Vaku is a CLI and Go API that add useful functions on top of Hashicorp Vault.
The easiest way to install the vaku CLI is with [homebrew][]
brew install lingrino/tap/vakuAlternatively, use go get to install the latest version of the API and CLI. This command will
install the vaku executable and the latest version of the Vault API.
go get -u github.com/lingrino/vakuNext, import vaku in your project like so:
import "github.com/lingrino/vaku/vaku"The Vaku CLI provides many of the API functions on the command line. You can use it to copy, move, search, and more on Vault folders or paths. Unlike the Vaku API, the CLI does not provide write or update commands because of the highly structured data that it expects as input.
Vaku CLI documentation is best read on the command line using either vaku help [cmd] or vaku [cmd] --help.
Full documentation generated by cobra is also available in the docs folder
$ vaku --help
Vaku CLI extends the official Vault CLI with useful high-level functions
The Vaku CLI is intended to be used side by side with the official Vault CLI,
and only provides functions to extend the existing functionality. Many of the 'vaku path'
functions are very similar (or even less featured) than the vault CLI equivalent. However
vaku works on both v1 and v2 secret mounts, and can even copy/move secrets between them.
Vaku does not log you in to vault or help you with getting a token. Like the CLI,
it will look for a token first at the VAULT_TOKEN env var and then in ~/.vault-token
Built by Sean Lingren <sean@lingrino.com>
CLI documentation is available using 'vaku help [cmd]'
API documentation is available at https://godoc.org/github.com/lingrino/vaku/vaku
Usage:
vaku [command]
Available Commands:
folder Contains all vaku folder functions, does nothing on its own
help Help about any command
path Contains all vaku path functions, does nothing on its own
version Returns the current Vaku CLI and API versions
Flags:
-o, --format string The output format to use. One of: "json", "text" (default "json")
-h, --help help for vaku
Use "vaku [command] --help" for more information about a command.The Vaku API provides a simple interface for interfacing with both versions of the Vault Key/Value backend. In
addition, the API adds path and folder level functions not fouund in the official vault API such as FolderCopy(),
FolderSearch(), and FolderWrite.
The API is well documented and can be read on godoc. Please use the godoc documentation for all reference and example information.
Suggestions and contributions of all kinds are welcome! If there is functionality you would like to see in Vaku please open an issue or pull request and I will be sure to address it.
- Path List
- Path Read
- Path Write (API only)
- Path Delete
- Path Destroy (v2 mounts only)
- Path Copy
- Path Move
- Path Update (API only)
- Path Search
- Folder List
- Folder Read
- Folder Write (API only)
- Folder Delete
- Folder Destroy (v2 mounts only)
- Folder Copy
- Folder Move
- Folder Search
- Folder Map (CLI Only)
Here is a list of all known and planned work.
- CLI tests
- CLI support for concurrency flag
- Path/Folder
difffunction - Add timeouts to background workers
- Make background workers more generic
Tests are meant to be run side by side with a real Vault server docker image. This
creates an external dependency for the tests but makes it much simpler to test different
Vault versions and key/value mounts. With docker and docker-compose installed tests
can be run with a simple make test. CircleCI will also build all commits and report
status on all PRs.