#!/usr/bin/env bash

echo "$(tput bold)Checking Vault seals...$(tput sgr0)"

function check_seal() {
	vault status >/dev/null
	exit_code=$?
	case "${exit_code}" in
		0) return 0;;
		1) echo "error getting status"; exit 1;;
		2) return 1;;
	esac
}

for server in $(terraform output -json vault_server_ips | jq -r '.[]'); do
	export VAULT_ADDR="https://[${server}]:8200" 
	while ! check_seal "${server}"; do
		echo "unsealing: ${server}"
		vault operator unseal
		echo ''
	done
done