If you need a way to list all secrets from your Hashicorp Vault, this is the dirtiest and least fancy.
If you need to search all your secrets for a given string, this is still a pretty ugly way.
The implementation downloads all secrets at a specific path, including children, and then optionally searches them for you.
git clone git@github.com:doramatadora/vault-wrapper.git
cd vault-wrapperThen:
npm installYou'll need your Vault token in an environment variable. Sample .env file:
VAULT_TOKEN=your-vault-token-here
VAULT_URL=https://your.vault.urlTo just return everything at the defined path:
node index.js --path="/v1/secrets"To search for a given string in one of your secrets. This will flatten your objects with dot notation so { one: { two: 'value' } } becomes: { one.two: 'value' }:
node index.js --search="my-secret-string"Exclude paths can be used by setting the VAULT_EXCLUDE arg with a comma separated Express 4.x routes - supports wildcards:
node index.js --exclude="(.*)/shared"With running commentary:
DEBUG=vault-fetch node index.jsWith pretty printed JSON:
node index.js --prettyLimit depth of search:.
VAULT_DEPTH=4 node index.js