Sparrow6 is a automation tool written on Perl6 and comes with a lot of plugins allowing users automate their daily tasks.

In this short post I'm going to show you how to automate interaction with Azure KeyVault. This case is typical as it often happens when one need to read secrets from keyvault and use them somehow.

Installing Sparrow6

zef install https://github.com/melezhik/Sparrow6.git

Setup Sparrow6 repostory

export SP6_REPO=http://repo.southcentralus.cloudapp.azure.com

Simple scenario

Let's create a simple scenario that loads login and password from keyvault and uses them to ssh to linux VM and then run uptime command for this machine.

We're going to use Tomtit task runner

to execute Sparrow6 scenario, as Tomtit is a good fit for command line applications:

zef install https://github.com/melezhik/Tomtit.git

Now let's create scenario:

.tom/ssh-uptime.pl6



#!perl6 # Set Azure Account task - run " set az account ", " azure-account-set " % ( subscription => " foo-bar-baz " ); # Load keyvault secrets from Azure KeyVault my % state = task - run " load login and password ", " azure-kv-show ", % ( kv => " Stash " # key vault name secret => ( " password ", " login " ) # secret names ) my $host = " 192.168.0.1 "; # Run uptime for linux host, using loaded credentials bash " ssh-pass -p {%state<password>} ssh -l {%state<login>} $host uptime "

Run scenario

Now after authenticating through service principal which is used to make requests to Azure, we can run scenario:

az login --service-principal -u $app_id --tenant $tenant_id -p $password

tom ssh-uptime

Thank you for reading. If you find the post useful, let me know and I'll probably create new ones on the same topic.