54 lines
1.2 KiB
Go
54 lines
1.2 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"log"
|
|
"time"
|
|
|
|
"github.com/hashicorp/vault-client-go"
|
|
"github.com/hashicorp/vault-client-go/schema"
|
|
)
|
|
|
|
// vault cmd args: >vault server -dev -dev-root-token-id="my-token"
|
|
|
|
func main() {
|
|
ctx := context.Background()
|
|
|
|
// prepare a client with the given base address
|
|
client, err := vault.New(
|
|
vault.WithAddress("http://localhost:8200"),
|
|
vault.WithRequestTimeout(30*time.Second),
|
|
)
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
log.Println("client prepared")
|
|
|
|
// authenticate with a root token (insecure)
|
|
if err := client.SetToken("my-token"); err != nil {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
// FIRST TEST
|
|
// write a secret
|
|
_, err = client.Secrets.KvV2Write(ctx, "foo", schema.KvV2WriteRequest{
|
|
Data: map[string]any{
|
|
"password1": "abc123",
|
|
"password2": "correct horse battery staple",
|
|
}},
|
|
vault.WithMountPath("kw_mount_path"),
|
|
)
|
|
if err != nil {
|
|
log.Fatal("kv2: Failed to write secret:\n\t", err)
|
|
} else {
|
|
log.Println("kv2: Secret written (apparently)")
|
|
}
|
|
|
|
// read the secret
|
|
s, err := client.Secrets.KvV2Read(ctx, "foo", vault.WithMountPath("secret"))
|
|
if err != nil {
|
|
log.Fatal(err)
|
|
} else {
|
|
log.Println("secret retrieved:", s.Data.Data)
|
|
}
|
|
}
|