Skip to content

Commit

Permalink
Modified vault unseal
Browse files Browse the repository at this point in the history
  • Loading branch information
Shifna12Zarnaz committed Sep 18, 2023
1 parent 5fc2621 commit 5f9044e
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 26 deletions.
12 changes: 9 additions & 3 deletions internal/job/vault_seal_watcher.go
Original file line number Diff line number Diff line change
Expand Up @@ -73,13 +73,14 @@ func (v *VaultSealWatcher) Run() {
switch svc {
case "vault-hash-0":
vc = vaultClients[0]
v.log.Debug("Vault Client",vc)

case "vault-hash-1":
vc = vaultClients[1]

v.log.Debug("Vault Client",vc)
case "vault-hash-2":
vc = vaultClients[2]

v.log.Debug("Vault Client",vc)
default:
// Handle the case where the service name doesn't match any of the instances
}
Expand All @@ -100,7 +101,12 @@ func (v *VaultSealWatcher) Run() {
if svc == "vault-hash-0" {

v.log.Info("Unsealing for first instance")
err = vc.Unseal()
_, unsealKeys, err := vc.GetVaultSecretValuesforMultiInstance()
if err != nil {
v.log.Errorf("Failed to fetch the credential: %v\n", err)
return
}
err = vc.UnsealVaultInstance(podip,unsealKeys)

if err != nil {
v.log.Errorf("failed to unseal vault, %s", err)
Expand Down
46 changes: 23 additions & 23 deletions server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,28 +75,28 @@ func initScheduler(log logging.Logger, cfg config.Configuration) (s *job.Schedul
}
}

if cfg.VaultPolicyWatchInterval != "" {
pj, err := job.NewVaultPolicyWatcher(log, cfg.VaultPolicyWatchInterval)
if err != nil {
log.Fatal("failed to init policy watcher job", err)
}

err = s.AddJob("vault-policy-watcher", pj)
if err != nil {
log.Fatal("failed to add policy watcher job", err)
}
}

if cfg.VaultCredSyncInterval != "" {
pj, err := job.NewVaultCredSync(log, cfg.VaultCredSyncInterval)
if err != nil {
log.Fatal("failed to init cred sync job", err)
}

err = s.AddJob("vault-cred-sync", pj)
if err != nil {
log.Fatal("failed to add cred sync job", err)
}
}
// if cfg.VaultPolicyWatchInterval != "" {
// pj, err := job.NewVaultPolicyWatcher(log, cfg.VaultPolicyWatchInterval)
// if err != nil {
// log.Fatal("failed to init policy watcher job", err)
// }

// err = s.AddJob("vault-policy-watcher", pj)
// if err != nil {
// log.Fatal("failed to add policy watcher job", err)
// }
// }

// if cfg.VaultCredSyncInterval != "" {
// pj, err := job.NewVaultCredSync(log, cfg.VaultCredSyncInterval)
// if err != nil {
// log.Fatal("failed to init cred sync job", err)
// }

// err = s.AddJob("vault-cred-sync", pj)
// if err != nil {
// log.Fatal("failed to add cred sync job", err)
// }
// }
return
}

0 comments on commit 5f9044e

Please sign in to comment.