Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
vault read write utils
read_vault_data()
{
vault read -field=value $VAULT_SECRET_PATH/config > config.yaml
}
write_vault_data()
{
vault write $VAULT_SECRET_PATH/config value=@config.yaml
}
#!/usr/bin/env groovy
def call(body){
def config = [:]
body.resolveStrategy = Closure.DELEGATE_FIRST
body.delegate = config
body()
def splited = config.secretPath.split('@')
def chartPath = config.chartPath
def secretPath = splited[0]
def key = splited.size() == 2 ? splited[1] : 'value'
def saveFile = config.saveFile ?: key == 'value' ? secretPath : "${secretPath}/${key}"
WithVaultCredentials {
sh """
vault kv get --field=${key} "${config.vaultNamespace}${secretPath}" > "${chartPath}/${saveFile}"
"""
}
}
// USAGE --------------:
// container('vault') {
// secretsMap.each {
// ReadVaultSecret {
// vaultNamespace = "secret/projects/x/${currentEnv}/${currentApp}-${currentEnv}/"
// chartPath = currentPath
// secretPath = it.key
// saveFile = it.value
// }
// }
// ReadVaultSecret {
// vaultNamespace = "secret/devops/${currentEnv}/"
// chartPath = currentPath
// secretPath = "kubeconfig"
// }
// }
#!/usr/bin/env groovy
def call(body){
def config = [:]
body.resolveStrategy = Closure.DELEGATE_FIRST
body.delegate = config
body()
def key = config.key ?: 'value'
WithVaultCredentials {
sh """
vault kv put ${config.secretPath} ${key}=${config.value}
"""
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.