Neutrollized · June 10, 2022 18:49
diff --git a/vault-auth.sh b/vault-auth.sh
 #!/bin/bash

 export VAULT_ADDR='http://127.0.0.1:8100'

 TOKEN_FILE_DIR='/path/to/dir'
 TOKEN_FILENAME='vault-token-via-agent'

 AUTOAUTH_TOKEN=$(find ${TOKEN_FILE_DIR} -type f -name ${TOKEN_FILENAME} -exec cat {} +)

 ROLE_ID=$(VAULT_TOKEN=${AUTOAUTH_TOKEN} vault read -field=role_id auth/medium/role/jenkins/role-id)

 WRAPPING_TOKEN=$(VAULT_TOKEN=${AUTOAUTH_TOKEN} vault write -wrap-ttl=60s -force -field=wrapping_token auth/medium/role/jenkins/secret-id)

 SECRET_ID=$(VAULT_TOKEN=${WRAPPING_TOKEN} wrap unwrap -field=secret_id)
 echo "secret_id: ${SECRET_ID}"

 TOKEN=$(vault write -field=token auth/medium/login role_id=${ROLE_ID} secret_id=${SECRET_ID})
 echo "token: ${TOKEN}"
	#!/bin/bash

	export VAULT_ADDR='http://127.0.0.1:8100'

	TOKEN_FILE_DIR='/path/to/dir'
	TOKEN_FILENAME='vault-token-via-agent'

	AUTOAUTH_TOKEN=$(find ${TOKEN_FILE_DIR} -type f -name ${TOKEN_FILENAME} -exec cat {} +)

	ROLE_ID=$(VAULT_TOKEN=${AUTOAUTH_TOKEN} vault read -field=role_id auth/medium/role/jenkins/role-id)

	WRAPPING_TOKEN=$(VAULT_TOKEN=${AUTOAUTH_TOKEN} vault write -wrap-ttl=60s -force -field=wrapping_token auth/medium/role/jenkins/secret-id)

	SECRET_ID=$(VAULT_TOKEN=${WRAPPING_TOKEN} wrap unwrap -field=secret_id)
	echo "secret_id: ${SECRET_ID}"

	TOKEN=$(vault write -field=token auth/medium/login role_id=${ROLE_ID} secret_id=${SECRET_ID})
	echo "token: ${TOKEN}"