Developped at Orange Business Services under LGPL-2.1. See LICENSE.
This plugin requires .NET Framework 4.6 minimum, you can download the latest version from Microsoft website.
For Linux users, you need to install the latest mono-complete
package.
- Download the latest PLGX file and copy it in the KeePass installation folder, in plugins directory
- For Windows it's in
C:\Program Files (x86)\KeePass Password Safe 2\Plugins
- For Linux it's in
/usr/lib/keepass2/Plugins
- For Windows it's in
- Open your database
- Create an entry with name starting with
vault
. For example:vault-personal-folder
- Username is the username used to authenticate on Vault
- Password is the password used to authenticate on Vault
- URL is the Vault Backend URL (port included). For example:
https://local-vault:8200
- In Advanced tab add the following String fields:
auth
field contains the auth path. For basic Vault authentication, it should beusername
. For LDAP authentication, it should be the LDAP name.path
field contains the path to synchronize. Any secret in this path will be synchronized, recursively.
- Click on Tools -> Synchronize Vault entries. Synchronization may take a while, since Vault API is really not designed for this kind of use case.
- A folder named with your entry name followed by the date and time timestamp will be created. If the entry was previously synchronized, the previous folder won't be deleted.
- You can save your database. The plugin won't do it for you.
- For now, there is no error message in case of issue. Only the lack of synchronization will be a symptom of issue. It may be improved in future versions. If needed.
- Because release themes are cheap but are a small pleasure in release process
- Because it helps structuring releases
- Because why not?
- Because Vault, so Release Theme
- Get the dependencies listed here
- Modify the version in both AssemblyInfo and KeepassPluginVersion.txt
- Build the solution, targetting
Release PLGX
- The file is generated in VaultSyncPlugin/bin/ReleasePlgx/VaultSyncPlugin.plgx
For some reason, the execution of plgxtool can fail. The quick workaround consists in running the command directly in bash from the VaultSyncPlugin project folder.
This part could be improved. For now, there are is one integration test, with minimal assertion.
On first run, a secrets.json
file will be generated, containing the needed values to be modified for the test to run.
Since it contains sensitive data, this file is gitignored. But you should check regularly that it's not committed.
- KeePass for plugin API (GPL-2.0)
- Vault.NET for Vault API C# wrapping (MIT)
- PlgxTool for PLGX generation (GPL-2.0)
- Newtonsoft.Json as dependency of Vault.NET (MIT)
- A bunch of .NET extension libraries, as dependencies of dependencies, from .NET framework 4.6 or Microsoft libraries on nuget (Apache 2 and MIT, depends on the lib/framework)