Skip to content
/ fabric-sdk-kvs-vault Public

Key value store for fabric-sdk-node using Hashicorp's Vault

License

MIT license
6 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rp01/fabric-sdk-kvs-vault

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
lib
lib
 
 
test
test
 
 
.eslintrc
.eslintrc
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.js
index.js
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

fabric-sdk-kvs-vault

Key value store for fabric-sdk-node using Hashicorp's Vault

Install

npm i fabric-sdk-kvs-vault

Config

  1. config your network definition to use vault credentialStore
# your network.yaml
credentialStore:
    # [Optional]. Specific to FileKeyValueStore.js or similar implementations in other SDKs. Can be others
    # if using an alternative impl. For instance, CouchDBKeyValueStore.js would require an object
    # here for properties like url, db name, etc.
    # path: "./fabric-client-kv-org1"
    endpoint: "http://127.0.0.1:8200"
    token: "<VAULT_TOKEN>" # or can be set from env as VAULT_TOKEN
    apiVersion: "v1"

    # [Optional]. Specific to the CryptoSuite implementation. Software-based implementations like
    # CryptoSuite_ECDSA_AES.js in node SDK requires a key store. PKCS#11 based implementations does
    # not.
    cryptoStore:
      # Specific to the underlying KeyValueStore that backs the crypto key store.
      # path: "/tmp/fabric-client-kv-org1"
      endpoint: "http://127.0.0.1:8200"
      token: "<VAULT_TOKEN>" # or can be set from env as VAULT_TOKEN
      apiVersion: "v1"
  1. config fabric-sdk-node to use fabric-ca-kvs-vault
const Client = require('fabric-client');

// this code config the fabric-sdk-node to use fabric-sdk-kvs-vault
Client.setConfigSetting('key-value-store', 'fabric-sdk-kvs-vault');

// this load the network.yaml from step 1
const client = Client.loadFromConfig('<some-path-to-your-network.yaml>');

// init credential stores
await client.initCredentialStores();

// then it's done.

// Next time you just need to load this use again from state store
const user = await client.loadUserFromStateStore(username);
await client.setUserContext(user);

// do some invoke/query with this user's identity
// Enjoy!

setting VAULT_TOKEN

  1. Windows powershell
$env:VAULT_TOKEN="<VAULT_TOKEN>"
  1. Linux bash
export VAULT_TOKEN=<VAULT_TOKEN>

How to fix error with secrets engine

Some Times you may get status 404 even in setting values. just open another terminal tab/window run:

export VAULT_TOKEN=<TOKEN> 
export VAULT_ADDRESS='http(s)://<HOST>:<PORT>'

Then run the following command:

vault secrets disable secret
vault secrets enable -version=1 -path=secret kv

How to cheeck stored data in vault

vault kv get secret/<PREVIOUSLY_SET_KEY>

To enable debuging

run:

process.env.DEBUG = 'VaultKVS';

About

Key value store for fabric-sdk-node using Hashicorp's Vault

Topics

fabric vault hashicorp-vault fabric-sdk-node kvs-vault

Resources

Readme

License

MIT license
Activity

Stars

6 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages