Harp is for Harpocrates (Ancient Greek: Ἁρποκράτης) the god of silence, secrets and confidentiality in the Hellenistic religion. - Wikipedia

New to harp, let's start with onboarding tutorial ! TL;DR - Features overview

Harp provides :

• An automation compatible secret management implementation
  • CI/CD integration;
  • Human readable definitions (YAML);
  • Auditable and reproductible pipelines.
• A secret container specification to store and manipulate data;
• A container manipulation library exposed as github.com/elastic/harp/pkg/bundle;
• An extensible CLI tool.

And allows :

• bundle level operations
  • Create a container from scratch / template / json (more via plugins);
  • Read value stored in the K/V virtual filesystem;
  • Update the K/V virtual filesystem;
  • Delete keys.
• immutable container level operations
  • Seal / Unseal a container for integrity and confidentiality property conservation;
  • Generate a complete set of data using a YAML Descriptor (BundleTemplate);
  • Reproductible patch applied on immutable container (copy-on-write);
  • Import / Export to Vault.

harp artifacts and source code is released under Apache 2.0 Software License.

Download a release or build from source.

For stable version

brew tap elastic/harp
brew install elastic/harp/harp
brew install elastic/harp/harp-server

Download a release or build from source.

Only last 2 minor versions of a major are supported.

Harp is compiled with :

$ go version
go version go1.15.8 darwin/amd64

Simple go version manager - https://github.com/stefanmaric/g

Mage is an alternative to Make where language used is Go. You can install it using 2 different methods.

# Install mage
git clone https://github.com/magefile/mage
cd mage
go run bootstrap.go

brew install mage

git clone git@github.com:elastic/harp.git
# Go to tools submodule
cd harp/tools
# Pull tools sources, compile them and install executable in tools/bin
mage

export PATH=$HARP_REPO/tools/bin:$PATH
# Build harp in bin folder
mage

For Tools

You have to build this image before executing artifact pipelines.

mage docker:tools

For CLI

# or docker image [distroless:static, rootless, noshell]
mage docker:harp
# To execute in the container
docker run --rm -ti --read-only elastic/harp:<version>

For container server

# or docker image [distroless:static, rootless, noshell]
mage docker:harpServer
# To execute in the container
docker run --rm -ti --read-only elastic/harp-server:<version>

Here is the list of external projects used as inspiration :

• Kubernetes
• Helm
• Open Policy Agent ConfTest
• SaltPack
• Hashicorp Vault
• AWS SDK Go