Skip to content
/ s2v Public

Migration tool from K8s vanilla secrets to HashiCorp Vault

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lebe-dev/s2v

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

54 Commits
.cargo
.cargo
 
 
src
src
 
 
test-data
test-data
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
.gitlab-ci.yml
.gitlab-ci.yml
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
Dockerfile
Dockerfile
 
 
HOW-IT-WORKS.md
HOW-IT-WORKS.md
 
 
README.RU.md
README.RU.md
 
 
README.md
README.md
 
 
USAGE.RU.md
USAGE.RU.md
 
 
USAGE.md
USAGE.md
 
 
migrate.sh
migrate.sh
 
 
service-rename.sh
service-rename.sh
 
 
template.yaml
template.yaml
 
 

Repository files navigation

s2v

Migrate vanilla k8s secrets to HashiCorp Vault.

На русском

USAGE | HOW IT WORKS

Features:

  • Copy secrets from Kubernetes to HashiCorp Vault
  • Generate secret manifest with vault paths as values
  • Append secrets from source vault path to another
  • Update vault paths for given secret manifest file, print results to stdout

Limitations:

  • Only opaque-type secrets are supported
  • Only kv secret storage is supported

Data safety

The tool doesn't use direct remove command in kubernetes or vault, but append command is able to overwrite secrets at destination vault path if you don't use kv v2 engine. Use it mindfully.

Security

Logging level trace contains sensitive output so remove s2v.log file after all.

Troubleshooting

Check s2v.log for details.

About

Migration tool from K8s vanilla secrets to HashiCorp Vault

Topics

kubernetes vault hashicorp-vault

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 3

v1.1.2 Latest
May 23, 2024
+ 2 releases

Languages