scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-04 04:28:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3d794050ffec4d2a8de35c86b51f40dcac576457
vault/scripts/gen_openapi.sh
Anton Averchenkov 2f01adeb4e Fix gen_openapi.sh script to load plugins (#17752)
2022-11-01 17:32:54 -04:00

129 lines
4.0 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -e
# Generate an OpenAPI document for all backends.
#
# Assumptions:
#
# 1. Vault has been checked out at an appropriate version and built
# 2. vault executable is in your path
# 3. Vault isn't already running
# 4. jq is installed
cd "$(dirname "${BASH_SOURCE[0]}")"
echo "Starting Vault..."
if pgrep -x "vault" > /dev/null
then
echo "Vault is already running. Aborting."
exit 1
fi
vault server -dev -dev-root-token-id=root &
sleep 2
VAULT_PID=$!
export VAULT_ADDR=http://127.0.0.1:8200
echo "Mounting all builtin plugins..."
# Enable auth plugins
codeLinesStarted=false
while read -r line; do
if [[ $line == *"credentialBackends:"* ]] ; then
codeLinesStarted=true
elif [[ $line == *"databasePlugins:"* ]] ; then
break
elif [ $codeLinesStarted = true ] && [[ $line == *"consts.Deprecated"* || $line == *"consts.PendingRemoval"* ]] ; then
auth_plugin_previous=""
elif [ $codeLinesStarted = true ] && [[ $line =~ ^\s*\"(.*)\"\:.*$ ]] ; then
auth_plugin_current=${BASH_REMATCH[1]}
if [[ -n "${auth_plugin_previous}" ]] ; then
echo "enabling auth plugin: ${auth_plugin_previous}"
vault auth enable "${auth_plugin_previous}"
fi
auth_plugin_previous="${auth_plugin_current}"
fi
done <../../vault/helper/builtinplugins/registry.go
if [[ -n "${auth_plugin_previous}" ]] ; then
echo "enabling auth plugin: ${auth_plugin_previous}"
vault auth enable "${auth_plugin_previous}"
fi
# Enable secrets plugins
codeLinesStarted=false
while read -r line; do
if [[ $line == *"logicalBackends:"* ]] ; then
codeLinesStarted=true
elif [[ $line == *"addExternalPlugins("* ]] ; then
break
elif [ $codeLinesStarted = true ] && [[ $line == *"consts.Deprecated"* || $line == *"consts.PendingRemoval"* ]] ; then
secrets_plugin_previous=""
elif [ $codeLinesStarted = true ] && [[ $line =~ ^\s*\"(.*)\"\:.*$ ]] ; then
secrets_plugin_current=${BASH_REMATCH[1]}
if [[ -n "${secrets_plugin_previous}" ]] ; then
echo "enabling secrets plugin: ${secrets_plugin_previous}"
vault secrets enable "${secrets_plugin_previous}"
fi
secrets_plugin_previous="${secrets_plugin_current}"
fi
done <../../vault/helper/builtinplugins/registry.go
if [[ -n "${secrets_plugin_previous}" ]] ; then
echo "enabling secrets plugin: ${secrets_plugin_previous}"
vault secrets enable "${secrets_plugin_previous}"
fi
# Enable enterprise features
entRegFile=../../vault/helper/builtinplugins/registry_util_ent.go
if [ -f $entRegFile ] && [[ -n "${VAULT_LICENSE}" ]]; then
vault write sys/license text="${VAULT_LICENSE}"
codeLinesStarted=false
while read -r line; do
if [[ $line == *"ExternalPluginsEnt:"* ]] ; then
codeLinesStarted=true
elif [[ $line == *"addExtPluginsEntImpl("* ]] ; then
break
elif [ $codeLinesStarted = true ] && [[ $line == *"consts.Deprecated"* || $line == *"consts.PendingRemoval"* ]] ; then
secrets_plugin_previous=""
elif [ $codeLinesStarted = true ] && [[ $line =~ ^\s*\"(.*)\"\:.*$ ]] ; then
ent_plugin_current=${BASH_REMATCH[1]}
if [[ -n "${ent_plugin_previous}" ]] ; then
echo "enabling enterprise plugin: ${ent_plugin_previous}"
vault secrets enable "${ent_plugin_previous}"
fi
ent_plugin_previous="${ent_plugin_current}"
fi
done <$entRegFile
if [[ -n "${ent_plugin_previous}" ]] ; then
echo "enabling enterprise plugin: ${ent_plugin_previous}"
vault secrets enable "${ent_plugin_previous}"
fi
fi
# Output OpenAPI, optionally formatted
if [ "$1" == "-p" ]; then
curl -H "X-Vault-Token: root" "http://127.0.0.1:8200/v1/sys/internal/specs/openapi" | jq > openapi.json
else
curl -H "X-Vault-Token: root" "http://127.0.0.1:8200/v1/sys/internal/specs/openapi" > openapi.json
fi
kill $VAULT_PID
sleep 1
echo
echo "openapi.json generated"
Reference in New Issue View Git Blame Copy Permalink