Upgrade to 1.20, refactor Vault block

README.md

@@ -1,11 +1,14 @@
 # HashiCraft Mod for Minecraft
 
+Contains custom blocks that allow interaction with the following HashiCorp products
+* Nomad
+* Consul
+* Vault
+
 > Note: This mod only works for Java. If you have Bedrock, navigate to the
 > [Minecraft Build Contest](https://hashiconf.com/global/minecraft/)
 > area by looking for a sign next to the gold teleportation button where you spawn.
 
-![HashiCraft world map, including build zone](assets/map.png)
-
 ## Setup
 
 ### Prerequisites
@@ -43,8 +46,4 @@
 
 1. The play screen should have a dropdown menu with various Minecraft versions.
    Choose the`fabric-loader` package listed.
-   ![fabric loader mod for Minecraft Java edition](assets/instructions/fabric.png)
-
-1. Select **PLAY**.
-
-1. Join the HashiConf server in Minecraft: `hashiconf.hashicraft.com`
+   ![fabric loader mod for Minecraft Java edition](assets/instructions/fabric.png)

build.gradle

@@ -1,5 +1,5 @@
 plugins {
-    id 'fabric-loom' version '0.12-SNAPSHOT'
+    id 'fabric-loom' version '1.3-SNAPSHOT'
     id 'maven-publish'
 }
 
@@ -43,6 +43,8 @@ dependencies {
 
     // HashiCraft
     modImplementation include("com.github.hashicraft:fabric-stateful-mod:${stateful_version}")
+
+    implementation group: 'com.google.code.findbugs', name: 'jsr305', version: '3.0.2'
 }
 
 processResources {
@@ -86,4 +88,4 @@ publishing {
         // The repositories here will be used for publishing your artifact, not for
         // retrieving dependencies.
     }
-}
+}

gradle.properties

@@ -2,17 +2,17 @@
 org.gradle.jvmargs=-Xmx2G
 
 # Fabric Properties
-	# check these on https://fabricmc.net/develop
-	minecraft_version=1.19
-	yarn_mappings=1.19+build.1
-	loader_version=0.14.6
+  # check these on https://fabricmc.net/develop
+  minecraft_version=1.20.1
+  yarn_mappings=1.20.1+build.10
+  loader_version=0.14.22
 
 # Mod Properties
-	mod_version = 1.3.0
-	maven_group = com.hashicorp
-	archives_base_name = fabric-hashicraft-mod
+  mod_version = 1.4.0
+  maven_group = com.github.hashicraft
+  archives_base_name = fabric-hashicraft-mod
 
 # Dependencies
-	fabric_version=0.55.1+1.19
-	libgui_version=6.0.0+1.19
-	stateful_version=v1.1.4
+  fabric_version=0.87.0+1.20.1
+  libgui_version=8.0.2+1.20
+  stateful_version=v1.3.0

gradle/wrapper/gradle-wrapper.properties

@@ -1,5 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.4-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.1-bin.zip
+networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

gradlew

@@ -1,7 +1,7 @@
 #!/bin/sh
 
 #
-# Copyright � 2015-2021 the original authors.
+# Copyright © 2015-2021 the original authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -32,10 +32,10 @@
 #       Busybox and similar reduced shells will NOT work, because this script
 #       requires all of these POSIX shell features:
 #         * functions;
-#         * expansions �$var�, �${var}�, �${var:-default}�, �${var+SET}�,
-#           �${var#prefix}�, �${var%suffix}�, and �$( cmd )�;
-#         * compound commands having a testable exit status, especially �case�;
-#         * various built-in commands including �command�, �set�, and �ulimit�.
+#         * expansions «$var», «${var}», «${var:-default}», «${var+SET}»,
+#           «${var#prefix}», «${var%suffix}», and «$( cmd )»;
+#         * compound commands having a testable exit status, especially «case»;
+#         * various built-in commands including «command», «set», and «ulimit».
 #
 #   Important for patching:
 #
@@ -55,7 +55,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/master/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -80,13 +80,10 @@ do
     esac
 done
 
-APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
-
-APP_NAME="Gradle"
+# This is normally unused
+# shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+APP_HOME=$( cd "${APP_HOME:-./}" && pwd -P ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
@@ -143,12 +140,16 @@ fi
 if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
     case $MAX_FD in #(
       max*)
+        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC3045
         MAX_FD=$( ulimit -H -n ) ||
             warn "Could not query maximum file descriptor limit"
     esac
     case $MAX_FD in  #(
       '' | soft) :;; #(
       *)
+        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+        # shellcheck disable=SC3045
         ulimit -n "$MAX_FD" ||
             warn "Could not set maximum file descriptor limit to $MAX_FD"
     esac
@@ -193,6 +194,10 @@ if "$cygwin" || "$msys" ; then
     done
 fi
 
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
+
 # Collect all arguments for the java command;
 #   * $DEFAULT_JVM_OPTS, $JAVA_OPTS, and $GRADLE_OPTS can contain fragments of
 #     shell script including quotes and variable substitutions, so put them in
@@ -205,6 +210,12 @@ set -- \
         org.gradle.wrapper.GradleWrapperMain \
         "$@"
 
+# Stop when "xargs" is not available.
+if ! command -v xargs >/dev/null 2>&1
+then
+    die "xargs is not available"
+fi
+
 # Use "xargs" to parse quoted args.
 #
 # With -n1 it outputs one arg per line, with the quotes and backslashes removed.

