Vault plugin (#47)

* Vault plugin

* Vault plugin

* Vault plugin

* Vault plugin

* Vault plugin

* Vault plugin

Author: alexaladov-codefresh

README.md

@@ -23,4 +23,5 @@ See each plugin readme for more info and usage instructions.
 | [Import Docker Images](plugins/import-docker-images/README.md) | Import Docker images metadata into Codefresh| `docker` `codefresh`|
 | [Google KMS](plugins/google-kms/README.md) | Encryption/Decryption with Google KMS| `KMS` `codefresh`|
 | [Github Release](plugins/github-release/README.md) | Managing GitHub releases | `github` `release`|
-| [Google GKE](plugins/gke/README.md) | GKE Clusters | `GKE` `codefresh`|
+| [Google GKE](plugins/gke/README.md) | GKE Clusters | `GKE` `codefresh`|
+| [Vault](plugins/vault/README.md) | Export Vault Key/Value pairs as ENV variables | `Vault` `codefresh`|

plugins/vault/README.md

@@ -0,0 +1,51 @@
+# cf-vault-plugin
+
+Use Codefresh [Vault](https://www.vaultproject.io) plugin to make key-value pairs stored in a vault available as environment variables for further steps.
+
+NOTE: this plugin currently supports token authentication and Key/Value secrets engine only.
+
+
+## Usage
+
+Set required and optional environment variables and add the following step to your Codefresh pipeline:
+
+Example Variables:
+
+The example below will authenticate to vault server `https://vault.testdomain.io:8200` using token `s.4wtaMJuZ7dv0c4XuRaasLUOG` and export all secrets found in path `secret/codefreshsecret` as ENV variables available for further steps.
+
+```text
+VAULT_ADDR=https://vault.testdomain.io:8200
+VAULT_PATH=secret/codefreshsecret
+VAULT_AUTH_TOKEN=s.4wtaMJuZ7dv0c4XuRaasLUOG
+```
+
+
+```yaml
+---
+version: '1.0'
+
+steps:
+
+  ...
+
+  Vault_to_Env:
+    title: Importing vault values
+    image: 'codefresh/cf-vault-plugin'
+    environment:
+      - VAULT_ADDR=${{VAULT_ADDR}}
+      - VAULT_PATH=${{VAULT_PATH}}
+      - VAULT_AUTH_TOKEN=${{VAULT_AUTH_TOKEN}}
+
+  ...
+
+```
+
+## Environment Variables
+
+| Variables      | Required | Default | Description                                                                             |
+|----------------|----------|---------|-----------------------------------------------------------------------------------------|
+| VAULT_ADDR     | YES      |         | Vault server URI                                                                         |
+| VAULT_PATH   | YES      |         | Path to secrets in vault                                                                       |
+| VAULT_AUTH_TOKEN   | YES      |         | Vault authentication token                            |
+| VAULT_CLIENT_CERT_BASE64      | NO       |         | Base64 encoded client cerificate                                                             |
+| VAULT_CLIENT_KEY_BASE64  | NO       |         | Base64 encoded client key                                                          

plugins/vault/plugin.yaml

@@ -0,0 +1,27 @@
+image: codefresh/cf-vault-plugin
+tag: latest
+version: 0.1.0
+description: The plugin exports KV pairs from Hashicorp Vault to Codefresh pipeline ENV variables
+keywords:
+  - vault
+  - hashicorp
+home: https://github.com/codefresh-io/cf-vault-plugin
+sources:
+  - https://github.com/codefresh-io/cf-vault-plugin
+maintainers: # (optional)
+  - name: Alexander Aladov
+    email: a.aladov@codefresh.io
+envs:
+  - name: VAULT_ADDR 
+    type: required
+    description: "Vault server URI. Example: https://vault.testdomain.io:8200"
+  - name: VAULT_PATH
+    type: required
+    description: "Path to secrets in vault. Example: secret/codefreshsecret"
+  - name: VAULT_AUTH_TOKEN
+    type: required
+    description: "Vault authentication token"
+  - name: VAULT_CLIENT_CERT_BASE64
+    description: "Base64 encoded client cerificate"
+  - name: VAULT_CLIENT_KEY_BASE64
+    description: "Base64 encoded client key"