mihairaulea/gist:3799c4153df9cd146c263551d17e07e6

## gistfile1.txt
We use gitlab's CI/CD pipeline and Vault to secure our environment variables.
This is a 3 hour job to reconfigure a HashiCorp Vault, point Gitlab to the new vault address and
populate Vault with the environment variables.

We will provide the Hashicorp Vault.

Here is the Gitlab script.

script:
    - echo "Branch Name - ${ENVIRONMENT}"
    - apk add jq
    - export VAULT_NAMESPACE=admin/$ENVIRONMENT
    - export VAULT_AUTH_ROLE=$ENVIRONMENT
    # authenticate and get token. Token expiry time and other properties can be configured
    - export VAULT_TOKEN="$(vault write -field=token auth/jwt/login role=$VAULT_AUTH_ROLE jwt=$CI_JOB_JWT)"
    # use the VAULT_TOKEN to read the secret and store it in an environment variable
    - vault kv get -format json  newmiddleware/ssh-key | jq .data.data |  jq -r 'to_entries|map("\(.key)=\(.value|tostring)")|.[]' >> build.env
	We use gitlab's CI/CD pipeline and Vault to secure our environment variables.
	This is a 3 hour job to reconfigure a HashiCorp Vault, point Gitlab to the new vault address and
	populate Vault with the environment variables.

	We will provide the Hashicorp Vault.

	Here is the Gitlab script.

	script:
	- echo "Branch Name - ${ENVIRONMENT}"
	- apk add jq
	- export VAULT_NAMESPACE=admin/$ENVIRONMENT
	- export VAULT_AUTH_ROLE=$ENVIRONMENT
	# authenticate and get token. Token expiry time and other properties can be configured
	- export VAULT_TOKEN="$(vault write -field=token auth/jwt/login role=$VAULT_AUTH_ROLE jwt=$CI_JOB_JWT)"
	# use the VAULT_TOKEN to read the secret and store it in an environment variable
	- vault kv get -format json newmiddleware/ssh-key \| jq .data.data \| jq -r 'to_entries\|map("\(.key)=\(.value\|tostring)")\|.[]' >> build.env