KAllan357 · February 14, 2017 06:36 · dlegault · Oct 27, 2017
diff --git a/vault-migration.go b/vault-migration.go
 package main

 import (
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
 	"os"
 	"path/filepath"

 	"github.com/hashicorp/consul/api"
 	"github.com/hashicorp/go-cleanhttp"
 )

 var consulClient *api.Client
 var consulClientErr error

 var rootDir = "/tmp/vault-storage"

 func main() {
 	// Setup Consul Config and ACL Token
 	config := api.DefaultConfig()
 	config.Scheme = "https"
 	config.Address = "my-consul:8500"
 	config.Token = "ABC-123"

 	httpClient := cleanhttp.DefaultClient()
 	transport := cleanhttp.DefaultPooledTransport()
 	httpClient.Transport = transport

        // This is important if Consul is using your own CA
 	tlsConfig, err := api.SetupTLSConfig(&api.TLSConfig{
 		CAFile:             "/Users/kallan/ca/ca.pem",
 		InsecureSkipVerify: false,
 	})
 	if err != nil {
 		panic(err)
 	}
 	transport.TLSClientConfig = tlsConfig
 	config.HttpClient = httpClient

 	consulClient, consulClientErr = api.NewClient(config)
 	if consulClientErr != nil {
 		panic(consulClientErr)
 	}

 	// Walk the root directory tree calling vaultWalk on each entry
 	filepath.Walk(rootDir, vaultWalk)
 }

 // vaultWalk is executed for each file under rootDir
 func vaultWalk(path string, info os.FileInfo, err error) error {
 	// When we see a directory, skip it and move to the next entry
 	if info.IsDir() {
 		return nil
 	}

 	// For a file, read it and unmarshal into a Consul api.KVPair
 	var kv api.KVPair
 	data, err := ioutil.ReadFile(path)
 	if err != nil {
 		return err
 	}
 	err = json.Unmarshal(data, &kv)
 	if err != nil {
 		return err
 	}

 	// Modify the key so its prefaced with Vault
 	kv.Key = fmt.Sprintf("vault/%s", kv.Key)

 	// Send the data into Consul
 	_, err = consulClient.KV().Put(&kv, nil)
 	if err != nil {
 		return err
 	}
 	fmt.Printf("Wrote key %s to Consul\n", kv.Key)
 	return nil
 }
	package main

	import (
	"encoding/json"
	"fmt"
	"io/ioutil"
	"os"
	"path/filepath"

	"github.com/hashicorp/consul/api"
	"github.com/hashicorp/go-cleanhttp"
	)

	var consulClient *api.Client
	var consulClientErr error

	var rootDir = "/tmp/vault-storage"

	func main() {
	// Setup Consul Config and ACL Token
	config := api.DefaultConfig()
	config.Scheme = "https"
	config.Address = "my-consul:8500"
	config.Token = "ABC-123"

	httpClient := cleanhttp.DefaultClient()
	transport := cleanhttp.DefaultPooledTransport()
	httpClient.Transport = transport

	// This is important if Consul is using your own CA
	tlsConfig, err := api.SetupTLSConfig(&api.TLSConfig{
	CAFile: "/Users/kallan/ca/ca.pem",
	InsecureSkipVerify: false,
	})
	if err != nil {
	panic(err)
	}
	transport.TLSClientConfig = tlsConfig
	config.HttpClient = httpClient

	consulClient, consulClientErr = api.NewClient(config)
	if consulClientErr != nil {
	panic(consulClientErr)
	}

	// Walk the root directory tree calling vaultWalk on each entry
	filepath.Walk(rootDir, vaultWalk)
	}

	// vaultWalk is executed for each file under rootDir
	func vaultWalk(path string, info os.FileInfo, err error) error {
	// When we see a directory, skip it and move to the next entry
	if info.IsDir() {
	return nil
	}

	// For a file, read it and unmarshal into a Consul api.KVPair
	var kv api.KVPair
	data, err := ioutil.ReadFile(path)
	if err != nil {
	return err
	}
	err = json.Unmarshal(data, &kv)
	if err != nil {
	return err
	}

	// Modify the key so its prefaced with Vault
	kv.Key = fmt.Sprintf("vault/%s", kv.Key)

	// Send the data into Consul
	_, err = consulClient.KV().Put(&kv, nil)
	if err != nil {
	return err
	}
	fmt.Printf("Wrote key %s to Consul\n", kv.Key)
	return nil
	}