TaskVAULT
class tasks.task_vault.TaskVAULT
Interact with HashiCorp Vault
Inputs
| Name | Type | Default | Description |
|---|---|---|---|
| allow_redirects | bool | False | If set to False do not follow redirects. False by default. |
| cacert | str | None | To attach self-signed certificates (ca = certificate authority, cert = certificate). To access https:// urls, you need to sign your request. Certificates trusted by default by debian jessie will work. |
| connect_timeout | float | None | A timeout for connecting to a peer. Can be disabled by setting to 0 or None |
| data | dict | None | Used with mode upsert and update_metadata |
| engine_path | str | kv | Vault's engine path. |
| host | str | ||
| max_redirects | int | 10 | Maximum number of redirects to follow. 10 by default. |
| mode | str | None | Available modes: read, upsert, delete_last_version, delete_versions, undelete_versions, destroy_versions, list, read_metadata, update_metadata, delete_metadata. These modes are only supported for the key-value engine. |
| path | str | None | DEPRECATED: Path for the secret. Please use secret_path |
| read_timeout | float | None | A timeout for reading a portion of data from a peer. Can be disabled by setting to 0 or None |
| secret_path | str | None | Path for the secret. |
| token | str | ||
| total_timeout | float | None | Total timeout for the whole request. Can be disabled by setting to 0 or None |
| version | int | None | Optional argument for mode read |
| versions | list | None | Optional argument for modes delete_versions, undelete_versions, destroy_versions. If None, all versions are deleted. |
Outputs
| Name | Type | Default | Description |
|---|---|---|---|
| log | list | ||
| result | dict | The response of the vault API. | |
| status_code | int | ||
| execution_id | int | The ID of the task execution | |
| message | str | The ended message for the task. If the task ended with an error, the message will contain information about what went wrong | |
| status | str | The ended status for the task. Either "success" or "error". |
Constants
input_list = ['allow_redirects', 'cacert', 'connect_timeout', 'data', 'engine_path', 'host', 'max_redirects', 'mode', 'path', 'read_timeout', 'secret_path', 'token', 'total_timeout', 'version', 'versions']kwargs = []output_list = ['log', 'result', 'status_code']version = 1Methods
delete_last_version_mode ()
delete_metadata_mode ()
delete_versions_mode ()
destroy_versions_mode ()
list_mode ()
mode_lut ()
read_metadata_mode ()
read_mode ()
run ()
undelete_versions_mode ()
update_metadata_mode ()
upsert_mode ()
Example
import flow_apidef handler(system: flow_api.System, this: flow_api.Execution):# create a secretthis.task('VAULT',host='https://my-vault-host:8200',secret_path='my-secret',data={'secret-key': 'secret-value',},token='my-vault-token',)# read a secretsecret_value = this.task('VAULT',host='https://my-vault-host:8200',secret_path='my-secret',version=None, # read latest versiontoken='my-vault-token',).get('output_value')['result']['data']['data']assert secret_value == {'secret-key': 'secret-value'}# destroy all versions of secretthis.task('VAULT',host='https://my-vault-host:8200',secret_path='my-secret',mode='delete_metadata',token='my-vault-token',)