Vault secret provider | Dagger | Page 1

Here's the PR!
https://github.com/dagger/dagger/pull/8730

Can I configure dagger to use a specific Vault address by default without having to define the VAULT_ADDR env var in every call?

As long as VAULT_ADDR is set on the host you're good. With these secret providers, you don't need to pass these as arguments to the CLI

Is the VAULT_TOKEN env var "accessible" from dagger (apart from the secret engine)?
No, but to clarify this and the follow up questions - the secret provider implementation is essentially a way to map secret URIs passed as cli flags --mysecret vault:// to dagger.Secret. So it's currently not something you'd use dynamically within your module code
cc @spark chasm

GitHub

Secret Providers by aluzzardi · Pull Request #8730 · dagger/dagger

Change how secrets are managed so they are requested just in time by
the Engine from the CLI whenever they're needed, rather than stored in plaintext from the get go.
New (still ugly) MapSe...

#Vault secret provider