This is a Golang client for Vault. It is currently under development. v1.0.0 will be the first official release.
- ✔️ IAM
- ✔️ AppRole
- ✔️ LDAP
- ✔️ Token
- k8s (coming soon)
- ✔️ KV2
To retrieve this package run:
go get github.com/riotgames/vault-go-client
The following will create a client with default configuration:
import vault "github.com/riotgames/vault-go-client"
...
// Uses VAULT_ADDR env var to set the clients URL
client, err := vault.NewClient(vault.DefaultConfig())
if err != nil {
log.Fatal(err.Error())
}
...
The following will put a secret into Vault:
secretMap := map[string]interface{}{
"hello": "world",
}
if _, err = client.KV2.Put(vault.KV2PutOptions{
MountPath: secretMountPath,
SecretPath: secretPath,
Secrets: secretMap,
}); err != nil {
log.Fatal(err.Error())
}
This approach unmarshals the secret from Vault into the provided struct.
The embedded struct vault.SecretMetadata
is optional.
type Secret struct {
Hello string `json:"hello"`
vault.SecretMetadata
}
...
secret := &Secret{}
if _, err = client.KV2.Get(vault.KV2GetOptions{
MountPath: secretMountPath,
SecretPath: secretPath,
UnmarshalInto: secret,
}); err != nil {
log.Fatal(err.Error())
}
fmt.Printf("%v\n", secret)
This approach returns a Secret
defined in github.com/hashicorp/vault/api
.
secret, err := client.KV2.Get(vault.KV2GetOptions{
MountPath: secretMountPath,
SecretPath: secretPath,
})
if err != nil {
log.Fatal(err.Error())
}