From 9badff29675b3d7f716ac4c2066fe40398aeac04 Mon Sep 17 00:00:00 2001 From: "Florian Rusch (cluetec GmbH)" Date: Fri, 24 Nov 2023 10:38:01 +0100 Subject: [PATCH] Fix some stylings --- .editorconfig | 3 +++ samples/HashiCorp-Vault/README.md | 9 +++---- samples/HashiCorp-Vault/docker-compose.yaml | 26 +++++++++---------- .../init-and-fill-vault-with-data.sh | 20 +++++++------- 4 files changed, 30 insertions(+), 28 deletions(-) diff --git a/.editorconfig b/.editorconfig index 4c7771c..36fcc3f 100644 --- a/.editorconfig +++ b/.editorconfig @@ -13,3 +13,6 @@ trim_trailing_whitespace = true [{*.go,Makefile,go.mod,go.sum}] indent_style = tab + +[*.sh] +indent_size = 4 diff --git a/samples/HashiCorp-Vault/README.md b/samples/HashiCorp-Vault/README.md index de16aec..0915eb2 100644 --- a/samples/HashiCorp-Vault/README.md +++ b/samples/HashiCorp-Vault/README.md @@ -1,6 +1,6 @@ # Sample: Backup HashiCorp Vault -In this example we will show you how to backup an HashiCorp Vault instance. +In this example we will show you how to back up an HashiCorp Vault instance. ## Requirements @@ -47,9 +47,9 @@ something around 1 minute until the init script finishes. ```shell $ docker-compose ps --all -NAME IMAGE COMMAND SERVICE CREATED STATUS PORTS -hashicorp-vault-vault-1 hashicorp/vault:1.15 "vault server -confi…" vault 59 seconds ago Up 58 seconds 0.0.0.0:8200->8200/tcp -hashicorp-vault-vault-init-1 hashicorp-vault-vault-init "bash /init.sh" vault-init 59 seconds ago Exited (0) 5 seconds ago +NAME IMAGE COMMAND SERVICE CREATED STATUS PORTS +hashicorp-vault-vault-1 hashicorp/vault:1.15 "vault server -confi…" vault 59 seconds ago Up 58 seconds 0.0.0.0:8200->8200/tcp +hashicorp-vault-vault-init-1 hashicorp-vault-vault-init "bash /init.sh" vault-init 59 seconds ago Exited (0) 5 seconds ago ``` ### 3. Run lifeboat to create the backup @@ -75,7 +75,6 @@ To clean up everything afterwards, we just need to execute the following command $ rm -rf backup-destination/vault-backup.snap ``` - ## Restore An official guide how to restore a backup/snapshot can be found here: diff --git a/samples/HashiCorp-Vault/docker-compose.yaml b/samples/HashiCorp-Vault/docker-compose.yaml index 3c06eaf..1d06af5 100644 --- a/samples/HashiCorp-Vault/docker-compose.yaml +++ b/samples/HashiCorp-Vault/docker-compose.yaml @@ -10,16 +10,16 @@ services: - IPC_LOCK entrypoint: vault server -config=/vault/vault.hcl -# vault-init: -# build: -# context: . -# dockerfile_inline: | -# FROM hashicorp/vault:1.15 -# RUN apk update && \ -# apk add bash -# no_cache: true -# volumes: -# - ./init-and-fill-vault-with-data.sh:/init.sh:ro -# - ./vault-token.txt:/vault-token.txt:rw -# - ./vault-unseal-keys.txt:/vault-unseal-keys.txt:rw -# entrypoint: bash /init.sh + vault-init: + build: + context: . + dockerfile_inline: | + FROM hashicorp/vault:1.15 + RUN apk update && \ + apk add bash + no_cache: true + volumes: + - ./init-and-fill-vault-with-data.sh:/init.sh:ro + - ./vault-token.txt:/vault-token.txt:rw + - ./vault-unseal-keys.txt:/vault-unseal-keys.txt:rw + entrypoint: bash /init.sh diff --git a/samples/HashiCorp-Vault/init-and-fill-vault-with-data.sh b/samples/HashiCorp-Vault/init-and-fill-vault-with-data.sh index 4cdb052..ee8d60a 100755 --- a/samples/HashiCorp-Vault/init-and-fill-vault-with-data.sh +++ b/samples/HashiCorp-Vault/init-and-fill-vault-with-data.sh @@ -34,9 +34,9 @@ until $(vault status > /dev/null 2>&1); do fi if [ ${attempt_counter} -eq ${max_attempts} ]; then - echo "" - echo "ERROR: The Vault was not started in time. Maximum connection attempts of ${max_attempts} have been reached and $((sleep_seconds*max_attempts)) seconds have been waited. Please have a look at the Vault instance to see why it did not start in time." - exit 1 + echo "" + echo "ERROR: The Vault was not started in time. Maximum connection attempts of ${max_attempts} have been reached and $((sleep_seconds*max_attempts)) seconds have been waited. Please have a look at the Vault instance to see why it did not start in time." + exit 1 fi echo "Waiting until vault is up..." @@ -71,10 +71,10 @@ unsealKeys=$(echo "$initOutput" | grep "^Unseal Key ") # Get root token while IFS= read -r SINGLELINE do - re="Initial Root Token: " - if [[ "${SINGLELINE}" =~ $re ]]; then - rootToken=$(echo "${SINGLELINE}" | sed "s/${re}//") - fi + re="Initial Root Token: " + if [[ "${SINGLELINE}" =~ $re ]]; then + rootToken=$(echo "${SINGLELINE}" | sed "s/${re}//") + fi done << EOF $initOutput EOF @@ -101,9 +101,9 @@ vault secrets enable -version=2 -path="secret" kv amountOfSecrets=1000 secretLength=2000 for i in `seq 2 $amountOfSecrets`; do - printf "\nPut secret number ${i} into vault:\n" - superSecureSecret=$(sed "s/[^a-zA-Z0-9]//g" <<< $(cat /dev/urandom | LC_ALL=C tr -dc 'a-zA-Z0-9!@#$%*()-+' | fold -w ${secretLength} | head -n 1)) - echo "${superSecureSecret}" | vault kv put secret/${i} content=- + printf "\nPut secret number ${i} into vault:\n" + superSecureSecret=$(sed "s/[^a-zA-Z0-9]//g" <<< $(cat /dev/urandom | LC_ALL=C tr -dc 'a-zA-Z0-9!@#$%*()-+' | fold -w ${secretLength} | head -n 1)) + echo "${superSecureSecret}" | vault kv put secret/${i} content=- done printf "\nSuccessful initialized vault and put ${amountOfSecrets} with a length of ${secretLength} random chars into vault\n"