From ba8612b9904f5b9cdce9c6c5c04298d6942f04f2 Mon Sep 17 00:00:00 2001
From: Bulat Kurbanov <kurbanovbul@gmail.com>
Date: Sun, 14 Apr 2024 11:22:35 +0200
Subject: [PATCH] Use vault

---
 docker/build.dockerfile |  7 +++++--
 scripts/env.sh          | 12 ++++++++++++
 scripts/start.sh        |  5 +++++
 3 files changed, 22 insertions(+), 2 deletions(-)
 create mode 100644 scripts/env.sh
 create mode 100644 scripts/start.sh

diff --git a/docker/build.dockerfile b/docker/build.dockerfile
index 57945c7..dd75143 100644
--- a/docker/build.dockerfile
+++ b/docker/build.dockerfile
@@ -10,12 +10,15 @@ RUN cargo build --release --bin book_library_server
 FROM debian:bullseye-slim
 
 RUN apt-get update \
-    && apt-get install -y openssl ca-certificates \
+    && apt-get install -y openssl ca-certificates curl jq \
     && rm -rf /var/lib/apt/lists/*
 
 RUN update-ca-certificates
 
+COPY ./scripts/*.sh /
+RUN chmod +x /*.sh
+
 WORKDIR /app
 
 COPY --from=builder /app/target/release/book_library_server /usr/local/bin
-ENTRYPOINT ["/usr/local/bin/book_library_server"]
+ENTRYPOINT ["/start.sh"]
diff --git a/scripts/env.sh b/scripts/env.sh
new file mode 100644
index 0000000..d2d61fc
--- /dev/null
+++ b/scripts/env.sh
@@ -0,0 +1,12 @@
+#! /usr/bin/env sh
+
+response=`curl -X 'GET' "https://$VAULT_HOST/v1/$VAULT_SECRET_PATH" -s \
+  -H 'accept: application/json' \
+  -H "X-Vault-Token: $VAULT_TOKEN"`
+
+data=`echo $response | jq -r '.data.data'`
+
+for key in $(echo "$data" | jq -r 'keys[]'); do
+    value=$(echo "$data" | jq -r ".\"$key\"")  # Corrected syntax
+    echo "$key"="$value"
+done
diff --git a/scripts/start.sh b/scripts/start.sh
new file mode 100644
index 0000000..075b706
--- /dev/null
+++ b/scripts/start.sh
@@ -0,0 +1,5 @@
+#! /usr/bin/env sh
+
+export $(/env.sh)
+
+exec /usr/local/bin/book_library_server