SkillAgentSearch skills...

Vaultify

No description available

GenerateConvertImprove

Install / Use

/learn @ahilsend/Vaultify
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

vaultify

Deprecated: You can use Vault Agent instead.

Build Status

Vaultify templates file from vault secrets and auto renews leases

Running vaultify

vaultify has three commands, template, renew-leases, and run

Template

The template command reads a template, renders the vault secrets into it, and stores the result in a file. In addition it also stores the secret lease information in a secrets file to be able to renew the leases.

template.yaml example:

credentials:
    <{- $admin := vault "database/creds/maindb-admin" }>
    username: <{ $admin.Data.username | quote }>
    password: <{ $admin.Data.password | quote }>

Running vaultify template:

vaultify template --vault https://vault.vault:8200 \
                  --role maindb-admin \
                  --template-file template.yaml \
                  --output-file /app/config.yaml \
                  --secrets-output-file /app/secrets.json \
                  -vv

Renew-leases

The renew-leases command renews leases that for created by template command and stored in a secrets file.

Running vaultify renew-leases:

vaultify renew-leases --vault https://vault.vault:8200 \
                      --secrets-output-file /app/secrets.json \
                      --metrics-address ":9105" \
                      -vv

Run

Running vaultify and continuously renew leases:

vaultify run --vault https://vault.vault:8200 \
             --role maindb-admin \
             --template-file template.yaml \
             --output-file /app/config.yaml \
             --metrics-address ":9105" \
             -vv

Note that running only this might not work for all work loads. If you run your application in kubernetes and your configuration needs to be rendered before the application starts, you should run the template command in a initContainer and the renew-leases command in a side-car.

Metrics

Vaultify run and renew-leases are exposing the following metrics:

| metric | type | description | |----------------------------------------|---------|------------------------------| | vaultify_auth_lease_renewed | counter | renewed auth leases | | vaultify_auth_lease_renewal_failed | counter | failed auth lease renewals | | vaultify_secret_lease_renewed | counter | renewed secret leases | | vaultify_secret_lease_renewal_failed | counter | failed secret lease renewals |

Related Skills

node-connect

350.1k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

frontend-design

109.9k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

openai-whisper-api

350.1k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).

qqbot-media

350.1k

QQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。

ahilsend

View profile

View on GitHub
GitHub Stars6
CategoryDevelopment
Updated1y ago
Forks5
ahilsend/vaultify

Languages

Go

Security Score

65/100

Audited on Nov 11, 2024

No findings