github.com/upcmd/up@v0.8.1-0.20230108151705-ad8b797bf04f/tests/functests/c0202.yml (about) 1 doc_meta: | 2 folder: security 3 title: encrypteAesWithVault template func to retrieve and encrypt 4 head: | 5 Add a template func encrypteAesWithVault to retrieve the encryption key stored in vault and encypt based on the key 6 7 sections: 8 - title: Demo 9 log: yes 10 11 scopes: 12 13 - name: nonprod 14 members: 15 - dev 16 dvars: 17 - name: enc_key 18 value: my_enc_key 19 flags: 20 - secret 21 22 tasks: 23 - 24 name: task 25 task: 26 - 27 func: cmd 28 dvars: 29 30 - name: value_encrypted 31 desc: | 32 encrypteAesWithVault will use the encryption key named enc_key stored in vault to encrypt 33 it falls back to the normal cached store to get the enc_key if it does not exist 34 value: '{{ "ENV_AAA" | encrypteAesWithVault "enc_key" }}' 35 flags: 36 - vvvv 37 - taskScope 38 39 - name: ENV_AAA 40 value: '{{.value_encrypted}}' 41 flags: 42 - secure 43 44 do: 45 - name: print 46 cmd: | 47 var: {{.ENV_AAA}} 48 decrypted secure var: {{.secure_ENV_AAA}} 49 - 50 name: inspect 51 desc: the vars in caller after invoking module task 52 cmd: 53 - exec_vars 54 - exec_base_vars 55 - exec_base_env_vars_configured 56 - exec_env_vars_configured 57 - debug_vars