tristanmorgan · February 22, 2021 03:25
diff --git a/vault-token-helper.sh b/vault-token-helper.sh
 #!/bin/sh

 set -e

 [ -z "$VAULT_ADDR" ] && VAULT_ADDR="https://127.0.0.1:8200"
 case $1 in
  store)
  security add-generic-password -U -a "VAULT-$USER" -c "hvlt" -C "hvlt" -D "Hashicorp Vault" -s "$VAULT_ADDR" -w "$(cat)"
  ;;
  get)
  /bin/echo -n $(security find-generic-password -g -a "VAULT-$USER" -s "$VAULT_ADDR" -w)
  ;;
  erase)
  security delete-generic-password -a "VAULT-$USER" -s "$VAULT_ADDR"
  ;;
  *)
  echo "Usage: $0 get|erase|store"
  ;;
 esac

 # then set in your ~/.vault 
 # token_helper = "/path/to/script/vault-token-helper.sh"
 # updated to reflect Vault 1.0.x token format (26 chars) output without a trailing new-line
	#!/bin/sh

	set -e

	[ -z "$VAULT_ADDR" ] && VAULT_ADDR="https://127.0.0.1:8200"
	case $1 in
	store)
	security add-generic-password -U -a "VAULT-$USER" -c "hvlt" -C "hvlt" -D "Hashicorp Vault" -s "$VAULT_ADDR" -w "$(cat)"
	;;
	get)
	/bin/echo -n $(security find-generic-password -g -a "VAULT-$USER" -s "$VAULT_ADDR" -w)
	;;
	erase)
	security delete-generic-password -a "VAULT-$USER" -s "$VAULT_ADDR"
	;;
	*)
	echo "Usage: $0 get\|erase\|store"
	;;
	esac

	# then set in your ~/.vault
	# token_helper = "/path/to/script/vault-token-helper.sh"
	# updated to reflect Vault 1.0.x token format (26 chars) output without a trailing new-line