Skip to content

zmb3/blackbox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
vendor
vendor
 
 
Gopkg.lock
Gopkg.lock
 
 
Gopkg.toml
Gopkg.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.go
main.go
 
 
sanitizer.go
sanitizer.go
 
 
sanitizer_test.go
sanitizer_test.go
 
 
vault.go
vault.go
 
 
wercker.yml
wercker.yml
 
 

Repository files navigation

blackbox

A tool for moving secrets from Concourse params files into Vault.

Installation

Download a release for your platform, or:

$ go get -u github.com/zmb3/blackbox

Usage

First, set the VAULT_ADDR and VAULT_TOKEN environment variables.

Run blackbox with:

$ blackbox -in params.yml -out sanitized.yml -path concourse/myteam/mypipeline

For each parameter, the tool will ask you whether or not you would like to move it to Vault. To accept the default value (no), simply press enter. To move the param to Vault, enter y and press enter.

When the tool completes, it will write a new YML file containing only the non-sensitive Values that were not moved to vault.

Example

$ cat params.yml
secret1: password1
param1: param1
secret2: password2
username: admin

$ ./blackbox -in params.yml -out params2.yml -path secret/pipeline
move secret1? (n): y
move param1? (n):
move secret2? (n): y
move username? (n):

$ cat params2.yml
param1: param1
username: admin

$ vault list secret/pipeline
Keys
----
secret1
secret2

$ vault read secret/pipeline/secret1
Key             	Value
---             	-----
refresh_interval	768h0m0s
value           	password1

About

Move Concourse params to Vault

Resources

Readme

License

Apache-2.0 license
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 3

blackbox v0.0.4 Latest
Aug 23, 2017
+ 2 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages