Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
#!/usr/bin/env python
import json
import os
import subprocess
import tempfile
import yaml
VAULT_BIN = "/usr/local/bin/vault"
VAULT_PATH = "secret/salt/pillar_data"
DEFAULT_EDITOR = "/usr/bin/emacs"
def main():
if 'VAULT_ADDR' not in os.environ:
print("you do not have $VAULT_ADDR set")
print("remember to set that and authenticate yourself before running this")
# read existing data from vault
v = subprocess.check_output("%s read -format=yaml %s" % (VAULT_BIN, VAULT_PATH), shell=True)
d = yaml.load(v)['data']
print("--- read data from vault ---")
# save a YAML version to temp file
with tempfile.NamedTemporaryFile(suffix='yaml') as t:
t.write(yaml.dump(d, indent=2, default_flow_style=False))
print("--- wrote yaml temp file ---")
# pop the user into an editor to modify
editor = os.environ.get('EDITOR', DEFAULT_EDITOR)[editor,])
# read it back in, 0)
text =
updated = yaml.load(text)
print("--- read the yaml back in and parsed it ---")
# write it out as json (vault can only read json)
with tempfile.NamedTemporaryFile() as json_out:
print("--- wrote out a JSON version ---")
# then put it back into vault"%s write %s @%s" % (VAULT_BIN, VAULT_PATH,, shell=True)
except yaml.YAMLError, exc:
print("YAML Error:", exc)
print("update aborted. please try again")
if __name__ == "__main__":
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.