luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
open-vault/command/agent
History
Daniel Huckins 958ccda6b1
agent: Add implementation for injecting secrets as environment variables to vault agent cmd (#20739) 
* added exec and env_template config/parsing

* add tests

* we can reuse ctconfig here

* do not create a non-nil map

* check defaults

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* first go of exec server

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* convert to list

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* convert to list

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* sig test

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add failing example

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* refactor for config changes

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add test for invalid signal

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* account for auth token changes

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* only start the runner once we have a token

* tests in diff branch

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* fix rename

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Update command/agent/exec/exec.go

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* apply suggestions from code review

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* cleanup

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove unnecessary lock

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* refactor to use enum

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* dont block

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* handle default

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* make more explicit

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* cleanup

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove unused

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove unused file

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* remove test app

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

* apply suggestions from code review

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* update comment

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* add changelog

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* new channel for exec server token

* wire to run with vault agent

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* watch for child process to exit on its own

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

* block before returning

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>

---------

Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
 		2023-05-25 09:23:56 -04:00
..
config agent: Add implementation for injecting secrets as environment variables (#20628) 2023-05-24 16:56:06 -04:00
exec agent: Add implementation for injecting secrets as environment variables to vault agent cmd (#20739) 2023-05-25 09:23:56 -04:00
internal/ctmanager move private function to internal pkg for sharing (#20531) 2023-05-15 10:55:28 -04:00
template VAULT-15547 Agent/proxy decoupling, take two (#20634) 2023-05-19 13:17:48 -04:00
test-fixtures/reload VAULT-9883: Agent Reloadable Config (#18638) 2023-01-10 17:45:34 +00:00
README.md Vault Agent Template (#7652) 2019-10-18 16:21:46 -05:00
alicloud_end_to_end_test.go VAULT-15547 First pass at agent/proxy decoupling (#20548) 2023-05-17 09:38:34 -04:00
approle_end_to_end_test.go VAULT-15547 First pass at agent/proxy decoupling (#20548) 2023-05-17 09:38:34 -04:00
auto_auth_preload_token_end_to_end_test.go VAULT-15547 First pass at agent/proxy decoupling (#20548) 2023-05-17 09:38:34 -04:00
aws_end_to_end_test.go VAULT-15547 First pass at agent/proxy decoupling (#20548) 2023-05-17 09:38:34 -04:00
cache_end_to_end_test.go VAULT-15547 Agent/proxy decoupling, take two (#20634) 2023-05-19 13:17:48 -04:00
cert_end_to_end_test.go VAULT-15547 First pass at agent/proxy decoupling (#20548) 2023-05-17 09:38:34 -04:00
cf_end_to_end_test.go VAULT-15547 First pass at agent/proxy decoupling (#20548) 2023-05-17 09:38:34 -04:00
doc.go adding copyright header (#19555) 2023-03-15 09:00:52 -07:00
jwt_end_to_end_test.go VAULT-15547 First pass at agent/proxy decoupling (#20548) 2023-05-17 09:38:34 -04:00
oci_end_to_end_test.go VAULT-15547 First pass at agent/proxy decoupling (#20548) 2023-05-17 09:38:34 -04:00
testing.go Upgrade go-jose library to v3 (#20559) 2023-05-23 12:25:58 +00:00
token_file_end_to_end_test.go VAULT-15547 First pass at agent/proxy decoupling (#20548) 2023-05-17 09:38:34 -04:00

README.md

Vault Agent

Vault Agent is a client daemon that provides Auth-Auth, Caching, and Template features.

Vault Agent provides a number of different helper features, specifically addressing the following challenges:

  • Automatic authentication
  • Secure delivery/storage of tokens
  • Lifecycle management of these tokens (renewal & re-authentication)

See the usage documentation on the Vault website here: