Hi Friends,
I am about using libvault to read DATABASE_URL and other secrets.
I m going to use Vault.Auth.Kubernetes
I am not sure I am following mix release guide and ConfigProvider
Should I define a module VaultConfigProvider with codes like
def init(vault_config) when is_list(vault_config) do
vault_config
end
def load(config, vault_config) do
# We need to start any app we may depend on.
{:ok, _} = Application.ensure_all_started(:jason)
{:ok, vault} =
Vault.new(
engine: Vault.Engine.KVV2,
auth: Vault.Auth.Kubernetes,
http: Vault.HTTP.Tesla,
host: host
)
|> Vault.auth(%{role: role, jwt: jwt})
{:ok,
%{
"SECRET_KEY_BASE" => "..",
"DATABASE_URL" => "ecto://dbhost:5432/.."
} = json} = Vault.read(vault, "myapp/env")
Config.Reader.merge(
config,
my_app: [
some_value: json["DATABASE_URL"],
another_value: json["DATABASE_URL"],
]
)
and then remove all lines that get system env from releases.exs?
Is there the easiest way to get the vault secrets?
Where is the best place to define vault_config_provider.ex?






















