Skip to content

Commit

Permalink
feat(dev): Ensure that reloading the plugin won't loose the data
Browse files Browse the repository at this point in the history 
Using the procedure described in https://developer.hashicorp.com/vault/docs/upgrading/plugins#upgrading-vault-plugins

- it uses a file to persist the previous version,
- it automatically create the new version number increasing the last number of the version, starting with 0.0.1
  therefore, it will reload with versions 0.0.1, 0.0.2, 0.0.3...
  • Loading branch information
@Konubinix @glehmann
Konubinix authored and glehmann committed Nov 8, 2023
1 parent 21fdda2 commit 013c821
Showing 1 changed file with 16 additions and 6 deletions.
22 changes: 16 additions & 6 deletions reload-plugin.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,12 +30,22 @@ if vault_tss_already_registered && test "$(vault_tss_registered_hash)" = "${HASH
then
echo "Vault plugin ${plugin_name} already registered and up-to-date" >&2
else
vault plugin register -sha256 "${HASH}" "${plugin_name}"
vault plugin reload -plugin "${plugin_name}"
if vault secrets list | grep -q "^${plugin_name}/"
VERSION_FILE="/${plugin_name}-version.txt"
if test -e "${VERSION_FILE}"
then
vault secrets disable "${plugin_name}"
version="$(cat "${VERSION_FILE}")"
else
version="0.0.0"
fi

vault secrets enable -path "${plugin_name}" -description "From plugin '${plugin_name}'" "$@" "${plugin_name}"
last_number="$(echo "${version}"|sed -r 's/^([0-9.]+)\.([0-9]+)$/\2/')"
prev_numbers="$(echo "${version}"|sed -r 's/^([0-9.]+)\.([0-9]+)$/\1/')"
version="${prev_numbers}.$((last_number + 1))"
vault plugin register -version="${version}" -sha256 "${HASH}" "${plugin_name}"
if ! { vault secrets list | grep -q "^${plugin_name}/" ; }
then
vault secrets enable -path "${plugin_name}" -description "From plugin '${plugin_name}'" "$@" "${plugin_name}"
fi
vault secrets tune -plugin-version="${version}" "${plugin_name}"
vault plugin reload -plugin "${plugin_name}"
echo "${version}" > "${VERSION_FILE}"
fi

0 comments on commit 013c821

Please sign in to comment.