Vault - psu-libraries/scholarsphere GitHub Wiki
ScholarSphere uses hashicorp's vault tool to store sensitive information, on app startup, the deployment picks up values from the vault, and injects them into the containers environment.
Related: Vault client setup ( https://sites.psu.edu/dltdocs/?p=5380 )
Getting environments secrets
vault kv get secret/app/scholarsphere/prod
Getting a field from a secret. this is useful for pipe lining
vault kv get -field=DATACITE_ENDPOINT secret/app/scholarsphere/prod
vault kv get -field=DATACITE_ENDPOINT secret/app/scholarsphere/prod | pbcopy
Adding a new secret
vault kv patch secret/app/scholarsphere/prod FOO=bar
after adding a secret, you'll need to rollout any deployments that need it
kubectl rollout restart deployment/scholarsphere
kubectl rollout restart deployment/scholarsphere-sidekiq