systemd-openbao/tests/setup-vault

#!/usr/bin/env bash
set -eux -o pipefail
export BAO_ADDR=http://127.0.0.1:8200
export BAO_TOKEN=secret

while ! vault status; do
  sleep 1
done

mkdir -p tmp

# capabilities of our vault agent
cat > tmp/policy-file.hcl <<EOF
path "secret/data/*" {
  capabilities = ["read"]
}
EOF
openbao policy write demo tmp/policy-file.hcl
openbao kv put secret/my-secret foo=bar

# role for our vault agent
openbao auth enable approle
openbao write auth/approle/role/role1 bind_secret_id=true token_policies=demo
echo -n $(openbao read -format json auth/approle/role/role1/role-id | jq -r .data.role_id) > tmp/roleID
echo -n $(openbao write -force -format json auth/approle/role/role1/secret-id | jq -r .data.secret_id) > tmp/secretID
epoll: don't log errors if fd already has been removed 2 years ago			`#!/usr/bin/env bash`
			`set -eux -o pipefail`
feat: we don't need flakes where we are going Cleanup the repo a bit for OpenBao. Signed-off-by: Raito Bezarius <masterancpp@gmail.com> 2 days ago			`export BAO_ADDR=http://127.0.0.1:8200`
			`export BAO_TOKEN=secret`
epoll: don't log errors if fd already has been removed 2 years ago
			`while ! vault status; do`
			`sleep 1`
			`done`

			`mkdir -p tmp`

			`# capabilities of our vault agent`
			`cat > tmp/policy-file.hcl <<EOF`
			`path "secret/data/*" {`
			`capabilities = ["read"]`
			`}`
			`EOF`
feat: we don't need flakes where we are going Cleanup the repo a bit for OpenBao. Signed-off-by: Raito Bezarius <masterancpp@gmail.com> 2 days ago			`openbao policy write demo tmp/policy-file.hcl`
			`openbao kv put secret/my-secret foo=bar`
epoll: don't log errors if fd already has been removed 2 years ago
			`# role for our vault agent`
feat: we don't need flakes where we are going Cleanup the repo a bit for OpenBao. Signed-off-by: Raito Bezarius <masterancpp@gmail.com> 2 days ago			`openbao auth enable approle`
			`openbao write auth/approle/role/role1 bind_secret_id=true token_policies=demo`
			`echo -n $(openbao read -format json auth/approle/role/role1/role-id \| jq -r .data.role_id) > tmp/roleID`
			`echo -n $(openbao write -force -format json auth/approle/role/role1/secret-id \| jq -r .data.secret_id) > tmp/secretID`