Giters

hashicorp / terraform-provider-vault

Terraform Vault provider

Home Page:https://www.terraform.io/docs/providers/vault/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[Enhancement]: Add Github Username and Token env to vault provider

fsadykov opened this issue · comments

commented

Description

To be able to login to vault we have an option to pass env VAULT_ADDR and VAULT_TOKEN. but in our organization, we have the github authentication enabled and we login to vault using our github_tokenand the ask is there to create env GITHUB_TOKEN and GITHUB_USERNAME to be able to authenticate and retrieve the list of secrets we want from vault by using terraform vaulr provider

Potential Terraform provider setup

For example, we could do this

export GITHUB_TOKEN='github-token'
export GITHUB_USERNAME='github-username'

And of course we need the following envs

export VAULT_NAMESPACE='admin'
export VAULT_ADD='https://example-vault.com:8200'

And after that

terraform init && terraform plan && terraform apply

Use case

The GitHub Actions already has GITHUB_TOKEN this env defined in the workflow. We could onboard the actions to retrieve the securely of the secret in the vault and do any terraform deployments
https://docs.github.com/en/actions/security-guides/automatic-token-authentication