hashicorp/vault-plugin-auth-oci
1
0
Fork 0
mirror of https://github.com/hashicorp/vault-plugin-auth-oci synced 2026-04-05 18:51:22 +00:00
Code Issues Projects Releases Packages Wiki Activity
No description
65 commits 50 branches 32 tags 651 KiB
  • Go 84.2%
  • HCL 10%
  • Shell 3.2%
  • Makefile 2.6%
Find a file
Exact
hc-github-team-secure-vault-ecosystem 34d4898ce3
 [CHANGELOG] Prepare for v0.21.1 release (#104) 
* Update changelog for v0.21.1 release

* add missing cl entries

---------

Co-authored-by: hc-github-team-secure-vault-ecosystem <hc-github-team-secure-vault-ecosystem@users.noreply.github.com>
Co-authored-by: Vinay Gopalan <vinay@hashicorp.com>
2026-03-25 16:19:31 -05:00
.github chore: remove changie (#88) 2025-10-17 09:30:13 -07:00
cmd/vault-plugin-auth-oci [COMPLIANCE] Update Copyright and License Headers (#91) 2026-01-22 15:24:06 -05:00
scripts [COMPLIANCE] Update Copyright and License Headers (#91) 2026-01-22 15:24:06 -05:00
tests/terraform Prepare v0.15.1 release (#51) 2024-02-06 14:30:37 -08:00
.gitignore Add Terraform file to run acceptance tests (#23) 2023-02-08 15:01:25 -08:00
.go-version prepare v0.21.0 release (#101) 2026-03-18 22:45:17 +05:30
authenticate_client_details.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
authenticate_client_request_response.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
authenticate_client_result.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
authentication_client.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
backend.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
backend_test.go Make some header signing methods public (#18) 2022-09-21 17:18:28 -04:00
CHANGELOG.md [CHANGELOG] Prepare for v0.21.1 release (#104) 2026-03-25 16:19:31 -05:00
cli.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
CODEOWNERS Update for 0.17.0 release (#64) 2024-09-06 10:44:41 -04:00
filter_group_membership_details.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
filter_group_membership_request_response.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
filter_group_membership_result.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
go.mod Automated dependency upgrades (#103) 2026-03-19 19:52:00 -07:00
go.sum Automated dependency upgrades (#103) 2026-03-19 19:52:00 -07:00
internal_claims.go Oracle Cloud Infrastructure Auth Plugin (#1) 2019-09-04 10:56:23 -07:00
LICENSE [COMPLIANCE] Update Copyright and License Headers (#91) 2026-01-22 15:24:06 -05:00
Makefile update gha workflows (#26) 2023-03-28 17:00:41 -05:00
oci_client.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
path_config.go Add display attributes for OpenAPI OperationID's (#29) 2023-04-25 14:14:02 -04:00
path_config_test.go Oracle Cloud Infrastructure Auth Plugin (#1) 2019-09-04 10:56:23 -07:00
path_login.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
path_login_test.go VAULT-6727 Add role resolution to OCI (#15) 2022-07-26 12:43:39 -04:00
path_role.go Add display attributes for OpenAPI OperationID's (#29) 2023-04-25 14:14:02 -04:00
path_role_test.go Oracle Cloud Infrastructure Auth Plugin (#1) 2019-09-04 10:56:23 -07:00
principal.go Vault 39812 upgrade oci plugin to v65 (#87) 2025-10-16 08:38:00 -07:00
README.md chore: remove changie (#88) 2025-10-17 09:30:13 -07:00
slice_helper.go Oracle Cloud Infrastructure Auth Plugin (#1) 2019-09-04 10:56:23 -07:00

README.md

Vault Plugin Auth OCI

Vault auth plugin for Oracle Cloud Infrastructure.

Acceptance tests

The acceptance tests can only be run from an OCI instance.

If you are running this code on an OCI instance, you can run them directly with make testacc. You will need to set the following environtment variables:

  • HOME_TENANCY_ID to the tenancy you are running under (or your root tenancy ID)
  • ROLE_OCID_LIST to a comma-separated list of group OCIDs to at least two groups. At least one should be a dynamic group that contains the instance, and another should be an identity group that contains your user.

For example:

make testacc HOME_TENANCY_ID=ocid1.tenancy.oc1..aaaaaaaasomecharacter ROLE_OCID_LIST=ocid1.group.oc1..aaaaaaaasomecharacters OCI_GO_SDK_DEBUG=info VAULT_LOG_LEVEL=debug

Terraform

You can run the acceptance tests with terraform as well.

You will need an OCI account.

You need to generate and download a private key in your account settings. This should give you a private key file, the fingerprint, your tenancy OCID, and your user OCID.

Using those, you can run the acceptance tests via:

cd tests/terraform
# download your private key to this directory
terraform init
terraform apply \
  -var "fingerprint=YOURFINGERPRINT" \
  -var "tenancy_ocid=YOUR_TENANCY_OCID" \
  -var "user_ocid=YOUR_USER_OCID" \
  -var "private_key_path=YOUR_PRIVATE_KEY" \
  -var "region=YOUR_REGION"

This downloads the current main branch from GitHub and runs the tests on an OCI instance. It takes about 5 minutes.

Don't forget to destroy the resources when you are done:

terraform destroy \
  -var "fingerprint=YOURFINGERPRINT" \
  -var "tenancy_ocid=YOUR_TENANCY_OCID" \
  -var "user_ocid=YOUR_USER_OCID" \
  -var "private_key_path=YOUR_PRIVATE_KEY" \
  -var "region=YOUR_REGION"