Giters

tkaburagi / vault-gpg

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

setup

git clone https://github.com/LeSuisse/vault-gpg-plugin
cd vault-gpg-plugin
go build -o gpg-plugin main.go 
vault server -dev -dev-root-token-id=root -dev-plugin-dir=./plugin
vault secrets enable -path=gpg gpg-plugin
vault write -force gpg/keys/gpg-key-tf real_name=se_tkabu
vault read -format json gpg/keys/gpg-key-tf | jq -r '.data.public_key' > pubkey
gpg --dearmor pubkey
export TF_VAR_demo_user_gpg_key=$(cat pubkey.gpg | openssl base64)

Apply

t apply -auto-approve

Decrypt

CTEXT=(Encrypted Secret Key from OUTPUT)
vault write gpg/decrypt/gpg-key-tf ciphertext=${CTEXT}

About

Languages

Language:HCL 100.0%