kawsark/vault_approle.py

## vault_approle.py
import os
import hvac
import json
import socket
import time

vault_role_id = os.environ['ROLE_ID']
secrets_path = os.environ['SECRETS_PATH']

print("***********************")
print("VAULT_ADDR = " + os.environ['VAULT_ADDR'])
print("ROLE_ID = " + vault_role_id)
print("SECRETS_PATH = " + secrets_path)
print("***********************")

print("Instantiating a new Vault client")
vault_client = hvac.Client(url=os.environ['VAULT_ADDR'])
login_response = vault_client.auth_approle(vault_role_id, os.environ['SECRET_ID'])
#token=login_response['auth']['client_token']

if vault_client.is_authenticated():
    print("Successfully authenticated using AppRole")
    json_data = vault_client.read(secrets_path)
    user = json_data['data']['username']
    password = json_data['data']['password']
    lease_id = json_data['lease_id']
    request_id = json_data['request_id']

    print("------------------------")
    print("Request_ID = " + request_id)
    print("Lease ID = " + lease_id)
    print("User = " + user)
    print("Password = " + password)
    print("------------------------")

    print("Writing secret to file")
    try:
        filename = "/tmp/output"
        with open(filename, "w") as outfile:
            outfile.write(password)

    except IOError as ioe:
        print("Unable to write to " + filename)
        print(ioe)
else:
    print("Unable to authenticate")
	import os
	import hvac
	import json
	import socket
	import time

	vault_role_id = os.environ['ROLE_ID']
	secrets_path = os.environ['SECRETS_PATH']

	print("***********************")
	print("VAULT_ADDR = " + os.environ['VAULT_ADDR'])
	print("ROLE_ID = " + vault_role_id)
	print("SECRETS_PATH = " + secrets_path)
	print("***********************")

	print("Instantiating a new Vault client")
	vault_client = hvac.Client(url=os.environ['VAULT_ADDR'])
	login_response = vault_client.auth_approle(vault_role_id, os.environ['SECRET_ID'])
	#token=login_response['auth']['client_token']

	if vault_client.is_authenticated():
	print("Successfully authenticated using AppRole")
	json_data = vault_client.read(secrets_path)
	user = json_data['data']['username']
	password = json_data['data']['password']
	lease_id = json_data['lease_id']
	request_id = json_data['request_id']

	print("------------------------")
	print("Request_ID = " + request_id)
	print("Lease ID = " + lease_id)
	print("User = " + user)
	print("Password = " + password)
	print("------------------------")

	print("Writing secret to file")
	try:
	filename = "/tmp/output"
	with open(filename, "w") as outfile:
	outfile.write(password)

	except IOError as ioe:
	print("Unable to write to " + filename)
	print(ioe)
	else:
	print("Unable to authenticate")