Accessing the BOSH Director CredHub
Using CREDHUB_PROXY
Requirements
bbl v6.2
or abovecredhub-cli v1.6.0
or above- a bbl environment
Instructions
-
Set necessary environment variables
bbl print-env
prints out environment variables (CREDHUB_CLIENT
,CREDHUB_SECRET
,CREDHUB_PROXY
,CREDHUB_SERVER
,CREDHUB_CA_CERT
, and others) that need to be exported to target the Director CredHub using the CredHub CLI.eval "$(bbl print-env)"
-
Get credentials
credhub find -n 'cf_admin_password'
The CredHub CLI will parse
CREDHUB_PROXY
and determines from thessh+socks5://
scheme that it should proxy throuhg a jumpbox via a tunnel of its own making.
Using http_proxy
Requirements
bbl
credhub-cli
- a bbl environment
Instructions
-
Set your CredHub client/secret
eval "$(bbl print-env)"
-
Make an SSH tunnel to the jumpbox
bbl ssh-key > /tmp/jumpbox.key chmod 0700 /tmp/jumpbox.key ssh -4 -D 5000 -fNC jumpbox@`bbl jumpbox-address` -i /tmp/jumpbox.key
-
Login
http_proxy=socks5://localhost:5000 credhub login
-
Get credentials
http_proxy=socks5://localhost:5000 credhub find -n 'cf_admin_password'