mastier/vault-unseal-and-authorize.sh

## vault-unseal-and-authorize.sh
if ! type vault >/dev/null 2>&1; then "Please install vault. $ snap install vault"; exit 1; fi

export VAULT_KEYS_PATH="vault-keys.txt"

vault_init() {
  VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true");
  export VAULT_ADDR="http://$VAULT_UNIT_IP:8200"
  echo "=== Initializing Vault by $VAULT_UNIT_IP ==="
  vault operator init -key-shares=5 -key-threshold=3 > ${VAULT_KEYS_PATH}
}

vault_unseal() {
  for key in `cat ${VAULT_KEYS_PATH} |cut -f4 -d' '|head -3`; do vault operator unseal $key; done
}

vault_unseal_all() {
  for i in 0 1 2; do
    VAULT_UNIT_IP=$(juju run --unit vault/$i "network-get access --ingress-address=true");
    export VAULT_ADDR="http://$VAULT_UNIT_IP:8200"
    echo "== Unsealing vault/$i : $VAULT_UNIT_IP =="
    vault_unseal
  done
}

vault_authorize_charm() {
  VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true");
  export VAULT_ADDR="http://$VAULT_UNIT_IP:8200"
  export VAULT_TOKEN=`cat ${VAULT_KEYS_PATH} |grep 'Initial Root Token'|cut -f4 -d' '`
  echo "=== Create token by $VAULT_UNIT_IP  ==="
  export CHARM_AUTH_TOKEN=`vault token create -ttl=10m|head -3|grep token|awk '{print $2}'`
  echo "=== Authorizing charm ==="
  juju run-action --wait vault/leader authorize-charm token="$CHARM_AUTH_TOKEN"
}


### Init vault
vault_init

### Unseal all vault instances
vault_unseal_all

echo "=== Waiting 30s ==="
sleep 30

### Authorize charm
vault_authorize_charm
	if ! type vault >/dev/null 2>&1; then "Please install vault. $ snap install vault"; exit 1; fi

	export VAULT_KEYS_PATH="vault-keys.txt"

	vault_init() {
	VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true");
	export VAULT_ADDR="http://$VAULT_UNIT_IP:8200"
	echo "=== Initializing Vault by $VAULT_UNIT_IP ==="
	vault operator init -key-shares=5 -key-threshold=3 > ${VAULT_KEYS_PATH}
	}

	vault_unseal() {
	for key in `cat ${VAULT_KEYS_PATH} \|cut -f4 -d' '\|head -3`; do vault operator unseal $key; done
	}

	vault_unseal_all() {
	for i in 0 1 2; do
	VAULT_UNIT_IP=$(juju run --unit vault/$i "network-get access --ingress-address=true");
	export VAULT_ADDR="http://$VAULT_UNIT_IP:8200"
	echo "== Unsealing vault/$i : $VAULT_UNIT_IP =="
	vault_unseal
	done
	}

	vault_authorize_charm() {
	VAULT_UNIT_IP=$(juju run --unit vault/leader "network-get access --ingress-address=true");
	export VAULT_ADDR="http://$VAULT_UNIT_IP:8200"
	export VAULT_TOKEN=`cat ${VAULT_KEYS_PATH} \|grep 'Initial Root Token'\|cut -f4 -d' '`
	echo "=== Create token by $VAULT_UNIT_IP ==="
	export CHARM_AUTH_TOKEN=`vault token create -ttl=10m\|head -3\|grep token\|awk '{print $2}'`
	echo "=== Authorizing charm ==="
	juju run-action --wait vault/leader authorize-charm token="$CHARM_AUTH_TOKEN"
	}


	### Init vault
	vault_init

	### Unseal all vault instances
	vault_unseal_all

	echo "=== Waiting 30s ==="
	sleep 30

	### Authorize charm
	vault_authorize_charm