Bridgeman-Accessible/custom-hashicorp-vault
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Attempting to add support to use Kubernetes secrets for vault root token, unseal keys and app role data
All checks were successful
Build and deploy Bridgeman Accessible Hashicorp Vault Implementation / deploy (push) Successful in 2m48s
Details

Browse source
This commit is contained in:
Alan Bridgeman 2026-04-05 15:38:21 -05:00
parent f8cb28246f
commit dd5a8abd55
7 changed files with 171 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

14
Dockerfile
View file

@ -1,5 +1,7 @@
FROM hashicorp/vault:latest
WORKDIR /vault/setup
# Install Bash
RUN apk add --no-cache --upgrade bash
@ -11,6 +13,10 @@ RUN python3 -m venv .venv \
&& python -m ensurepip \
&& pip install --no-cache --upgrade pip setuptools
# Install any needed dependencies
COPY ./setup-scripts/requirements.txt ./
RUN source .venv/bin/activate && pip install --no-cache -r requirements.txt
# Needed for parsing JSON in Bash (which is needed to parse the unseal keys and root token)
RUN apk add --no-cache jq
@ -18,11 +24,11 @@ RUN apk add --no-cache jq
COPY vault-config.hcl /vault/config/vault-config.hcl
# Copy the startup script into the container (also verifying it's encoded properly)
COPY ./entrypoint.sh /entrypoint.sh
RUN dos2unix /entrypoint.sh
COPY ./entrypoint.sh ./
RUN dos2unix ./entrypoint.sh
# Copy the Python startup stuff into the container
COPY ./setup-scripts /setup-scripts
COPY ./setup-scripts ./setup-scripts
# Copy the snapshot server Python code into the container
COPY ./snapshot-server /snapshot-server
@ -33,4 +39,4 @@ COPY ./snapshot-server /snapshot-server
# | 8300 | Custom snapshot server (for creating and serving backups over HTTP) |
EXPOSE 8200 8300
ENTRYPOINT ["/bin/bash", "/entrypoint.sh"]
ENTRYPOINT ["/bin/bash", "/vault/setup/entrypoint.sh"]