~damien/infrastructure

ref: 41e11f7d9d43ebc929aa90dbe0827d12a680ae64 infrastructure/tools/unseal-vaults -rwxr-xr-x 481 bytes
41e11f7d — Damien Radtke Use blue-green terraform strategy for cluster upgrades a month ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#!/usr/bin/env bash

echo "$(tput bold)Checking Vault seals...$(tput sgr0)"

function check_seal() {
	vault status >/dev/null
	exit_code=$?
	case "${exit_code}" in
		0) return 0;;
		1) echo "error getting status"; exit 1;;
		2) return 1;;
	esac
}

for server in $(terraform output -json vault_server_ips | jq -r '.[]'); do
	export VAULT_ADDR="https://[${server}]:8200" 
	while ! check_seal "${server}"; do
		echo "unsealing: ${server}"
		vault operator unseal
		echo ''
	done
done