The Go library
The vault-sdk repository contains several Go packages for interacting with Vault, these packages are organized into the sdk Go module, which can be pulled in with go get github.com/bank-vaults/vault-sdk/ and is versioned by the vX.Y.Z Git tags:
-
auth: Stores JWT bearer tokens in Vault.
Note: The Gin handler is available at gin-utilz
-
vault: A wrapper for the official Vault client with automatic token renewal, and Kubernetes support.
-
db: A helper for creating database source strings (MySQL/PostgreSQL) with database credentials dynamically based on configured Vault roles (instead of
username:password).
-
tls: A simple package to generate self-signed TLS certificates. Useful for bootstrapping situations, when you can’t use Vault’s PKI secret engine.
Examples for using the library part
Some examples are in cmd/examples/main.go of the vault-operator repository.
- Vault client example
- Dynamic secrets for MySQL example with Gorm
- JWTAuth tokens example with a Gin middleware