support VAULT_NAMESPACE (#5)

FalcoSuessgott · Dec 14, 2021 · 93ae579 · 93ae579
1 parent 029737d
commit 93ae579
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/README.md b/README.md
@@ -13,13 +13,19 @@ Find the corresponding binaries, `.rpm` and `.deb` packages in the [release](htt
 # Authentication
 `vkv` supports token based authentication. It is clear that you can only see the secrets that are allowed by your token policy.
 
+## Required Environment Variables
 In order to authenticate to a Vault instance you have to export `VAULT_ADDR` and `VAULT_TOKEN`.
 
 ```bash
 VAULT_ADDR="http://127.0.0.1:8200" VAULT_TOKEN="root" vkv
 ```
 
-Furthermore you can export `VAULT_SKIP_VERIFY` for insecure HTTPS connection. Also `vkv` respects `HTTP_PROXY` and `HTTPS_PROXY` environment variables.
+## Optional  Environment Variables
+Furthermore you can export:
+
+* `VAULT_NAMESPACE` for namespace login
+* `VAULT_SKIP_VERIFY` for insecure HTTPS connection
+* `HTTP_PROXY` and `HTTPS_PROXY` for proxy connections.
 
 # Usage
 ```bash

diff --git a/pkg/vault/vault.go b/pkg/vault/vault.go
@@ -62,9 +62,15 @@ func NewClient() (*Vault, error) {
 
 	c.SetToken(vaultToken)
 
+	vaultNamespace, ok := os.LookupEnv("VAULT_NAMESPACE")
+	if ok {
+		c.SetNamespace(vaultNamespace)
+	}
+
 	return &Vault{Client: c, Secrets: make(map[string]interface{})}, nil
 }
 
+// ListRecursive returns secrets to a path recursive.
 func (v *Vault) ListRecursive(rootPath, subPath string) error {
 	keys, err := v.ListSecrets(rootPath, subPath)
 	if err != nil {