Welcome to the “Config Sesame” manual!¶
A tool to look up secrets from a vault based on existing shareable configuration.
Introduction¶
The config-sesame
command line tool can be used as part of a continuous deployment pipeline
to provide applications with runtime secrets.
For this purpose, it scans already assembled application configuration (application.yml
)
for references to secrets stored in a “vault”, and writes resolved secrets to an additional file
(secrets.yml
). See Using Config Sesame for more.
Read Overview of Config Sesame to get to know the ideas behind the design of the tool.
Important Links¶
Installing¶
Config Sesame can be installed from PyPI
via pip install config-sesame
as usual,
see releases
on GitHub for an overview of available versions – the project uses
semantic versioning and follows
PEP 440 conventions.
To get a bleeding-edge version from source, use these commands:
repo="1and1/config-sesame"
pip install -r "https://raw.githubusercontent.com/$repo/master/requirements.txt"
pip install -U -e "git+https://github.com/$repo.git#egg=${repo#*/}"
See Installing Config Sesame for detailed setup and configuration instructions.
To add bash completion, read the Click docs about it, or just follow these instructions:
cmdname=config-sesame
mkdir -p ~/.bash_completion.d
( export _$(tr a-z- A-Z_ <<<"$cmdname")_COMPLETE=source ; \
$cmdname >~/.bash_completion.d/$cmdname.sh )
grep /.bash_completion.d/$cmdname.sh ~/.bash_completion >/dev/null \
|| echo >>~/.bash_completion ". ~/.bash_completion.d/$cmdname.sh"
. "/etc/bash_completion"
Contributing¶
To create a working directory for this project, call these commands:
git clone "https://github.com/1and1/config-sesame.git"
cd "config-sesame"
. .env --yes --develop
invoke build --docs test check
Contributing to this project is easy, and reporting an issue or adding to the documentation also improves things for every user. You don’t need to be a developer to contribute. See Contribution Guidelines for more.