Skip to content

hashicorp/vault-plugin-auth-oci

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
.github
.github
 
 
cmd/vault-plugin-auth-oci
cmd/vault-plugin-auth-oci
 
 
scripts
scripts
 
 
tests/terraform
tests/terraform
 
 
.gitignore
.gitignore
 
 
.go-version
.go-version
 
 
CHANGELOG.md
CHANGELOG.md
 
 
CODEOWNERS
CODEOWNERS
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
authenticate_client_details.go
authenticate_client_details.go
 
 
authenticate_client_request_response.go
authenticate_client_request_response.go
 
 
authenticate_client_result.go
authenticate_client_result.go
 
 
authentication_client.go
authentication_client.go
 
 
backend.go
backend.go
 
 
backend_test.go
backend_test.go
 
 
cli.go
cli.go
 
 
filter_group_membership_details.go
filter_group_membership_details.go
 
 
filter_group_membership_request_response.go
filter_group_membership_request_response.go
 
 
filter_group_membership_result.go
filter_group_membership_result.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
internal_claims.go
internal_claims.go
 
 
oci_client.go
oci_client.go
 
 
path_config.go
path_config.go
 
 
path_config_test.go
path_config_test.go
 
 
path_login.go
path_login.go
 
 
path_login_test.go
path_login_test.go
 
 
path_role.go
path_role.go
 
 
path_role_test.go
path_role_test.go
 
 
principal.go
principal.go
 
 
slice_helper.go
slice_helper.go
 
 

Repository files navigation

Vault Plugin Auth OCI

Vault auth plugin for Oracle Cloud Infrastructure.

Acceptance tests

The acceptance tests can only be run from an OCI instance.

If you are running this code on an OCI instance, you can run them directly with make testacc. You will need to set the following environtment variables:

  • HOME_TENANCY_ID to the tenancy you are running under (or your root tenancy ID)
  • ROLE_OCID_LIST to a comma-separated list of group OCIDs to at least two groups. At least one should be a dynamic group that contains the instance, and another should be an identity group that contains your user.

For example:

make testacc HOME_TENANCY_ID=ocid1.tenancy.oc1..aaaaaaaasomecharacter ROLE_OCID_LIST=ocid1.group.oc1..aaaaaaaasomecharacters OCI_GO_SDK_DEBUG=info VAULT_LOG_LEVEL=debug

Terraform

You can run the acceptance tests with terraform as well.

You will need an OCI account.

You need to generate and download a private key in your account settings. This should give you a private key file, the fingerprint, your tenancy OCID, and your user OCID.

Using those, you can run the acceptance tests via:

cd tests/terraform
# download your private key to this directory
terraform init
terraform apply \
  -var "fingerprint=YOURFINGERPRINT" \
  -var "tenancy_ocid=YOUR_TENANCY_OCID" \
  -var "user_ocid=YOUR_USER_OCID" \
  -var "private_key_path=YOUR_PRIVATE_KEY" \
  -var "region=YOUR_REGION"

This downloads the current main branch from GitHub and runs the tests on an OCI instance. It takes about 5 minutes.

Don't forget to destroy the resources when you are done:

terraform destroy \
  -var "fingerprint=YOURFINGERPRINT" \
  -var "tenancy_ocid=YOUR_TENANCY_OCID" \
  -var "user_ocid=YOUR_USER_OCID" \
  -var "private_key_path=YOUR_PRIVATE_KEY" \
  -var "region=YOUR_REGION"

About

OCI auth plugin for Vault

Resources

Readme

License

MPL-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

16 stars

Watchers

33 watching

Forks

14 forks
Report repository

Releases 2

v0.17.0 Latest
Sep 6, 2024
+ 1 release

Packages

No packages published

Used by 402

  • @upbound
  • @gsoft-inc
  • @flashbots
  • @X-Margin-Inc
  • @SFarageNIS
  • @fork-the-planet
  • @offsoc
+ 394

Contributors 17
+ 3 contributors

Languages