Skip to content
This repository has been archived by the owner on Jul 14, 2020. It is now read-only.
/ summon-file Public archive

[DEPRECATED] - A file provider for Summon

License

Notifications You must be signed in to change notification settings

cyberark/summon-file

Repository files navigation

summon-file

File provider for Summon.

Download the latest release and extract it to the directory /usr/local/lib/summon.

Usage in isolation

Give summon-file a variable identifier (file path) and it will fetch it for you and print the value to stdout.

$ summon-file path/to/access_key_id
8h9psadf89sdahfp98

Usage as a provider for Summon

Summon is a command-line tool that reads a file in secrets.yml format and injects secrets as environment variables into any process. Once the process exits, the secrets are gone.

Example

As an example let's use the env command:

Following installation, define your keys in a secrets.yml file

AWS_ACCESS_KEY_ID: !var path/to/aws/iam/user/robot/access_key_id
AWS_SECRET_ACCESS_KEY: !var path/to/aws/iam/user/robot/secret_access_key

By default, summon will look for secrets.yml in the directory it is called from and export the secret values to the environment of the command it wraps.

Wrap the env in summon:

$ summon --provider summon-file env
...
AWS_ACCESS_KEY_ID=xxxxxxxxxxxxxxxxxxxx
AWS_SECRET_ACCESS_KEY=yyyyyyyyyyyyyyyy
...

summon resolves the entries in secrets.yml with the file provider and makes the secret values available to the environment of the command env.