Go Vault

Open-source Go projects categorized as Vault | Edit details

Top 23 Go Vault Projects

  • GitHub repo Vault

    A tool for secrets management, encryption as a service, and privileged access management

    Project mention: Mayday, mayday! I need a scalable infrastructure to migrate on Scaleway Elements! Part 1 - Networking & Security | dev.to | 2021-11-12

    For easier visibility and auditing, central store API keys in a solution like Vault and in a dedicated project.

  • GitHub repo fabio

    Consul Load-Balancing made simple

    Project mention: HashiCorp Consul: What's the catch? | reddit.com/r/devops | 2021-09-04

    HAProxy, Traefik, FabioLB, gobetween, and F5 BIG-IP also support native integrations with Consul for service discovery / service mesh.

  • Nanos

    Run Linux Software Faster and Safer than Linux with Unikernels.

  • GitHub repo chezmoi

    Manage your dotfiles across multiple diverse machines, securely.

    Project mention: Chezmoi: Manage your dotfiles across multiple diverse machines, securely | news.ycombinator.com | 2021-11-21
  • GitHub repo consul-template

    Template rendering, notifier, and supervisor for @HashiCorp Consul and Vault data.

    Project mention: Crate for AES256 - which one to choose? Questions about block cipher modes and AEAD too. | reddit.com/r/rust | 2021-12-03

    I would really suggest avoiding implementing your own stuff and either running Hashicorp Vault or seeing if your hosting provider has some secrets manager service.

  • GitHub repo envconsul

    Launch a subprocess with environment variables using data from @HashiCorp Consul and Vault.

    Project mention: How to Handle Secrets on the Command Line | news.ycombinator.com | 2021-06-13

    You have envchain to store secrets as ENV variables in your keyring and execute commands:


    Not really something you would use for production web apps, I think envconsul covers that usecase:


  • GitHub repo gomplate

    A flexible commandline tool for template rendering. Supports lots of local and remote datasources.

    Project mention: Show HN: Stamp turns a folder into a plain text file and a file into a folder | news.ycombinator.com | 2021-02-07

    Cookiecutter is nice but it requires an entire python install to run, which is a big thing to ask for some of the scenarios mentioned by the tool creator (like someone going through a simple learning tutorial which might not even be using python at all).

    IMHO gomplate is a nicer alternative that's just a single static go-based tool that can do everything cookiecutter does and a lot more: https://github.com/hairyhenderson/gomplate

  • GitHub repo bank-vaults

    A Vault swiss-army knife: a K8s operator, Go client with automatic token renewal, automatic configuration, multiple unseal options and more. A CLI tool to init, unseal and configure Vault (auth methods, secret engines). Direct secret injection into Pods.

    Project mention: How to manage passwords in Helm | reddit.com/r/devops | 2021-08-21
  • Scout APM

    Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

  • GitHub repo Databunker

    Secure SDK/vault for personal records/PII built to comply with GDPR

    Project mention: Practical GDPR Compliance Guide for Startup Founders | reddit.com/r/selfhosted | 2021-12-01
  • GitHub repo konfig

    Composable, observable and performant config handling for Go for the distributed processing era

  • GitHub repo teller

    A secrets management tool for developers built in Go - never leave your command line for secrets.

    Project mention: What are some of the credential scanning tools | reddit.com/r/azuredevops | 2021-06-01

    You could use Spectral (https://spectralops.io) (disclaimer: I'm one of the founders), And if you're looking to scan credentials originating from your vaults and keystores you could use Teller, which is an open source vault scanner and secrets hub for developers that I've built: https://github.com/SpectralOps/teller

  • GitHub repo vault-secrets-operator

    Create Kubernetes secrets from Vault for a secure GitOps based workflow.

    Project mention: Hashicorp Vault integration with Secret objects | reddit.com/r/kubernetes | 2021-08-31

    It is but it affects vault-secrets-operator too, see https://github.com/ricoberger/vault-secrets-operator/issues/104 (and no, I’ve only use vault-secrets-operator)

  • GitHub repo Sup3rS3cretMes5age

    Simple to use, simple to deploy, one time self destruct messaging service, with hashicorp vault as a backend

    Project mention: Bitwarden Send | news.ycombinator.com | 2021-03-12

    Double-comment but check out https://github.com/algolia/sup3rS3cretMes5age

    I live in a country where sharing my entire life in paperwork is sadly normalized. Having a self-hosted one-time-secret service for file uploads is so nice.

