coult
| Crates.io | coult |
| lib.rs | coult |
| version | 0.3.0 |
| created_at | 2021-10-18 01:03:06.143941+00 |
| updated_at | 2025-06-05 03:59:11.114055+00 |
| description | Hashicorp vault secret retrival helper, using hyper and serde, and automatically parsing. |
| homepage | https://github.com/guaychou/coult |
| repository | https://github.com/guaychou/coult |
| max_upload_size | |
| id | 466483 |
| size | 49,331 |
Kevin Jonathan Harnanta (guaychou)
documentation
README
Coult
A simple, async Vault client in Rust using Hyper v1, hyper-rustls, and Tokio for secure communication with HashiCorp Vault.
Features
-
Supports Vault HTTP API v1 (health check, secrets retrieval)
-
Compatible with Vault secret engines v1 and v2
-
TLS support with
hyper-rustlsand WebPKI roots -
Async and efficient using
hyper-utilandtokio -
Customizable Vault connection options (address, port, token, protocol)
-
Error handling with detailed Vault status codes
Usage
use coult::{Config, Vault};
use serde::Deserialize;
#[derive(Debug, Deserialize)]
struct Secret {
password: String,
}
#[tokio::main]
async fn main() {
tracing_subscriber::fmt::init();
let vault = Vault::new()
.address("localhost")
.protocol("http")
.token("imtokenbro")
.port(8200)
.secret_path("kv/data/test")
.build().await.unwrap();
let data = vault.get_secret::<Secret>().await.unwrap();
println!("{:?}", data)
}
Replace YourSecretStruct with your custom struct that implements serde::Deserialize.
API
VaultBuilder
- address(String): Set Vault server address (default: 127.0.0.1)
- port(u16): Set Vault server port (default: 8200)
- token(String): Set Vault token for authentication
- secret_path(String): Set the Vault secret path to retrieve
- https(): Use HTTPS protocol (default: http)
- protocol(String): Set protocol (http or https)
- build(): Build and return a Vault instance asynchronously
Vault
- health_check(): Check Vault health status
- get_secret
(): Get secret from Vault using secret engine v1 - get_secret_v2
(): Get secret from Vault using secret engine v2
Error Handling
The client returns detailed errors based on Vault HTTP status codes, such as:
- VaultSealed (503)
- VaultInvalidPath (404)
- VaultNotInitialized (501)
- VaultActiveDRsecondaryNode (472)
- VaultStandbyPerformanceNode (473)
- Other Vault-specific errors
Environment Variables
If values are not explicitly set in the builder, these environment variables will be used as defaults:
- VAULT_ADDRESS - Vault server address
- VAULT_PORT - Vault server port
- VAULT_TOKEN - Vault authentication token
- VAULT_SECRET_PATH - Vault secret path
- VAULT_PROTOCOL - Protocol (http or https)
Contributing
Contributions are welcome! Please open issues or submit pull requests.