docs: add Vault KV export how-to#590
Conversation
Phase 4 task-first how-to closing the user-facing Vault KV-v2 workflow. Documents the `export vault-kv-json` path from a scanner-safe bundle, its actual JSON shape, and the proves/does-not-prove boundary.
|
Warning You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again! |
|
Warning Rate limit exceeded
You’ve run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (1)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: e1db01bbdf
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| The export writes a top-level `data` map keyed by artifact name, plus a | ||
| `metadata` map recording the export's source and mode. The shape mirrors | ||
| a Vault KV-v2 read response well enough that a consumer parser can be | ||
| pointed at the file: |
There was a problem hiding this comment.
Document the KV-v2 nesting accurately
When downstream code uses a Vault client/parser expecting a real KV-v2 read result, this guidance points it at a different JSON contract: Vault KV-v2 read output nests the secret fields under an outer data object (data.data and data.metadata), while this export writes only the inner data/metadata object at the top level. Please describe the file as the inner KV-v2 payload (or adjust the sample shape), otherwise users can get false confidence from tests that never parse the actual Vault response shape.
Useful? React with 👍 / 👎.
Pure docs PR. Task-first how-to for Vault KV-v2 fixture export. Part of the Phase 4 task-first user-paths sweep.
Summary
docs/how-to/export-vault-kv-fixtures.mddocumenting thebundle --profile scanner-safeplusexport vault-kv-jsonworkflow.data+metadata) the CLI emits.Files
docs/how-to/export-vault-kv-fixtures.md(new)Test plan
cargo xtask docs-sync --checkpassescargo xtask typospassesgit diff --checkclean (no trailing whitespace / mixed line endings)