Nikubik
September 14, 2020, 9:56am
1
Hello everyone,
Login with Vault must be done manually (via the CLI command or the UI) ? or can we do it from the app (via request on route) ?
What is the right syntaxe to do so (i use node-vault) ?
I try many variations of this, but can’t find the right one.
vault.request({ path: '/v1/auth/token', method: "PUT", headers: { "X-Vault-Token":"s.DaIjPGO5zQfo432gsCm0aTQV" } })
.then (res => {
console.log('/auth/:token ', res);
})
.catch((err) => {
console.log("\n errrrrrreur token header ");
console.error(err);
});
How do you want your node app to authenticate to Vault?
You’ll need to get a token from one of the auth methods, like approle:
// file: example/auth_approle.js
process.env.DEBUG = 'node-vault'; // switch on debug mode
const vault = require('./../src/index')();
const mountPoint = 'approle';
const roleName = 'test-role';
vault.auths()
.then((result) => {
if (result.hasOwnProperty('approle/')) return undefined;
return vault.enableAuth({
mount_point: mountPoint,
type: 'approle',
description: 'Approle auth',
});
})
.then(() => vault.addApproleRole({ role_name: roleName, policies: 'dev-policy, test-policy' }))
.then(() => Promise.all([vault.getApproleRoleId({ role_name: roleName }),
vault.getApproleRoleSecret({ role_name: roleName })])
This file has been truncated. show original
Node would use the secret/role IDs to auth to Vault and get a token. You can provide that secret/role ID via your build pipeline, variables, a file, etc.
1 Like