harald/vault-hier
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Improve test script portability

Browse source 
- Replace #!/bin/bash with #!/usr/bin/env bash for better portability
- This helps ensure scripts run correctly on different systems where bash
  might be located in different paths

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Harald Hoyer 2025-03-20 13:19:17 +01:00
parent 9b3ac63c3e
commit a3fa6c2e8d
2 changed files with 24 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
test_docker.sh
View file

@ -1,4 +1,4 @@
#!/bin/bash #!/usr/bin/env bash
set -eo pipefail set -eo pipefail
# Colors for terminal output # Colors for terminal output
@ -48,6 +48,12 @@ if ! command -v docker-compose > /dev/null 2>&1; then
exit 1 exit 1
fi fi
# Check if jq is available
if ! command -v jq > /dev/null 2>&1; then
log "ERROR" "jq command not found. Please install jq (JSON processor)."
exit 1
fi
# Build the Docker image # Build the Docker image
log "INFO" "Building Docker image..." log "INFO" "Building Docker image..."
docker-compose build docker-compose build
@ -171,27 +177,27 @@ root_token=$(jq -r '.root_token' vault-credentials.json)
# First, try running 'vault operator unseal' directly for a more robust test # First, try running 'vault operator unseal' directly for a more robust test
log "INFO" "Attempting to unseal Vault directly with unseal keys..." log "INFO" "Attempting to unseal Vault directly with unseal keys..."
# Using an array to capture the keys # Split the keys - more portable than readarray which isn't available in all shells
readarray -t key_array <<< "$unseal_keys" key1=$(echo "$unseal_keys" | head -n 1)
key2=$(echo "$unseal_keys" | head -n 2 | tail -n 1)
key3=$(echo "$unseal_keys" | head -n 3 | tail -n 1)
for key in "${key_array[@]}"; do # Apply each key
log "INFO" "Applying unseal key: ${key:0:8}..." # Show only first 8 chars for security for key in "$key1" "$key2" "$key3"; do
docker-compose exec -T vault env VAULT_ADDR=http://127.0.0.1:8200 vault operator unseal "$key" if [ -n "$key" ]; then
log "INFO" "Applying unseal key: ${key:0:8}..." # Show only first 8 chars for security
docker-compose exec -T vault env VAULT_ADDR=http://127.0.0.1:8200 vault operator unseal "$key"
fi
done done
# As a fallback, also try running vault-init with environment variables # As a fallback, also try running vault-init with environment variables
log "INFO" "Starting vault-init with environment variables..." log "INFO" "Starting vault-init with environment variables..."
# Check how many keys we have # Use simpler variable passing - more portable
key_count=${#key_array[@]} docker-compose run -e VAULT_ADDR=http://vault:8200 \
env_vars="-e VAULT_ADDR=http://vault:8200" -e VAULT_UNSEAL_KEY_1="$key1" \
-e VAULT_UNSEAL_KEY_2="$key2" \
# Add each key to environment variables -e VAULT_UNSEAL_KEY_3="$key3" \
for i in $(seq 0 $((key_count-1))); do --rm vault-init
env_vars="$env_vars -e VAULT_UNSEAL_KEY_$((i+1))=${key_array[$i]}"
done
# Run the command with all environment variables
docker-compose run $env_vars --rm vault-init
# Verify Vault is unsealed now # Verify Vault is unsealed now
vault_status=$(docker-compose exec -T vault env VAULT_ADDR=http://127.0.0.1:8200 vault status -format=json 2>/dev/null || echo '{"sealed": true}') vault_status=$(docker-compose exec -T vault env VAULT_ADDR=http://127.0.0.1:8200 vault status -format=json 2>/dev/null || echo '{"sealed": true}')

2
test_local.sh
View file

@ -1,4 +1,4 @@
#!/bin/bash #!/usr/bin/env bash
set -e set -e
# Detect OS and handle accordingly # Detect OS and handle accordingly