Vault-HOA

HOA short for: Higher Order Application

Github Repo

Tip

with Go

If you have go installed, you can just do

go install github.com/cryptvault-cloud/vault-hoa@latest

with Docker

You can also simply use the HOA via the Docker image. Or in a Docker image as a wrapper application.

How to use with docker

HigherOrderApplication is a simple and secure way to get the secrets into the end applications.

It is a wrapper application that is placed around the actual application and loads all secrets readable from given identity into the environment variables.

Finally, the Vault HOA is set with two configurations:

• VAULT_IDENTITY_KEY => Private key of the identity to allow access to secrets
• VAULT_ID => the ID of the vault to be used

These should be determined by environmental variables.

All loaded secrets are made available as environment variables only to the application.

And startet with: VAULT_VALUES_

Tip

To view all related secret keys, you can run

vault-hoa keys

These can be renamed using a mapping table (default file is vault.env).

VAULT_VALUES_NAME_OF_SECRET=YOUR_NEW_ENV_NAME
...

By renaming the environment variables, the Vault can be wrapped around any application.

Even standard applications like databases.

vault-hoa you_application

Tip

For testing you can use env as target program. So you can see directly extended environments

vault-hoa env