test.go
jsonfile.go
jsonfile_test.go
pvc.go
pvc_test.go
vault.go
vault_integration_test.go
vault_test.go

README.md

PVC

Go Documentation CircleCI

PVC (polyvinyl chloride) is a simple, generic secret retrieval library that supports multiple backends.

PVC lets applications access secrets without caring too much about where they happen to be stored. The use case is to allow secrets to come from local/insecure backends during development and testing, and then from Vault in production without significant code changes required.

Backends

  • Vault
  • Environment variables
  • JSON file

Vault Authentication

PVC supports token, AppID and AppRole authentication.

Example

// environment variable backend
sc, _ := pvc.NewSecretsClient(pvc.WithEnvVarBackend(), pvc.WithMapping("SECRET_MYAPP_{{ .ID }}"))
secret, _ := sc.Get("foo")

// JSON file backend
sc, _ := pvc.NewSecretsClient(pvc.WithJSONFileBackend(),pvc.WithJSONFileLocation("secrets.json"))
secret, _ := sc.Get("foo")

// Vault backend
sc, _ := pvc.NewSecretsClient(pvc.WithVaultBackend(), pvc.WithVaultAuthentication(pvc.Token), pvc.WithVaultToken(vaultToken), pvc.WithVaultHost(vaultHost), pvc.WithMapping("secret/development/{{ .ID }}"))
secret, _ := sc.Get("foo")

See also example/

You can’t perform that action at this time.