Skip to content
/ vault-handler Public

An application to help with initializing and unsealing Vault.

License

View license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

konstructio/vault-handler

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.github/workflows
.github/workflows
 
 
cmd
cmd
 
 
internal
internal
 
 
.goreleaser.yml
.goreleaser.yml
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

vault-handler

vault-handler helps initialize and unseal Vault in situations where features like KMS auto-unseal or transit engine are either unavailable or not in-use.

The original inspiration for this app was to assist with bootstrapping Kubernetes clusters as part of kubefirst.

Components

This utility uses in-cluster Kubernetes configuration by default. It was built to run within a Kubernetes cluster.

There is an optional flag to allow running it locally and pointing at your own kubeconfig file.

At this time, it only supports running Vault using Raft storage with either 1 or 3 replicas.

Usage

❯ vault-handler unseal -h
Unseal a vault instance

Usage:
  vault-handler unseal [flags]

Flags:
  -h, --help                        help for unseal
      --leader-only                 unseal only the raft leader - false (default) - true to only init and unseal vault-0
      --use-kubeconfig-in-cluster   kube config type - in-cluster (default), set to false to use local (default true)

About

An application to help with initializing and unsealing Vault.

Resources

Readme

License

View license
Activity
Custom properties

Stars

1 star

Watchers

9 watching

Forks

0 forks
Report repository

Releases

5 tags

Packages

 
 
 

Contributors 3

  •  
  •  
  •  

Languages