mdjnewman/vault-list.sh

## vault-list.sh
#!/usr/bin/env bash

# Usage (assumes you're logged in):
#   vault-list secret/

set -o nounset
set -o pipefail
set -o errexit
set -o pipefail

# Recursive function that will
# - List all the secrets in the given $path
# - Call itself for all path values in the given $path
function traverse() {
    local readonly path="$1"

    result=$(vault kv list -format=json $path 2>&1)

    status=$?
    if [ ! $status -eq 0 ]; then
        if [[ $result =~ "permission denied" ]]; then
            return
        fi
        echo >&2 "$result"
    fi

    for secret in $(echo "$result" | jq -r '.[]'); do
        if [[ "$secret" == */ ]]; then
            traverse "$path$secret"
        else
            echo "$path$secret"
        fi
    done
}

traverse $1
	#!/usr/bin/env bash

	# Usage (assumes you're logged in):
	# vault-list secret/

	set -o nounset
	set -o pipefail
	set -o errexit
	set -o pipefail

	# Recursive function that will
	# - List all the secrets in the given $path
	# - Call itself for all path values in the given $path
	function traverse() {
	local readonly path="$1"

	result=$(vault kv list -format=json $path 2>&1)

	status=$?
	if [ ! $status -eq 0 ]; then
	if [[ $result =~ "permission denied" ]]; then
	return
	fi
	echo >&2 "$result"
	fi

	for secret in $(echo "$result" \| jq -r '.[]'); do
	if [[ "$secret" == */ ]]; then
	traverse "$path$secret"
	else
	echo "$path$secret"
	fi
	done
	}

	traverse $1