enable env vars for auth settings

This commit is contained in:
rob boll 2016-09-17 12:00:15 -04:00
parent 6566e12417
commit 6bedc031cd
2 changed files with 11 additions and 0 deletions

View file

@ -66,6 +66,9 @@ The above say's
A authentication file can be specified in either yaml of json format which contains a method field, indicating one of the authentication
methods provided by vault i.e. userpass, token, github etc and then followed by the required arguments for that plugin.
If the required arguments for that plugin are not contained in the authentication file, fallbacks from environment variables are used.
Environment variables are prefixed with `VAULT_SIDEKICK`, i.e. `VAULT_SIDEKICK_USERNAME`, `VAULT_SIDEKICK_PASSWORD`.
**Secret Renewals**
The default behaviour of vault-sidekick is **not** to renew a lease, but to retrieve a new secret and allow the previous to

View file

@ -18,6 +18,7 @@ package main
import (
"fmt"
"os"
"github.com/hashicorp/vault/api"
)
@ -45,6 +46,13 @@ func (r authUserPassPlugin) Create(cfg map[string]string) (string, error) {
username, _ := cfg["username"]
password, _ := cfg["password"]
if username == "" {
username = os.Getenv("VAULT_SIDEKICK_USERNAME")
}
if password == "" {
password = os.Getenv("VAULT_SIDEKICK_PASSWORD")
}
// step: create the token request
request := r.client.NewRequest("POST", fmt.Sprintf("/v1/auth/userpass/login/%s", username))
if err := request.SetJSONBody(userPassLogin{Password: password}); err != nil {