Vault

The vault command manages secrets in Shopware PaaS Native. Secrets are encrypted pieces of sensitive data such as API keys, credentials, or SSH private keys. These secrets are securely stored and only accessible to users with the required permissions.

Usage

sw-paas vault [command]

Commands

Creating a New Secret

Use this command to create and securely store a new secret.

Usage:

sw-paas vault create [flags]

Flags:

--key: Key name for the secret.
--organization-id: ID of the organization.
--project-id: ID of the project.
--application-id: ID of the application.
--value: Value of the secret (used for all types except ssh).
--password-stdin: Read the secret value from stdin (only valid when type is ssh).
--type: Type of secret. Accepted values: env, buildenv, ssh.
--help: Display help for the command.

Type of secret and scope of useenv: Available at runtime in the environment. buildenv: Used during build processes. ssh: SSH keys for secure connections.

Examples:

Create a standard environment secret:

sw-paas vault create --organization-id "org-123" --project-id "proj-456" --application-id "app-789" --key "API_KEY" --value "my-api-key" --type env

Create an SSH secret from stdin:

cat private.pem | sw-paas vault create --key "SSH_KEY" --type ssh --password-stdin

Deleting a Secret

Use this command to delete an existing secret.

Usage:

sw-paas vault delete --secret-id [id]

Flags:

--secret-id: ID of the secret to delete.
--help: Display help for the command.

Example:

sw-paas vault delete --secret-id "secret-abc123"

This example deletes the secret identified by secret-abc123.

Listing Available Secrets

Use this command to list all secrets associated with a specific scope.

Usage:

sw-paas vault list [flags]

Flags:

--organization-id: ID of the organization.
--project-id: ID of the project.
--application-id: ID of the application.
--with-metadata: Include metadata such as project name.
--help: Display help for the command.

Example:

sw-paas vault list --organization-id "org-123" --project-id "proj-456"

This command lists all secrets for the specified project. Secrets scoped to applications within the project are also included.

Catalog

Checkout

Content

Architecture

Setups

Plugins

Plugin fundamentals

Checkout

Cart

Document

Order

Payment

Content

CMS

Mail

Media

SEO

Sitemap

Stock

Elasticsearch

Framework

Data Handling / DataAbstractionLayer

Custom Fields

Event

Message Queue

Rule

Store API

Filesystem

Flow

Rate Limiter

System Checks

Administration

Advanced configuration

Data handling processing

Mixins directives

Module component management

Permissions error handling

Routing navigation

Services utilities

System updates

Templates styling

Ui ux

Storefront

Testing

API

Themes

Apps

App Starter Guides

App SDKs

Official JavaScript SDK

Official PHP SDK

App Scripts

Storefront

Administration

Flow Builder

Custom Data

Content

CMS

Rule Builder

Gateways

Checkout

In app purchase

Installation & Updates

Deployments

Configurations

Shopware

Framework

Observability

Performance

Infrastructure

Elasticsearch

General Concepts

Migration Assistant

Concept

Guides

B2B Suite

Concepts

Guides

Core

Storefront