Use vault-user-token for vault authentication

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2017-05-26 21:15:07 +02:00 · 2017-05-26 21:15:07 +02:00 · 075d77a32f
commit 075d77a32f
parent c27b3481bc
1 changed files with 21 additions and 3 deletions
--- a/bin/local-vault-auth
+++ b/bin/local-vault-auth
@ -1,7 +1,25 @@
 #!/bin/bash

+set -e
+set -o pipefail
+
+source ${HOME}/.config/vault-user-token
+
 if ! (vault token-lookup 1>/dev/null 2>&1); then
-  echo -n "Vault is not authenticated, trying to authenticate... "
-  AUTH_TOKEN=$(lpass show --field=Passphrase "vault-auth")
-  echo "${AUTH_TOKEN}" | vault auth - > /dev/null || echo "FAIL" && echo "OK"
+  echo "Vault is not authenticated, trying to authenticate... "
+
+  if ! [ -f ${HOME}/bin/vault-user-token ]; then
+    os=$(uname | awk '{print tolower($0)}')
+    curl -sSLfo ${HOME}/bin/vault-user-token \
+      https://github.com/Luzifer/vault-user-token/releases/download/${VAULT_USER_TOKEN_VERSION}/vault-user-token_${os}_amd64
+    chmod 0755 ${HOME}/bin/vault-user-token
+  fi
+
+  ${HOME}/bin/vault-user-token &
+
+  if ! (vault token-lookup 1>/dev/null 2>&1); then
+    echo "Vault authentication failed finally"
+    exit 1
+  fi
+
 fi