(require 'circle-vault.core :reload)
(use 'circle-vault.core :reload)
(in-ns 'circle-vault.core)
(use 'clojure.pprint)
(def role-id "ec355569-a8a4-1688-a375-06d059789a9b")
(def secret-id "7c54fab1-7e00-aecf-6330-79589caaff1d")
(def token-grace-period 400)
(def client (-> (new-vault-client "http://127.0.0.1:8200" :app-role {:role-id role-id :secret-id secret-id}) (component/start)))
(write-secret client "secret/foo" {:host "localhost" :port 8765 :password "abc123"})
export ROOT_VAULT_TOKEN=""
export VAULT_TOKEN=$ROOT_VAULT_TOKEN
curl --dump-header - \
-H "X-Vault-Token: $VAULT_TOKEN" \
-X GET \
http://127.0.0.1:8200/v1/cubbyhole/foo
curl --dump-header - \
-H "X-Vault-Token: $VAULT_TOKEN" \
-H "Content-Type: application/json" \
-X POST \
-d '{"value":"foooo"}' \
http://127.0.0.1:8200/v1/cubbyhole/foo
curl --dump-header - \
-H "X-Vault-Token: $VAULT_TOKEN" \
-H "Content-Type: application/json" \
-X POST \
http://127.0.0.1:8200/v1/auth/token/create
curl --dump-header - \
-H "X-Vault-Token: $VAULT_TOKEN" \
-H "X-Vault-Wrap-Ttl: 300s" \
-H "Content-Type: application/json" \
-X POST \
http://127.0.0.1:8200/v1/auth/token/create
Use temp token to get perm token (unwrap temp token)
curl --dump-header - \
-H "X-Vault-Token: $VAULT_TOKEN" \
-H "Content-Type: application/json" \
-X POST \
http://127.0.0.1:8200/v1/sys/wrapping/unwrap
curl --dump-header - \
-H "X-Vault-Token: $VAULT_TOKEN" \
-H "Content-Type: application/json" \
-X PUT \
-d '{"token":"<token itself>"}' \
http://127.0.0.1:8200/v1/auth/token/renew