Different way of `-f export`
Closed this issue · 2 comments
Just an idea, I'm wondering if there could be a different to generate the exported variable based on the vault secret path+name, or on some other key-value in the secret, instead of using the "key" of the secret as the exported variable name?
For example:
├── dev
│ └── token
│ └── value=************
│
├── prd
│ ├── token
│ │ └── value=************
│ │
│ └── key
│ └── value=************
├── os
│ └── value=************
│
└── test
└── value=************
Running -f export will only result in one (non-deterministic) export value=... being printed because all of the secrets are in the format of value=foo/bar/etc.
I'm imagining something like -f export-flatten --field=value that instead creates exports based on the flattened secret path+name, so it would generate something like:
export dev_token=...
export prd_token=...
export prd_key=...
export os=...
export test=...and -f export-name --field=value that instead creates exports based on thesecret name:
export token=...
export key=...
export os=...
export test=...Tried using template but couldn't get the recursion to work properly.
Alternatively, a way to generate exports based on a meta-kv in the secret itself:
kv put engine/kv/dev/token value=abc _vkv_export=my_tokenWhich when exported with-f export gets transformed into
export my_token=abc
Neat idea, will look into that!