Module sysbot.plugins.vault

Vault Plugin Module

This module provides integration with HashiCorp Vault for secure secret management. It supports dumping secrets from Vault KV (Key-Value) engines and storing them in the SysBot secret cache for use in test automation.

Classes

class Vault

HashiCorp Vault integration plugin for secure secret management.

This class provides functionality to dump secrets from Vault KV engines and store them in the SysBot secrets cache for use in test automation. Supports both KV v1 and KV v2 engines with automatic version detection.

Ancestors

• ComponentBase

Methods

def dump_engine(self,
token: str,
url: str,
engine_name: str,
key: str = None,
verify_ssl: bool = False) ‑> dict | str

Dump all secrets from a Vault KV engine.

Automatically detects KV engine version (v1 or v2) and recursively retrieves all secrets from the specified engine.

Args

token

Vault authentication token.

url

Vault server URL (e.g., http://localhost:8200).

engine_name

Name of the KV engine to dump.

key

Optional key to store secrets in cache. If provided, returns "Imported", otherwise returns the secrets dict.

verify_ssl

Whether to verify SSL certificates (default: False).

Returns

Dictionary of all secrets if key is None, otherwise returns "Imported" string after storing in cache.

Raises

RuntimeError

If there's an error connecting to Vault or dumping secrets from the engine.