forked from tellerops/teller
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path.teller.example.yml
141 lines (124 loc) · 4.22 KB
/
.teller.example.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
project: billing_development
# carry owner process environment into child's env:
# carry_env: true
opts:
region: env:AWS_REGION
stage: development
confirm: Are you sure you want to run for {{stage}}?
providers:
dotenv:
env_sync:
path: ~/my-dot-env.env
env:
FOO_BAR:
path: ~/my-dot-env.env
redact_with: "**FOOBAR**" # optional
# # requires an API key in: HEROKU_API_KEY (you can fetch from ~/.netrc)
# heroku:
# env_sync:
# path: drakula-app
# # env:
# # JVM_OPTS:
# # path: drakula-app
# hashicorp_vault:
# # configures client from environment:
# # https://github.com/hashicorp/vault/blob/api/v1.0.4/api/client.go#L28
# env_sync: # this grabs all the mapping from the keystore itself, JSON format.
# path: secret/data/{{stage}}/billing/web/env
# env: # yaml/json spec: map[string]KeyPath
# SMTP_PASS:
# path: secret/data/{{stage}}/wordpress
# field: smtp
# aws_secretsmanager:
# # configures client from environment:
# # https://docs.aws.amazon.com/sdk-for-go/api/service/secretsmanager/#SecretsManager.GetSecretValue
# env_sync:
# path: {{stage}}/billing/web/env
# env:
# MG_KEY:
# path: {{stage}}/billing/mg_key
# aws_ssm:
# # configures client from environment:
# # https://docs.aws.amazon.com/sdk-for-go/api/service/secretsmanager/#SecretsManager.GetSecretValue
# env:
# FOO_BAR:
# path: /{{stage}}/billing
# decrypt: true
# google_secretmanager:
# # configures client from environment:
# # GOOGLE_APPLICATION_CREDENTIALS=client-credentials.json
# # https://cloud.google.com/secret-manager/docs/reference/libraries#setting_up_authentication
# env:
# MG_KEY:
# # need to supply the relevant version (versions/1)
# path: projects/xx84744xxxxx/secrets/MG_KEY/versions/1
# etcd:
# # configures client from environment:
# # ETCDCTL_ENDPOINTS
# # tls:
# # ETCDCTL_CA_FILE
# # ETCDCTL_CERT_FILE
# # ETCDCTL_KEY_FILE
# env_sync:
# # when full sync, takes last segment as the var name
# path: /{{stage}}/billing
# env:
# MG_KEY:
# path: /{{stage}}/billing/mg
# consul:
# # configures client from environment:
# # CONSUL_HTTP_ADDR
# env_sync:
# path: redis/config
# env:
# SAVE_TIME:
# # need to supply the relevant version (versions/1)
# path: redis/config/savetime
# cyberark_conjur:
# # configures client from environment:
# # CONJUR_AUTHN_LOGIN
# # CONJUR_AUTHN_API_KEY
# # also, configures client from file:
# # FILENAME: ~/.conjurrc
# # appliance_url: https://conjur.cyberark.com
# # account: cyberarkdemo
# # cert_file: /root/conjur-cyberarkdemo.pem
# env:
# DB_USERNAME:
# path: secrets/database/username
# DB_PASSWORD:
# path: secrets/database/passwords
# 1password:
# env_sync:
# path: # Key title
# source: # 1Password token gen include access to multiple vault. to get the secrets you must add and vaultUUID. the field is mandatory
# env:
# FOO_BAR:
# path: # Key title
# source: # 1Password token gen include access to multiple vault. to get the secrets you must add and vaultUUID. the field is mandatory
# field: # The secret field to get. notesPlain, {label key}, password etc.
# lastpass:
# # Configure via environment variables:
# # LASTPASS_USERNAME
# # LASTPASS_PASSWORD
# env_sync:
# path: # LastPass item ID
# env:
# FOO_BAR:
# path: # LastPass item ID
# #field: by default taking password property. in case you want other property un-mark this line and set the LastPass property name
# # Configure via environment variables for integration:
# # CLOUDFLARE_API_KEY: Your Cloudflare api key.
# # CLOUDFLARE_API_EMAIL: Your email associated with the api key.
# # CLOUDFLARE_ACCOUNT_ID: Your account ID.
#
# cloudflare_workers_secrets:
# env_sync:
# source: script-id
# env:
# foo-secret:
# path: foo-secret
# source: script-id
# foo-secret2:
# path: foo-secret
# source: script-id