config-vault-source 0.2.4

A async Vault source for config crate
Documentation

config-vault-source

An extension for the config crate that allows loading configurations from HashiCorp Vault.

Features

  • Integration with the config crate through a custom VaultSource
  • Support for HashiCorp Vault's KV1 & KV2 engine
  • Secure loading of secrets through Vault's REST API

Installation

Add the dependency to your Cargo.toml:

[dependencies]
config-vault-source = {version = "0.1.0", features = ["async"]}
config = { version = "0.15.18", features = ["async"] }

Or, to use sync API

[dependencies]
config-vault-source = {version = "0.1.0"}
config = { version = "0.15.18" }

Basic usage

#[derive(serde::Deserialize, Debug)]
pub struct Settings {
    pub environment: String,
    pub nats_url: String,
}

pub async fn get_configuration_async() -> Result<Settings, config::ConfigError> {
    let vault_async_source = VaultSource::builder()
        .address(std::env::var("VAULT_ADDR").unwrap_or("http://0.0.0.0:8200".into()))
        .token(std::env::var("VAULT_TOKEN").unwrap_or("root".into()))
        .mount(std::env::var("VAULT_MOUNT").unwrap_or("secret".into()))
        .path(std::env::var("VAULT_PATH").unwrap_or("dev".into()))
        .build()?;

    let settings = config::Config::builder()
        .add_source(config::File::with_name("config"))
        .add_async_source(vault_async_source)
        .build()
        .await?;

    settings.try_deserialize()
}

Documentation

For more information, check the complete documentation.

Requirements

An accessible HashiCorp Vault server (or compatible, e.g., RustyVault)

License

This project is licensed under the MIT License – see the LICENSE file for details.