docker plugin use vault as secret provider.

Last update: Aug 12, 2022

Comments: 0

docker plugin vault

docker secret plugin for vault provider

how to build docker plugin

rm -fr plugin/rootfs/.dockerenv plugin/rootfs/*

docker build --pull --tag rootfsimage .
id=$(docker create rootfsimage true)
mkdir -p plugin/rootfs/
docker export "$id" | tar -x -C plugin/rootfs/
docker rm -vf "$id"
docker plugin create canuxcheng/docker-plugin-vault ./plugin

docker plugin disable canuxcheng/docker-plugin-vault
docker plugin rm canuxcheng/docker-plugin-vault

share vault token to plugin

create service and token secret

echo -n <token> | docker secret create vault-token-secret -
docker service create --mode global --constraint 'node.role == manager' --name vault-token-service --secret vault-token-secret --restart-condition on-failure busybox tail -f /dev/null

Owner

Canux

Software Engineer Go/Python/JS/Linux

https://github.com/crazy-canux/docker-plugin-vault

Similar Resources

`age-plugin-yubikey` implementation, encrypt things with a Yubikey/any PIV card

This is an age plugin for PIV cards/Yubikey. Your secret is kept safe on the tamperproof hardware, while letting you use the age command-line.

Aug 10, 2022

An easy-to-use XChaCha20-encryption wrapper for io.ReadWriteCloser (even lossy UDP) using ECDH key exchange algorithm, ED25519 signatures and Blake3+Poly1305 checksums/message-authentication for Go (golang). Also a multiplexer.

Quick start Prepare keys (on both sides): [ -f ~/.ssh/id_ed25519 ] && [ -f ~/.ssh/id_ed25519.pub ] || ssh-keygen -t ed25519 scp ~/.ssh/id_ed25519.pub

Dec 30, 2022

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Jan 9, 2023

Use golang to reproduce the basic blockchain

Blockchain_with_Go Use golang to reproduce the basic blockchain Update Panel V0.1 No transactions but noly blocks are allowed. V0.5 Transactions are n

Dec 30, 2022

Easy to use encryption library for Go

encryptedbox EncryptedBox is an easy to use module for Go that can encrypt or sign any type of data. It is especially useful when you must serialize y

Jul 20, 2022

Use the HashPassword function to generate a hashed value for the provided password

hasher Use the 'HashPassword' function to generate a hashed value for the provided password. h, err := hasher.HashPassword("password") // h == XohImNo

Nov 1, 2021

A golang library to use aes encrypt easier.

Aes a golang library to use aes encrypt easier. Install go get github.com/hanson/aes Document import import github.com/hanson/aes CBC orig := "hello

Dec 8, 2022

A Console Application Use Pancakeswap To Swap Token

Pancakeswap Console A Pancakeswap Application Why It is a pity that some areas do not have access to the functions of PancakeSwap. I developed this to

Dec 30, 2021

Shows how to use OpenCL with Go bindings.

Golang OpenCL example This is a tiny "hello world"-like application that shows how to use the github.com/jgillich/go-opencl OpenCL bindings for Go. Se

Nov 20, 2022

Related tags

Cryptography docker-plugin-vault

This plugin enhances Hashicorp Vault Service with cryptographic operations to create, import and sign using different type of keypairs and Ethereum wallets, including signing operation for public ethereum transaction, EEA and Quorum

Quorum Hashicorp Vault plugin The Quorum plugin enhances Hashicorp Vault Service with cryptographic operations under Vault engine, such as: Create and

Jan 7, 2023

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP

sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. (demo)