Skip to content

Sasano63/vault-k8s-demo-python-mysql-webapp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
app
app
 
 
.gitignore
.gitignore
 
 
00_1_variables.sh
00_1_variables.sh
 
 
00_2_gke_cluster_create.sh
00_2_gke_cluster_create.sh
 
 
01_build_webapp_container.sh
01_build_webapp_container.sh
 
 
02_start_mysql.sh
02_start_mysql.sh
 
 
03_start_webapp_without_vault.sh
03_start_webapp_without_vault.sh
 
 
04_stop_webapp.sh
04_stop_webapp.sh
 
 
05_start_vault.sh
05_start_vault.sh
 
 
06_apply_vault_license.sh
06_apply_vault_license.sh
 
 
07_create_namespace.sh
07_create_namespace.sh
 
 
08_create_service_acc.sh
08_create_service_acc.sh
 
 
09_configure_k8s_auth_method.sh
09_configure_k8s_auth_method.sh
 
 
10_database_setup.sh
10_database_setup.sh
 
 
11_transit_setup.sh
11_transit_setup.sh
 
 
12_transform_ssn_setup.sh
12_transform_ssn_setup.sh
 
 
13_transform_ccn_setup.sh
13_transform_ccn_setup.sh
 
 
14_start_webapp_with_vault.sh
14_start_webapp_with_vault.sh
 
 
15_destroy.sh
15_destroy.sh
 
 
CRB-vault-auth-service-account.yaml
CRB-vault-auth-service-account.yaml
 
 
README.md
README.md
 
 
configmap.yaml
configmap.yaml
 
 
vault-helm-values.yaml
vault-helm-values.yaml
 
 
webapp-policy.hcl
webapp-policy.hcl
 
 
webapp.yaml
webapp.yaml
 
 
webapp_with_vault.yaml
webapp_with_vault.yaml
 
 

Repository files navigation

vault-k8s-demo-python-mysql-webapp

This repo is based on https://github.com/kaparora/vault-k8s-demo-python-mysql-webapp an includes some minor updates

This is a bunch of shell scripts to test HashiCorp Vault K8S integration including secret injection. We use the k8s auth method, mysql db secret engine, dynamic secrets, transit and transform secret engine

This has been tested on my Macbook with Docker desktop k8s and GKE. All services are exposed using NodePort

In case you are using a remote k8s cluster you may need to make changes and update the VAULT_ADDR parameter to run the scripts locally

This demo works with Vault enterprise as we are using the transform secret engine. You must place the enterprise license in a license.hclic file

About

based on https://github.com/kaparora/vault-k8s-demo-python-mysql-webapp

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages