gcp-vault
gcp-vault copied to clipboard
nytimes
A client for securely retrieving secrets from Vault in Google Cloud infrastructure
since most (if not all?) gcp services are now being run within infrastructure that has a colocated metadata server, there are two things that can change here that make this...
Hashicorp suggests [starting with their HTTP client](https://github.com/hashicorp/vault/blob/api/v1.0.3/api/client.go#L69-L74) and building on top of it -- I came across this when auditing to make sure all our calls in our services have...
Reusing the base transport can have unintended side effects, for example when setting `VAULT_CACERT` requests to the IAM API break as the cert store is modified. Closes #24
With this change the vault client is cached between `Get` and `Put` calls and avoids logging into vault every time. We use this library to read a (growing) number of...
Currently when connecting to the IAM API this library [reuses the transport](https://github.com/nytimes/gcp-vault/blob/master/gcpvault.go#L253) from the already initialized HTTP client. Is there a reason for this? This breaks connecting to the IAM...
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.169.0 to 0.170.0. Release notes Sourced from google.golang.org/api's releases. v0.170.0 0.170.0 (2024-03-14) Features all: Auto-regenerate discovery clients (#2458) (fb2b816) all: Auto-regenerate discovery clients (#2460) (dc4811a) all: Auto-regenerate...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [github.com/hashicorp/vault/api](https://github.com/hashicorp/vault) from 1.12.0 to 1.12.1. Release notes Sourced from github.com/hashicorp/vault/api's releases. v1.12.1 1.12.1 November 2, 2022 IMPROVEMENTS: api: Support VAULT_DISABLE_REDIRECTS environment variable (and --disable-redirects flag) to disable default client...
Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...