node-vault

![Build Status](https://github.com/nodevault/node-vault/actions?query=branch%3Amaster)
![Coverage Status](https://app.codecov.io/gh/nodevault/node-vault/tree/master)
![Download Status](https://www.npmjs.com/package/node-vault)
![test](https://www.npmjs.com/package/node-vault)
![Dependency Status](https://libraries.io/npm/node-vault/)
![Open Collective backers and sponsors](https://opencollective.com/node-vault/contribute)

A client for the HTTP API of HashiCorp's [Vault] written for Node.js.

Install

Prerequisites:
- NodeJS >= 16.0.0

``bash npm install -S node-vault`

> The year is 2023; If, for whatever reason, you need to use an older version of node.js (yet still >= 6.x), use node-vault <= v0.10.0> > Please note thatnode-vault <= v0.10.0 contains multiple vulnerabilities ☠️

`Test`

Run tests using docker-compose (includes vault, postgres and running the tests inside) with:`bash docker-compose up --force-recreate test`

`Usage`

`$3`

`javascript var options = { apiVersion: 'v1', // default endpoint: 'http://127.0.0.1:8200', // default token: 'MY_TOKEN' // optional client token; can be fetched after valid initialization of the server };

// get new instance of the client var vault = require("node-vault")(options);

// init vault server vault.init({ secret_shares: 1, secret_threshold: 1 }) .then( (result) => { var keys = result.keys; // set token for all following requests vault.token = result.root_token; // unseal vault server return vault.unseal({ secret_shares: 1, key: keys[0] }) }) .catch(console.error);`

`$3`

`javascript vault.write('secret/hello', { value: 'world', lease: '1s' }) .then( () => vault.read('secret/hello')) .then( () => vault.delete('secret/hello')) .catch(console.error);`

`$3`

`javascript

//if vault kubernets endpoint is /auth/example-cluster/login and role is example-role //read token from default token mount path const token = await fs.readFileSync('/var/run/secrets/kubernetes.io/serviceaccount/token', { encoding: 'utf8' }); vault.kubernetesLogin({role: 'example-role' , jwt: token, kubernetesPath: 'example-cluster'})`

`Docs`


Just generate [docco] docs via

npm run docs

.

Examples

Please have a look at the [examples] and the generated [feature list] to see what is already implemented.
Instead of installing all the dependencies like vault itself, postgres and other stuff you can
use [docker] and [docker-compose] to link and run multiple docker containers with all of its dependencies.

`bash git clone git@github.com:nodevault/node-vault.git cd node-vault docker-compose up vault`

Now you can run the examples from another terminal window.

First of all you should initialize and unseal the vault:`bash node example/init.js`You should seeroot_token: followed by a long key in the response. Please copy that long key and export it as environment variable:`bash export VAULT_TOKEN=`

Now you are able to run all of the other [examples]:`bash node example/policies.js`

`Connecting to vault through a bastion host`

To connect to a vault server in a private network with a bastion host, you'll need to first open a connection:`bash ssh -D bastion.example.com`

`javascript const SocksProxyAgent = require('socks-proxy-agent'); const agent = new SocksProxyAgent(socks://127.0.0.1:${socks4Port}, true); const options = { apiVersion: 'v1', rpOptions: { agent, }, };

const vault = require('node-vault')(options);``

![Backers](https://opencollective.com/node-vault/contribute)

[examples]: https://github.com/nodevault/node-vault/tree/master/example
[docker-compose.yml]: https://github.com/nodevault/node-vault/tree/master/docker-compose.yml
[Vault]: https://vaultproject.io/
[docker-compose]: https://www.docker.com/docker-compose
[docker]: http://docs.docker.com/
[docker toolbox]: https://www.docker.com/toolbox
[docco]: http://jashkenas.github.io/docco
[feature list]: https://github.com/nodevault/node-vault/tree/master/features.md

node-vault

A client for the HTTP API of HashiCorp's [Vault] written for Node.js.

Install

Prerequisites:
- NodeJS >= 16.0.0

``bash npm install -S node-vault`

`Test`

Run tests using docker-compose (includes vault, postgres and running the tests inside) with:`bash docker-compose up --force-recreate test`

`Usage`

`$3`

// get new instance of the client var vault = require("node-vault")(options);

`$3`

`javascript vault.write('secret/hello', { value: 'world', lease: '1s' }) .then( () => vault.read('secret/hello')) .then( () => vault.delete('secret/hello')) .catch(console.error);`

`$3`

`javascript

`Docs`


Just generate [docco] docs via

npm run docs

.

Examples

Please have a look at the [examples] and the generated [feature list] to see what is already implemented.
Instead of installing all the dependencies like vault itself, postgres and other stuff you can
use [docker] and [docker-compose] to link and run multiple docker containers with all of its dependencies.

`bash git clone git@github.com:nodevault/node-vault.git cd node-vault docker-compose up vault`

Now you can run the examples from another terminal window.

Now you are able to run all of the other [examples]:`bash node example/policies.js`

`Connecting to vault through a bastion host`

To connect to a vault server in a private network with a bastion host, you'll need to first open a connection:`bash ssh -D bastion.example.com`

const vault = require('node-vault')(options);``

![Backers](https://opencollective.com/node-vault/contribute)