diff --git a/.env.sample b/.env.sample index ab31ebef..0a8a0e7c 100644 --- a/.env.sample +++ b/.env.sample @@ -6,10 +6,11 @@ EMAIL_PASS= EMAIL_SERVICE= EMAIL_USER= GDRIVE_CLIENT_EMAIL= -GDRIVE_CLIENTID= -GDRIVE_PRIVTKEY= -GDRIVE_PROJECTID= +GDRIVE_CLIENT_ID= +GDRIVE_PRIVATE_KEY= +GDRIVE_PROJECT_ID= POSTGRES_DATABASE= POSTGRES_PASSWORD= POSTGRES_PORT= +POSTGRES_URL_NON_POOLING= POSTGRES_USER= \ No newline at end of file diff --git a/README.md b/README.md index 7b77ffb3..61db4574 100644 --- a/README.md +++ b/README.md @@ -39,13 +39,13 @@ npm install - In the folder where you cloned the Sistema repository, log into Vault ```bash -vlt login +hcp auth login ``` - Configure the Vault Command Line Interface ```bash -vlt config init +hcp profile init ``` - Select the `sistema` Organization and Project diff --git a/docker-compose.yml b/docker-compose.yml index 866826f9..1719d614 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -17,6 +17,7 @@ services: - POSTGRES_DATABASE=${POSTGRES_DATABASE} - POSTGRES_PASSWORD=${POSTGRES_PASSWORD} - POSTGRES_PORT=${POSTGRES_PORT} + - DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@db:5432/${POSTGRES_DATABASE} db: image: postgres:16-alpine ports: diff --git a/setup_secrets.sh b/setup_secrets.sh index a8acc7a5..a42e1677 100755 --- a/setup_secrets.sh +++ b/setup_secrets.sh @@ -5,13 +5,13 @@ ENV_FILE=".env" # Login to Vault echo "Logging into Vault..." -vlt login +hcp auth login if [ $? -ne 0 ]; then echo "Failed to login to Vault. Please check your credentials." exit 1 fi -vlt config init +hcp profile init # Check if .env file exists and delete it if it does if [ -f "$ENV_FILE" ]; then @@ -19,7 +19,7 @@ if [ -f "$ENV_FILE" ]; then fi # Fetch all secret keys from Vault -SECRET_KEYS=$(vlt secrets list -format=json | grep -Eo '"([^"]*)"\s*:\s*"([^"]*)"' | sed -E 's/^"([^"]*)"\s*:\s*"([^"]*)"$/\1=\2/' | grep "^name=" | grep -v "@" | sed 's/^name=//') +SECRET_KEYS=$(hcp vault-secrets secrets list --format=json | grep -Eo '"([^"]*)"\s*:\s*"([^"]*)"' | sed -E 's/"([^"]+)": "([^"]+)"/\1=\2/g' | grep "^name=" | grep -v "@" | sed 's/^name=//') if [ $? -ne 0 ] || [ -z "$SECRET_KEYS" ]; then echo "Failed to retrieve secret keys from Vault." @@ -28,7 +28,7 @@ fi # Iterate over each secret key and fetch the secret value for key in $SECRET_KEYS; do - SECRET_VALUE=$(vlt secrets get --plaintext $key 2>/dev/null) + SECRET_VALUE=$(hcp vault-secrets secrets open $key | grep "Value:" | sed -E 's/Value:\s*(.*)/\1/; s/^[ \t]+|[ \t]+$//g' 2>/dev/null) if [ $? -ne 0 ] || [ -z "$SECRET_VALUE" ]; then echo "Failed to retrieve secret for key $key. Skipping."