This repository contains the code for a basic Golang application that retrieves secrets from Hashicorp Vault
-
Clone this repository by running the command
git clone https://github.com/utibeabasi6/vault-demo
-
Install Hashicorp Vault in your Kubernetes cluster by following the instructions here
-
Set 2 secrets in vault -
username
andpassword
, with their respective values. This repository assumes you are using the default postgres username ofpostgres
and a password ofadmin
. If your configuration is different, make sure to update thepostgres_password
key in the secrets.yaml file found in themanifests
folder. -
Update the
vault_token
key in the secrets.yaml file as well to the token you used when setting up vault.
Note that all values in secrets.yaml are base64 encoded. Use the command
echo <value> | base64
to encode a value.
-
Run the command
make
to apply all resources in your cluster and runkubectl get pods
periodically untill all pods are in the running state. -
Finally, run the command
kubectl port-forward svc/vaultapp 3000:3000
and visithttp://localhost:3000
in your browser to see the application.