-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.envrc
39 lines (32 loc) · 1.05 KB
/
.envrc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# shellcheck shell=bash
dotenv
# auth against Vault if configured
if has vault; then
if [[ "$VAULT_ADDR" && "$VAULT_AUTH_GITHUB_TOKEN" ]]; then
# are we already authenticated?
TOKEN_LOOKUP=$(vault token-lookup -format=json 2>/dev/null)
if [ "$?" -eq 0 ]; then
# renew if possible
TOKEN_RENEW=$(vault token-renew -format=json 2>/dev/null)
else
# authenticate
vault login -method=github
fi
fi
fi
function get_vault_kv {
vault_path=$1
vault_key=${2:-value}
if [[ "$VAULT_ADDR" ]]; then
VAULT_KV=$(curl -s -H "X-Vault-Token: $(cat ~/.vault-token )" -X GET $VAULT_ADDR/v1/${vault_path} | jq -r .data.${vault_key})
fi
}
if get_vault_kv "secret/consul" "http_auth"; then
#echo "consul_http_auth = \"${VAULT_KV}\"" > _consul_http_auth.auto.tfvars
export CONSUL_HTTP_AUTH="${VAULT_KV}"
fi
if get_vault_kv "secret/consul" "http_addr"; then
#echo "consul_http_auth = \"${VAULT_KV}\"" > _consul_http_auth.auto.tfvars
export CONSUL_HTTP_ADDR="${VAULT_KV}"
fi
# vim: set et fenc=utf-8 ff=unix ft=sh sts=2 sw=2 ts=2 :