-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.go
More file actions
107 lines (80 loc) · 2.01 KB
/
main.go
File metadata and controls
107 lines (80 loc) · 2.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package main
import (
"flag"
"fmt"
"os"
"strings"
vault "github.com/hashicorp/vault/api"
)
var (
showHelp bool
secretPath string
prefix string
format string
)
func main() {
flag.BoolVar(&showHelp, "help", false, "Show usage information.")
flag.StringVar(&secretPath, "secret-path", "", "The path, in vault, of the target secret.")
flag.StringVar(&prefix, "prefix", "", "A prefix to add to each environment variable's name.")
flag.StringVar(&format, "format", "bash", "The environment variable format (bash, powershell, or powershell-env).")
flag.Parse()
if showHelp {
flag.Usage()
os.Exit(0)
}
var variableFormat string
switch format {
case "bash":
variableFormat = "export %s%s='%s'"
case "powershell":
variableFormat = "$%s%s='%s'"
case "powershell-env":
variableFormat = "$env:%s%s='%s'"
default:
fmt.Printf("Unsupported format: '%s'.", format)
os.Exit(4)
}
variableFormat += "\n"
if secretPath == "" {
flag.Usage()
os.Exit(1)
}
vaultAddress := os.Getenv(vault.EnvVaultAddress)
if len(vaultAddress) == 0 {
fmt.Printf("Must specify the Vault server address using the %s environment variable.\n", vault.EnvVaultAddress)
os.Exit(1)
}
vaultToken := os.Getenv(vault.EnvVaultToken)
if len(vaultToken) == 0 {
fmt.Printf("Must specify the Vault access token using the %s environment variable.\n", vault.EnvVaultToken)
os.Exit(1)
}
clientConfig := vault.DefaultConfig()
clientConfig.Address = vaultAddress
client, err := vault.NewClient(clientConfig)
if err != nil {
fmt.Println(err)
os.Exit(2)
}
client.SetToken(vaultToken)
secret, err := client.Logical().Read(secretPath)
if err != nil {
fmt.Println(err)
os.Exit(2)
}
if secret == nil {
fmt.Printf("Cannot find secret '%s'.", secretPath)
os.Exit(3)
}
safeNameReplacer := strings.NewReplacer(
"-", "_",
".", "_",
" ", "_",
)
for key, value := range secret.Data {
safeName := strings.ToUpper(
safeNameReplacer.Replace(key),
)
fmt.Printf(variableFormat, prefix, safeName, value)
}
}