Stephan D
3
ci/vlt
3
ci/vlt
@@ -13,6 +13,7 @@ login() {
|
|||||||
: "${VAULT_SECRET_ID:?missing VAULT_SECRET_ID}"
|
: "${VAULT_SECRET_ID:?missing VAULT_SECRET_ID}"
|
||||||
log "login approle"
|
log "login approle"
|
||||||
resp="$(curl -sfS -X POST -H 'Content-Type: application/json' \
|
resp="$(curl -sfS -X POST -H 'Content-Type: application/json' \
|
||||||
|
--connect-timeout 5 --max-time 20 \
|
||||||
-d "{\"role_id\":\"${VAULT_ROLE_ID}\",\"secret_id\":\"${VAULT_SECRET_ID}\"}" \
|
-d "{\"role_id\":\"${VAULT_ROLE_ID}\",\"secret_id\":\"${VAULT_SECRET_ID}\"}" \
|
||||||
"${VAULT_ADDR%/}/v1/auth/approle/login")"
|
"${VAULT_ADDR%/}/v1/auth/approle/login")"
|
||||||
token="$(printf '%s' "$resp" | sed -n 's/.*"client_token"[[:space:]]*:[[:space:]]*"\([^"]*\)".*/\1/p')"
|
token="$(printf '%s' "$resp" | sed -n 's/.*"client_token"[[:space:]]*:[[:space:]]*"\([^"]*\)".*/\1/p')"
|
||||||
@@ -34,7 +35,7 @@ kv_get() {
|
|||||||
mount="$1"; path="$2"; field="$3"
|
mount="$1"; path="$2"; field="$3"
|
||||||
ensure_token
|
ensure_token
|
||||||
url="${VAULT_ADDR%/}/v1/${mount}/data/${path}"
|
url="${VAULT_ADDR%/}/v1/${mount}/data/${path}"
|
||||||
resp="$(curl -sfS -H "X-Vault-Token: ${VAULT_TOKEN}" "$url")"
|
resp="$(curl -sfS --connect-timeout 5 --max-time 20 -H "X-Vault-Token: ${VAULT_TOKEN}" "$url")"
|
||||||
raw="$(printf '%s' "$resp" | sed -n "s/.*\"${field}\"[[:space:]]*:[[:space:]]*\"\([^\"]*\)\".*/\1/p")"
|
raw="$(printf '%s' "$resp" | sed -n "s/.*\"${field}\"[[:space:]]*:[[:space:]]*\"\([^\"]*\)\".*/\1/p")"
|
||||||
[ -n "$raw" ] || { echo "field not found: ${mount}/${path}:${field}" >&2; exit 2; }
|
[ -n "$raw" ] || { echo "field not found: ${mount}/${path}:${field}" >&2; exit 2; }
|
||||||
printf '%s' "$raw" | sed -e 's/\\n/\n/g' -e 's/\\t/\t/g' -e 's/\\"/"/g' -e 's/\\\\/\\/g'
|
printf '%s' "$raw" | sed -e 's/\\n/\n/g' -e 's/\\t/\t/g' -e 's/\\"/"/g' -e 's/\\\\/\\/g'
|
||||||
|
|||||||
Reference in New Issue
Block a user