Giters

jaydipdave / jinja2-vault

Extentsion to load vault screts in jinja templates

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Jinja2 library for loading Vault screts

The idea behind this project is to allow dynamically loading vault secrets in applications like cookiecutter.

Installation

To install just run pip install jinja2-vault

Usage

Add the jinja2 secret function like this:

password={% secret "password", path="database", mount="app1/secret" %}

As simple python code to test is:

from jinja2 import Environment, Template
env = Environment(
    extensions=['jinja2-vault.VaultExtension']
)

template = env.from_string('password={% secret "password", path="database", mount="app1/secret" %}')
result = template.render()
print(result)

template = env.from_string('kubeconfig_file={% secret "kube_config", path="kubernetes/config", mount="secret", to_file="files/kube_config.txt" %}')
result = template.render()
print(result)

Both examples load key password from app1/secret/database where app1/secret is the mount and database the path.

Setup for cookiecutter

Add the module to the cookiecutter.json.
Example:

{
    "some_var": "var",
    "_extensions": [
        "jinja2-vault.VaultExtension"
    ]
}

The further usage the same as desribed in Usage.

Todo

[ ] Add some unit tests [_] Add some documentation

Build

To build and push the package: python setup.py sdist python -m twine upload dist/*

About

Extentsion to load vault screts in jinja templates

Languages

Language:Python 100.0%