set the token explicitly and attempt to verify it (#84) (#85)

picostack · Oct 6, 2020 · 95580fb · 95580fb
1 parent b48ee18
commit 95580fb
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/secret/vault/vault.go b/secret/vault/vault.go
@@ -102,10 +102,18 @@ func (v *VaultSecrets) Renew(ctx context.Context) error {
 	renew := time.NewTicker(v.renewal)
 	defer renew.Stop()
 	for range renew.C {
-		_, err := v.client.Auth().Token().RenewSelf(0)
+		token, err := v.client.Auth().Token().RenewSelf(0)
 		if err != nil {
 			return errors.Wrap(err, "failed to renew vault token")
 		}
+		if _, err = v.client.Auth().Token().LookupSelf(); err != nil {
+			return errors.Wrap(err, "failed to connect to vault server")
+		}
+		v.client.SetToken(token.Auth.ClientToken)
+		zap.L().Debug("renewed fault token",
+			zap.String("lease_id", token.LeaseID),
+			zap.Int("lease_duration", token.LeaseDuration),
+			zap.Bool("renewable", token.Renewable))
 	}
 	return nil
 }