  • GitHub repo argocd-vault-plugin

    An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets

    Project mention: Best/Secure way to add a secret for ArgoCD Helm Chart? | reddit.com/r/kubernetes | 2021-10-05

    I used argocd vault plugin https://github.com/IBM/argocd-vault-plugin

  • GitHub repo vault-csi-provider

    HashiCorp Vault Provider for Secret Store CSI Driver

    Project mention: Inject Secrets into your Pod Environments at the Container Runtime | reddit.com/r/kubernetes | 2021-07-17

    Why not use https://github.com/kubernetes-sigs/secrets-store-csi-driver to do this? Then you don't have a strict binding to runc. A live example of using the CSI driver with a secrets provider is https://github.com/hashicorp/vault-csi-provider

  • GitHub repo vaku

    Vaku extends the Vault API & CLI

    Project mention: Ask HN: What are some tools / libraries you built yourself? | news.ycombinator.com | 2021-05-16

    Vaku - A CLI for Vault that lets you operate on folders instead of just paths. Search, copy, move, read vault folders easily.


  • GitHub repo lockgit

    A CLI tool for storing encrypted data in a git repo

    Project mention: RFC 8959: The “secret-token” URI Scheme | news.ycombinator.com | 2021-01-31

    If people are looking for a way to put encrypted files into git, you can use LockGit https://github.com/jswidler/lockgit.

  • GitHub repo harp

    Secret management toolchain (by elastic)

    Project mention: Elastic Harp v0.2.1 - Secret management pipeline toolchain | reddit.com/r/devsecops | 2021-11-18
  • GitHub repo medusa

    A cli tool for importing and exporting Hashicorp Vault secrets (by jonasvinther)

    Project mention: wrote a small cli for recursively listing secrets from vaults kv engine, thought it may be interesting for you guys | reddit.com/r/hashicorp | 2021-11-28

    Cool project. Maybe take a look at Medusa. I think we try to do some of the same things 🙂 https://github.com/jonasvinther/medusa

  • GitHub repo k8s-vault-webhook

    A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers

    Project mention: Kubernetes Vault Webhook to manage secrets inside Kubernetes | reddit.com/r/openshift | 2021-05-10
  • GitHub repo vault-creds

    Sidecar container for requesting dynamic Vault database secrets

    Project mention: Hashicorp Vault for Developers? | reddit.com/r/devops | 2021-10-01

    Exactly, we hide this from our devs. They can add secrets to hc vault via ui or via cli and know the „keywords“ to render it to properties. Which we then provide via env vars or properties file to app. For databases we do the same, there we use https://github.com/uswitch/vault-creds which hides the database related things. For encrypted communication we used in the past a sidecar with envoy that simply took certs from vault and in our apps we added the pki ca we managed via vault. So this was also hidden and devs not had to take care of encryption in their apps (today you use a service mesh for it) ;) and especially were also not affected by expired certs, as envoy has hot reload. For Kafka we still use this mechanism to implement authn and authz. There we have a callback which rotates pods when Kafka keystone is near expiry date. The only thing our devs have to worry about is encryption as a service. There I found so far no abstraction.

  • GitHub repo rvault

    Small tool to perform some recursive operations on Hashicorp's Vault KV (by kir4h)

    Project mention: Directory Structure of Vault Paths | reddit.com/r/hashicorp | 2021-12-02

    If we had additional information as to what you were after, other than only curiosity, then there may be other solutions to accomplish your goal (like rvault).

  • GitHub repo vault-converter

    Support converting Vault Secrets to diffrent formats.

    Project mention: Storing Terraform variables with Vault Converter | reddit.com/r/Terraform | 2021-10-13

    Repository: https://github.com/vietanhduong/vault-converter

  • GitHub repo spiffe-vault

    Integrates Spiffe and Vault to have secretless authentication

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2021-12-03.

Go Vault related posts


What are some of the best open-source Vault projects in Go? This list will help you:

Project Stars
1 Vault 22,267
2 fabio 6,827
3 chezmoi 5,417
4 consul-template 4,364
5 envconsul 1,748
6 gomplate 1,543
7 bank-vaults 1,520
8 Databunker 922
9 konfig 615
10 teller 498
11 vault-secrets-operator 423
12 Sup3rS3cretMes5age 350
13 argocd-vault-plugin 255
14 vault-csi-provider 157
15 vaku 126
16 lockgit 116
17 harp 104
18 medusa 104
19 k8s-vault-webhook 98
20 vault-creds 83
21 rvault 15
22 vault-converter 12
23 spiffe-vault 8
Find remote jobs at our new job board 99remotejobs.com. There are 32 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives