cfg/bin/vault-awsenv

#!/bin/bash

if ! ( which vault > /dev/null ); then
  error "vault is required."
  exit 2
fi


# If we can list the environments there is no need to unlock the database
if ( awsenv list > /dev/null 2>&1 ); then
  echo "Database already unlocked."
  exit 0
fi

# Retrieve key from LastPass
PWD=$(vault read -field=passphrase "/secret/private/awsenv")

# In case Vault exitted non-zero we have no password
if ! [ $? -eq 0 ]; then
  echo "Unable to get password. Not trying to unlock."
  exit 1
fi

# Fill password to ssh-add utility
expect <<EOF >/dev/null
spawn -ignore HUP awsenv unlock
expect "Password: "
send "$PWD\n"
expect "Database unlocked."
expect eof
EOF

# Check whether awsenv was unlocked
if ( awsenv list > /dev/null 2>&1 ); then
  echo "Database unlocked successfully"
  exit 0
else
  echo "Found passphrase but could not unlock database."
  exit 1
fi
add local scripts 2016-07-21 13:48:49 +00:00			`#!/bin/bash`

			`if ! ( which vault > /dev/null ); then`
			`error "vault is required."`
			`exit 2`
			`fi`


			`# If we can list the environments there is no need to unlock the database`
			`if ( awsenv list > /dev/null 2>&1 ); then`
			`echo "Database already unlocked."`
			`exit 0`
			`fi`

			`# Retrieve key from LastPass`
			`PWD=$(vault read -field=passphrase "/secret/private/awsenv")`

			`# In case Vault exitted non-zero we have no password`
			`if ! [ $? -eq 0 ]; then`
			`echo "Unable to get password. Not trying to unlock."`
			`exit 1`
			`fi`

			`# Fill password to ssh-add utility`
			`expect <<EOF >/dev/null`
			`spawn -ignore HUP awsenv unlock`
			`expect "Password: "`
			`send "$PWD\n"`
			`expect "Database unlocked."`
			`expect eof`
			`EOF`

			`# Check whether awsenv was unlocked`
			`if ( awsenv list > /dev/null 2>&1 ); then`
			`echo "Database unlocked successfully"`
			`exit 0`
			`else`
			`echo "Found passphrase but could not unlock database."`
			`exit 1`
			`fi`