gradlew.bat

@@ -14,7 +14,7 @@
 @rem limitations under the License.
 @rem
 
-@if "%DEBUG%" == "" @echo off
+@if "%DEBUG%"=="" @echo off
 @rem ##########################################################################
 @rem
 @rem  Gradle startup script for Windows
@@ -25,7 +25,8 @@
 if "%OS%"=="Windows_NT" setlocal
 
 set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
+if "%DIRNAME%"=="" set DIRNAME=.
+@rem This is normally unused
 set APP_BASE_NAME=%~n0
 set APP_HOME=%DIRNAME%
 
@@ -40,7 +41,7 @@ if defined JAVA_HOME goto findJavaFromJavaHome
 
 set JAVA_EXE=java.exe
 %JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto execute
+if %ERRORLEVEL% equ 0 goto execute
 
 echo.
 echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
@@ -75,13 +76,15 @@ set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
 
 :end
 @rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
+if %ERRORLEVEL% equ 0 goto mainEnd
 
 :fail
 rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
 rem the _cmd.exe /c_ return code!
-if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
+set EXIT_CODE=%ERRORLEVEL%
+if %EXIT_CODE% equ 0 set EXIT_CODE=1
+if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE%
+exit /b %EXIT_CODE%
 
 :mainEnd
 if "%OS%"=="Windows_NT" endlocal

jumppad/main.hcl

@@ -0,0 +1,73 @@
+resource "network" "local" {
+  subnet = "10.10.0.0/16"
+}
+
+resource "container" "vault" {
+  image {
+    name = "hashicorp/vault:${variable.vault_version}"
+  }
+
+  command = [
+    "vault",
+    "server",
+    "-dev",
+    "-dev-root-token-id=${variable.vault_root_token}",
+    "-dev-listen-address=0.0.0.0:8200",
+    "-dev-plugin-dir=/plugins"
+  ]
+
+  port {
+    local           = 8200
+    remote          = 8200
+    host            = 8200
+    open_in_browser = ""
+  }
+
+  privileged = true
+
+  # Wait for Vault to start
+  health_check {
+    timeout = "120s"
+    http {
+      address       = "http://localhost:8200/v1/sys/health"
+      success_codes = [200]
+    }
+  }
+
+  environment = {
+    VAULT_ADDR  = "http://localhost:8200"
+    VAULT_TOKEN = variable.vault_root_token
+  }
+
+  network {
+    id         = resource.network.local.id
+    ip_address = variable.vault_ip_address
+  }
+
+  volume {
+    source      = variable.vault_data
+    destination = "/data"
+  }
+
+  volume {
+    source      = variable.vault_plugin_folder
+    destination = "/plugins"
+  }
+
+  volume {
+    source      = "../"
+    destination = "/output"
+  }
+
+  volume {
+    source      = variable.vault_additional_volume.source
+    destination = variable.vault_additional_volume.destination
+    type        = variable.vault_additional_volume.type
+  }
+}
+
+resource "remote_exec" "vault_bootstrap" {
+  target            = resource.container.vault
+  script            = file("./vault_setup/setup.sh")
+  working_directory = "/data"
+}

jumppad/variables.hcl

@@ -0,0 +1,48 @@
+variable "vault_version" {
+  default = "1.14.1"
+}
+
+variable "vault_root_token" {
+  default = "root"
+}
+
+# Should the Vault ui be opened in the browser after run
+variable "vault_open_browser" {
+  default = ""
+}
+
+# Optional IP address to add to Vault
+variable "vault_ip_address" {
+  default = ""
+}
+
+# Path to a folder that is mounted into the Vault container at path /data
+variable "vault_data" {
+  default = data("vault_data")
+}
+
+variable "vault_plugin_folder" {
+  default     = data("vault_plugins")
+  description = "Folder where vault will load custom plugins"
+}
+
+variable "vault_additional_volume" {
+  description = "Additional volume to mount to the vault server"
+
+  default = {
+    name        = ""
+    source      = data("vault_additional_data")
+    destination = "/additional_data"
+    type        = "bind"
+  }
+}
+
+# Bootstrap script that is executed after Vault starts
+# can be used to initially configure Vault
+variable "vault_bootstrap_script" {
+  default = <<-EOF
+  #/bin/sh -e
+
+  vault status
+  EOF
+}

jumppad/vault_setup/setup.sh

@@ -0,0 +1,30 @@
+#!/bin/sh
+
+# Enable Vault userpass
+vault auth enable userpass
+
+# Create the example secrets
+vault kv put secret/vault key="myvaultkey"
+vault kv put secret/admin key="myadminkey"
+
+# Create a policy for the user
+cat <<EOF > user.hcl
+path "secret/data/vault" {
+  capabilities = ["read"]
+}
+EOF
+
+vault policy write user user.hcl
+
+# Create the admin policy
+cat <<EOF > admin.hcl
+path "secret/data/admin" {
+  capabilities = ["read"]
+}
+EOF
+
+vault policy write admin admin.hcl
+
+# Create a user login
+# When running in debug mode the user is not authenticted and is randomly generated every time
+vault write "auth/userpass/users/Player844" password="bd0d6de2-7897-388f-8c0f-71e10002b81c" policies="user,admin"