The highest tagged major version is v4.

go-vault-client

module

v2.0.1+incompatible Latest Latest Go to latest Published: Sep 18, 2019 License: Apache-2.0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/igm/go-vault-client

Links

Open Source Insights

README ¶

go-vault-client

Gives you an authenticated vault client (iam/token)

Usage

go-vault-client supports three modes of authentication:

Configuration

The configuration object used by this client is a superset of the Vault api.Config struct.

All configuration which would normally be possible with the Vault client is also possible here, but will not be documented.

Please note: this client no longer configures TLS for you as part of the default configuration.

Defaults

First create a vaultclient.Config using

config := vaultclient.NewDefaultConfig()

The precedence is as follows:

If you have the VAULT_APP_ROLE, VAULT_APP_ROLE_ID and VAULT_APP_SECRET_ID env variables set this will return a config setup for AppRole auth.
If you have the VAULT_ROLE env variable set this will return a config setup for Iam auth.
If you have the VAULT_TOKEN env variable set this will return a config setup for Token auth.

The recommended way to use this client is to set the VAULT_TOKEN env variable as part of your test setup and set the VAULT_ROLE env variable as part of your docker container definition so you will get Token auth in your tests and Iam auth on AWS.

Manual

It is also possible to manually configure the client if you do not wish to rely on environment variables.

clientConfig := vaultclient.BaseConfig()

From here, you may set the AuthType and related properties of the configuration manually.

No precedence exists here; only the configured AuthType will be used, and a missing AuthType will return an error.

Vault Auth

Create a new vault auth and hang onto the instance.

v, err := vaultclient.NewVaultAuth(vaultclient.NewDefaultConfig())

Use the vault auth instance every time you want to access vault:

 v.VaultClientOrPanic().Logical... etc

It is important to always call the VaultClient func each time and not capture the client otherwise the token will not be renewed.

There is a func to return a vault client or err if you dont want to have a panic:

client, err := v.VaultClient()

if err != nil {
	fmt.Errorf("error getting vault client: %s", err)
	return
}

// client can be used here

Directories ¶

Path	Synopsis
pkg
vaultclient

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL