Demo repository containing the code for authenticating into a HashiCorp Vault cluster from GitHub Actions, get policies based on the environment of the GitHub job (e.g. branch name), and read secrets from Vault.
-
`.github/workflows/
-
jwt-auth-conf.shthat creates and configures a Vault JWT auth method, with two roles,devandmain, withbound_claimsmapping them to allow this repository'sdevandmainbranches respectively to authenticate against them -
dev.policyandmain.policy, containing two policies for thedevandmainauth roles and branches respectively, giving access to different paths