diff --git a/README.md b/README.md index 9309d38e109f57f81e44f506082b0a9144112406..99e6333c33be25ab6ae0d9a8bbae03d6837a8aaa 100644 --- a/README.md +++ b/README.md @@ -6,23 +6,39 @@ A small utility to export data from vault as environment variables or download a You can download one of the pre-compiled binaries from the list below. -- [Mac](http://s3.hedenstroem.com/utils/vault/vaultenv-darwin) -- [Linux (ARM)](http://s3.hedenstroem.com/utils/vault/vaultenv-linux-arm) -- [Linux (32-bit)](http://s3.hedenstroem.com/utils/vault/vaultenv-linux-i386) -- [Linux (64-bit)](http://s3.hedenstroem.com/utils/vault/vaultenv-linux-amd64) -- [Windows (32-bit)](http://s3.hedenstroem.com/utils/vault/vaultenv-windows.exe) -- [Windows (64-bit)](http://s3.hedenstroem.com/utils/vault/vaultenv-windows-x64.exe) +- [Mac (Intel)](http://s3.hedenstroem.com/utils/vaultenv/vaultenv-darwin-amd64) +- [Mac (Apple Silicon)](http://s3.hedenstroem.com/utils/vaultenv/vaultenv-darwin-arm64) +- [Linux (ARM)](http://s3.hedenstroem.com/utils/vaultenv/vaultenv-linux-arm) +- [Linux (32-bit)](http://s3.hedenstroem.com/utils/vaultenv/vaultenv-linux-i386) +- [Linux (64-bit)](http://s3.hedenstroem.com/utils/vaultenv/vaultenv-linux-amd64) +- [Windows (32-bit)](http://s3.hedenstroem.com/utils/vaultenv/vaultenv-windows-i386.exe) +- [Windows (64-bit)](http://s3.hedenstroem.com/utils/vaultenv/vaultenv-windows-x64.exe) + +All versions are available via the [package registry](https://gitlab.hedenstroem.com/go/vaultenv/-/packages). + +## Configuration + +To avoid providing the server address and token via a flag every time, you can define environment variables named `VAULT_ADDR` and `VAULT_TOKEN` instead. + +If you prefer you can also set these values in a `.env` file like this: + +```env +VAULT_ADDR=http://localhost:8200 +VAULT_TOKEN=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX +``` ## Usage ```bash > vaultenv help ``` -## Creating a read only token +See the [generated documentation](https://gitlab.hedenstroem.com/go/vaultenv/-/blob/main/docs/vaultenv.md) for more information about the various commands. + +## Creating a read only token for vault The following example sets up a policy with read-only access to secrets/env, and an 'lts' role that has a token ttl of 10 years. -``` +```bash > vault policy-write secret-ro acl.hcl > vault write /auth/token/roles/lts allowed_policies="secret-ro" period="87600h" > vault token-create -role lts diff --git a/sonar-project.properties b/sonar-project.properties index f62d222a7726d0eb94ee1c451fbaf7f66c679201..ee63546e3b6e2ef8d5d6e39b2cacadb5a86e3887 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,2 +1 @@ sonar.projectKey=go_vaultenv_AXyPJ7AsH35cfvcLwDFS -sonar.qualitygate.wait=true