Storage plugin for Rundeck for storing data in Vault
Clone or download
Pull request Compare This branch is 2 commits ahead of ValFadeev:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
gradle/wrapper
src
test/docker
.gitignore
.travis.yml
LICENSE
README.md
build.gradle
gradlew
gradlew.bat
run-docker-vault-tests.sh
version.properties

README.md

Rundeck Vault Storage Plugin

Purpose

This is a Storage Backend plugin for storing Key Store data in Vault.

Installation

  • Download and start Rundeck. It will automatically create the necessary directories.
  • Clone this repository. Build using gradle wrapper:
      ./gradlew clean build
    
  • Drop rundeck-vault-plugin-<version>.jar to libext/ under Rundeck installation directory.
  • Restart Rundeck.

Configuration

Add the following settings on $RDECK_BASE/etc/rundeck-config.properties

rundeck.storage.provider.1.type=vault-storage
rundeck.storage.provider.1.path=keys
rundeck.storage.provider.1.config.prefix=rundeck
rundeck.storage.provider.1.config.secretBackend=secret
rundeck.storage.provider.1.config.address=$VAULT_URL
rundeck.storage.provider.1.config.token=$VAULT_TOKEN

For existing vault storage, probably you will need to remove the default keys path added by default for rundeck. You can use these settings for an existing vault storage:

rundeck.storage.provider.1.type=vault-storage
rundeck.storage.provider.1.path=keys
rundeck.storage.provider.1.removePathPrefix=true
rundeck.storage.provider.1.config.prefix=someprefix
rundeck.storage.provider.1.config.secretBackend=mybackend
rundeck.storage.provider.1.config.address=$VAULT_URL
rundeck.storage.provider.1.config.token=$VAULT_TOKEN
rundeck.storage.provider.1.config.storageBehaviour=vault

Minimal version requirements

  • Java 1.8
  • Rundeck 2.10.0
  • Vault 0.9.0

Thanks

TODO

  • Integration tests
  • Automated auth token lease renewal
  • Storage converter plugin