harald/vault-hier
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Improve Vault status detection in test script

Browse source 
- Use better pattern matching to extract sealed status
- Add more verbose logging of seal status
- Make status checks more resilient to formatting differences
- Ensure test correctly interprets Vault status output

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Harald Hoyer 2025-03-20 12:58:09 +01:00
parent d27bd8c57a
commit 98384791c3
1 changed files with 12 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
test_docker.sh
View file

@ -119,7 +119,10 @@ fi
vault_status=$(docker-compose exec -T vault env VAULT_ADDR=http://127.0.0.1:8200 vault status -format=json 2>/dev/null || echo '{"sealed": true}')
# Check if Vault is unsealed by looking for "sealed":false
if echo "$vault_status" | grep -q '"sealed":false'; then
sealed=$(echo "$vault_status" | grep -o '"sealed":[^,]*' || echo '"sealed":true')
log "INFO" "Seal status: $sealed"
if [[ "$sealed" == *"false"* ]]; then
log "INFO" "Vault is properly unsealed after initial setup"
else
log "ERROR" "Vault is still sealed after initial setup"
@ -144,7 +147,10 @@ sleep 5
# Verify Vault is sealed after restart (it should be)
vault_status=$(docker-compose exec -T vault env VAULT_ADDR=http://127.0.0.1:8200 vault status -format=json 2>/dev/null || echo '{"sealed": true}')
if echo "$vault_status" | grep -q '"sealed":true'; then
sealed=$(echo "$vault_status" | grep -o '"sealed":[^,]*' || echo '"sealed":false')
log "INFO" "Seal status after restart: $sealed"
if [[ "$sealed" == *"true"* ]]; then
log "INFO" "Vault is correctly sealed after restart"
else
log "WARN" "Vault is not sealed after restart - this is unexpected"
@ -177,7 +183,10 @@ docker-compose run -e VAULT_ADDR=http://vault:8200 \
# Verify Vault is unsealed now
vault_status=$(docker-compose exec -T vault env VAULT_ADDR=http://127.0.0.1:8200 vault status -format=json 2>/dev/null || echo '{"sealed": true}')
if echo "$vault_status" | grep -q '"sealed":false'; then
sealed=$(echo "$vault_status" | grep -o '"sealed":[^,]*' || echo '"sealed":true')
log "INFO" "Seal status after unseal attempts: $sealed"
if [[ "$sealed" == *"false"* ]]; then
log "INFO" "Vault was successfully unsealed after restart"
else
log "ERROR" "Vault is still sealed after restart"