Pull secrets from TeamVault into your BundleWrap repo.
pip install bundlewrap-teamvault
Add this to your ~/.bw_teamvault_secrets.cfg
:
[foocorp]
url = https://teamvault.example.com
username = jdoe
password = potato
Use in your nodes.py
like this (replace ABCDEF with the hash id from the TeamVault URL of the secret you want):
import bwtv as teamvault
nodes = {
"node1": {
'metadata': {
'secret': teamvault.password("ABCDEF", site="foocorp"),
},
},
}
Note: This will insert a proxy object into your metadata, the actual secret is not retrieved until you convert it to a string (e.g. by inserting it in a template or calling str()
explicitly).
© 2016 Torsten Rehn