#!/usr/bin/env bash set -eux -o pipefail export VAULT_ADDR=http://127.0.0.1:8200 export VAULT_TOKEN=secret while ! vault status; do sleep 1 done mkdir -p tmp # capabilities of our vault agent cat > tmp/policy-file.hcl < tmp/roleID echo -n $(vault write -force -format json auth/approle/role/role1/secret-id | jq -r .data.secret_id) > tmp/secretID