Skip to content

trehn/bundlewrap-teamvault

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

README.md

README.md

 
 

bwtv.py

bwtv.py

 
 

setup.py

setup.py

 
 

Repository files navigation

Pull secrets from TeamVault into your BundleWrap repo.

Installation

pip install bundlewrap-teamvault

Setup

Add this to your ~/.bw_teamvault_secrets.cfg:

[foocorp]
url = https://teamvault.example.com
username = jdoe
password = potato
pass_command = pass show teamvault

pass_command will be executed by bundlewrap-teamvault. It will then use the first line of stdout as your teamvault password. This allows you to store your password securely in your password manager, instead of keeping it in plaintext in your home.

Please note that setting password will take preference. If both options are set, pass_command will not be executed.

Usage

Use in your nodes.py like this (replace ABCDEF with the hash id from the TeamVault URL of the secret you want):

import bwtv as teamvault

nodes = {
    "node1": {
        'metadata': {
            'secret': teamvault.password("ABCDEF", site="foocorp"),
        },
    },
}

Note: This will insert a proxy object into your metadata, the actual secret is not retrieved until you convert it to a string (e.g. by inserting it in a template or calling str() explicitly).

© 2016-2023 Torsten Rehn

About

No description, website, or topics provided.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases

11 tags

Packages

No packages published

Contributors 6

Languages