[FEAT] Support reading temporary database credentials
Closed this issue · 2 comments
Is your feature request related to a problem? Please describe.
If I understand correctly, this action is limited to KV stores and requires one to specific not only a path but also key to retrieve.
For the database secret engine this creates a problem - here one would want to make a single request against Vault and return both the username and password not just either of them.
It would be great if this action would support extracting all keys of a secret as json when providing *
as a selector
Describe the solution you'd like
secrets: |
postgres/creds/foo * | DB_CREDS;
Results in the following json string to be stored in DB_CREDS
: {"username": "some-temp-username", "password": "some-temp-password"}
Current result
selector gets wrapped into data."*"
which doesn't work.
Describe alternatives you've considered
Writing my own raw get request to Vault
@austingebauer sorry for the direct ping, we have a simple but effective fix ready for this, could you have a look since you last contributed to this repo?
Closing as this should be fixed by #488.
Please feel free to reopen if you feel this was a mistake, or if there is additional information to add. Thanks!