#vault #kubernetes #tokio #hashi-corp

coult

Hashicorp vault secret retrival helper, using hyper and serde, and automatically parsing

10 releases

0.2.5 Aug 3, 2022
0.2.4 Aug 3, 2022
0.1.4 Dec 20, 2021
0.1.1 Oct 18, 2021

#550 in Authentication

MIT/Apache

14KB
263 lines

Coult

Rust vault secret retriever

Example

use coult::{Config, Vault};
use serde::Deserialize;
#[derive(Debug, Deserialize)]
struct Secret {
    password: String,
}

#[tokio::main]
async fn main() {
    tracing_subscriber::fmt::init();
    let config = Config::new(
    "http".to_string(),                           # Vault Http Protocol http/https
    "127.0.0.1".to_string(),                      # Vault Host
     8200,                                        # Port
    "config/path".to_string(),                    # Secret Path
    "vault-plaintext-root-tokenzqwe".to_string(), # Vault Token
    );
    let vault = Vault::new(config).await.unwrap();
    let data = vault.get_secret::<Secret>().await.unwrap();
    println!("{:?}", data)
}


lib.rs:

Coult, is crate to getting from hashicorp vault

Usage

Coult use hyper client instead of reqwest for more simpler and lightweight crate, it will help you to send GET request to Vault for retrieving the secret. This crate will help you to automatically parsing using serde, and make sure your struct has Deserialize derive.

Example

use coult::{Config, Vault};
use serde::Deserialize;

#[derive(Debug, Deserialize)]
struct Secret {
   password: String,
}

#[tokio::main]
async fn main() {
  tracing_subscriber::fmt::init();
  let vault = Vault::new().build().await.unwrap();
  let data = vault.get_secret::<Secret>().await.unwrap(); // for v1, get_secret_v2
  println!("{:?}", data)
}

Dependencies

~6–13MB
~150K SLoC