-
Notifications
You must be signed in to change notification settings - Fork 1
/
vault_recursive.sh
executable file
·123 lines (109 loc) · 2.57 KB
/
vault_recursive.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#!/bin/bash -e
DO_PURGE=${DO_PURGE:-no}
DO_FORCE=${DO_FORCE:-no}
function recursive_list() {
local basepath=$1
while read line; do
if grep -q '/$' <(echo $line); then
recursive_list ${basepath}${line}
else
echo ${basepath}${line}
fi
done < <(vault kv list -format json $basepath | jq -r '.[]')
}
function recursive_delete_check() {
local basepath=$1
echo "You are about to do the following:" >&2
while read line; do
echo vault kv delete $line
if [ $DO_PURGE = 'yes' ]; then
echo vault kv metadata delete $line
fi
done < <(recursive_list $basepath) | sed 's/^/ /' >&2
echo -n "Do you wish to continue? Yes/[No]: " >&2
read response
if [ "$(echo $response | tr 'A-Z' 'a-z')" = 'yes' ]; then
echo "Proceeding..."
else
echo "Aborting." >&2
exit
fi
}
function recursive_delete_actual() {
local basepath=$1
while read line; do
vault kv delete $line
if [ $DO_PURGE = 'yes' ]; then
vault kv metadata delete $line
fi
done < <(recursive_list $basepath)
}
function recursive_delete() {
if [ ! $DO_FORCE = 'yes' ]; then
recursive_delete_check $1
fi
recursive_delete_actual $1
}
function recursive_dump() {
local basepath=$1
while read line; do
echo = $line
vault kv get -format json $line | jq .data.data | sed 's/^/ /'
done < <(recursive_list $basepath)
}
function recursive_copy_actual() {
local basepath=$1
local destpath=$2
while read line; do
basename=$(echo $line | sed "s#^${basepath}##")
echo "= $line >> ${destpath}${basename}"
vault kv put ${destpath}${basename} @<(vault kv get -format json $line | jq .data.data)
done < <(recursive_list $basepath)
}
function recursive_copy_check() {
local basepath=$1
local destpath=$2
echo "You are about to do the following:" >&2
while read line; do
basename=$(echo $line | sed "s#^${basepath}##")
echo "$line >> ${destpath}${basename}"
done < <(recursive_list $basepath) | column -t | sed 's/^/ /'
echo -n "Do you wish to continue? Yes/[No]: " >&2
read response
if [ "$(echo $response | tr 'A-Z' 'a-z')" = 'yes' ]; then
echo "Proceeding..."
else
echo "Aborting." >&2
exit
fi
}
function recursive_copy() {
if [ ! $DO_FORCE = 'yes' ]; then
recursive_copy_check $1 $2
fi
recursive_copy_actual $1 $2
}
do=$1
path=$2
if ! grep -q '/$' <(echo $path); then
path=${path}/
fi
if [ $# -eq 3 ]; then
dest=$3
if ! grep -q '/$' <(echo $dest); then
dest=${dest}/
fi
fi
case $do in
list)
recursive_list $path ;;
dump)
recursive_dump $path ;;
delete)
recursive_delete $path ;;
copy)
recursive_copy $path $dest ;;
*)
echo "unrecognized command: $do" >&2
exit 1 ;;
esac