Formulas for working with Vault.
Table of Contents
See the full SaltStack Formulas installation and usage instructions.
If you are interested in writing or contributing to formulas, please pay attention to the Writing Formula Section.
If you want to use this formula, please pay attention to the FORMULA file and/or git tag, which contains the currently released version. This formula is versioned according to Semantic Versioning.
See Formula Versioning Section for more details.
Commit message formatting is significant!!
Please see How to contribute for more details.
Install the vault binary
Install and configure the vault server
To use it, just include vault in your top.sls, and configure it using pillars:
vault:
version: 1.1.0
platform: linux_amd64
dev_mode: True
verify_download: True
config:
storage:
file:
path: /var/lib/vault/data
listener:
tcp:
address: "127.0.0.1:8200"
tls_disable: True
tls_cert_file: ""
tls_key_file: ""
default_lease_ttl: 768h
max_lease_ttl: 768hVault v0.10.0 introduces a revamped versioned kv backend (version 2), with a breaking change in the paths used to read/write data. This backend is enabled by default when dev mode is enabled.
The Salt execution modules are not compatible with this new backend, therefore if you intend to access Vault in dev mode using the Salt modules, it's suggested to use an outdated, but compatible version of Vault by setting a pillar value e.g. version: 0.9.6.
Linux testing is done with kitchen-salt.
- Ruby
- Docker
gem install bundler
bundle install
bundle exec kitchen test allCreates the docker instance and runs the template main state, ready for testing.
Runs the inspec tests on the actual instance.
Removes the docker instance.
Runs all of the stages above in one go: i.e. destroy + converge + verify + destroy.
Gives you SSH access to the instance for manual testing.