Add option for Docker secret name

Previously the name of the Docker secret was derived from the key of the
Vault secret. Since Vault allows for secrets on different paths to
share the same key this was problematic in some cases.

README.md

@@ -1,5 +1,8 @@
 # vault-to-docker-secret
 
+Allows to read secrets from [HashiCorp Vault](https://www.vaultproject.io/) and
+store them as [Docker secrets](https://docs.docker.com/engine/swarm/secrets/).
+
 ## Installation
 
 Download a
@@ -11,7 +14,7 @@ platform and you are ready to go.
 Reads a secret from Vault and stores it as a Docker secret:
 
 ```
-vault-to-docker-secret --approle-file=FILE --vault-endpoint=ENDPOINT --secret-path=PATH --secret-key=KEY
+vault-to-docker-secret --approle-file=FILE --vault-endpoint=ENDPOINT --vault-path=PATH  --vault-key=KEY --secret-name=NAME
 ```
 
 ## Help

bin.js

@@ -13,28 +13,36 @@ const argv = require("yargs")
     requiresArg: true,
     type: "string"
   })
-  .option("secret-path", {
-    alias: "s",
+  .option("vault-path", {
+    alias: "p",
     demandOption: true,
     description: "Vault secret path",
     requiresArg: true,
     type: "string"
   })
-  .option("secret-key", {
+  .option("vault-key", {
     alias: "k",
     demandOption: true,
     description: "Vault secret key",
     requiresArg: true,
     type: "string"
   })
+  .option("secret-name", {
+    alias: "n",
+    demandOption: true,
+    description: "Docker secret name",
+    requiresArg: true,
+    type: "string"
+  })
   .usage(
-    "$0 --approle-file=FILE --vault-endpoint=ENDPOINT --secret-path=PATH  --secret-key=KEY"
+    "$0 --approle-file=FILE --vault-endpoint=ENDPOINT --vault-path=PATH  --vault-key=KEY --secret-name=NAME"
   )
   .help().argv;
 
 require(".")(
   argv.approleFile,
   argv.vaultEndpoint,
-  argv.secretPath,
-  argv.secretKey
+  argv.vaultPath,
+  argv.vaultKey,
+  argv.secretName
 );

main.js

@@ -1,15 +1,21 @@
 const DOCKER = new require("dockerode")();
 let vault;
 
-module.exports = async (approleFile, vaultEndpoint, secretPath, secretKey) => {
+module.exports = async (
+  approleFile,
+  vaultEndpoint,
+  vaultPath,
+  vaultKey,
+  secretName
+) => {
   const OPTIONS = { endpoint: vaultEndpoint };
   vault = require("node-vault")(OPTIONS);
   try {
     const jsonString = await require("fs").promises.readFile(approleFile);
     const approleJson = JSON.parse(jsonString);
     const loginResponse = await vaultApproleLogin(approleJson);
-    const vaultSecret = await readVaultSecret(secretPath, loginResponse);
-    await createDockerSecretFromValue(secretKey, vaultSecret);
+    const vaultSecret = await readVaultSecret(vaultPath, loginResponse);
+    await createDockerSecretFromValue(vaultKey, vaultSecret, secretName);
   } catch (error) {
     console.error(error);
   }
@@ -23,15 +29,15 @@ async function vaultApproleLogin(approleJson) {
   return vault.approleLogin(APPROLE);
 }
 
-async function readVaultSecret(path, loginResponse) {
+async function readVaultSecret(vaultPath, loginResponse) {
   vault.token = loginResponse.auth.client_token;
-  return vault.read(path);
+  return vault.read(vaultPath);
 }
 
-async function createDockerSecretFromValue(key, vaultSecret) {
-  const VALUE = Buffer.from(vaultSecret.data.data[key]).toString("base64");
+async function createDockerSecretFromValue(vaultKey, vaultSecret, secretName) {
+  const VALUE = Buffer.from(vaultSecret.data.data[vaultKey]).toString("base64");
   const DOCKER_SECRET = {
-    name: key,
+    name: secretName,
     data: VALUE
   };
   return DOCKER.createSecret(DOCKER_SECRET);

package.json

@@ -1,6 +1,6 @@
 {
   "name": "vault-to-docker-secret",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "main": "main.js",
   "bin": "bin.js",
   "dependencies": {