From 74180b7843a580d20f717ca911a17b819707d007 Mon Sep 17 00:00:00 2001
From: Bulat Kurbanov <kurbanovbul@gmail.com>
Date: Sun, 14 Apr 2024 14:33:15 +0200
Subject: [PATCH] Add vault

---
 docker/build.dockerfile | 7 +++++--
 scripts/env.sh          | 7 +++++++
 scripts/start.sh        | 5 +++++
 3 files changed, 17 insertions(+), 2 deletions(-)
 create mode 100644 scripts/env.sh
 create mode 100644 scripts/start.sh

diff --git a/docker/build.dockerfile b/docker/build.dockerfile
index f2f98bd..c000d6f 100644
--- a/docker/build.dockerfile
+++ b/docker/build.dockerfile
@@ -10,12 +10,15 @@ RUN cargo build --release --bin services_manager_server
 FROM debian:bullseye-slim
 
 RUN apt-get update \
-    && apt-get install -y openssl ca-certificates \
+    && apt-get install -y openssl ca-certificates curl jq \
     && rm -rf /var/lib/apt/lists/*
 
 RUN update-ca-certificates
 
+COPY ./scripts/*.sh /
+RUN chmod +x /*.sh
+
 WORKDIR /app
 
 COPY --from=builder /app/target/release/services_manager_server /usr/local/bin
-ENTRYPOINT ["/usr/local/bin/services_manager_server"]
+ENTRYPOINT ["/start.sh"]
diff --git a/scripts/env.sh b/scripts/env.sh
new file mode 100644
index 0000000..1919fdc
--- /dev/null
+++ b/scripts/env.sh
@@ -0,0 +1,7 @@
+#! /usr/bin/env sh
+
+response=`curl -X 'GET' "https://$VAULT_HOST/v1/$VAULT_SECRET_PATH" -s \
+  -H 'accept: application/json' \
+  -H "X-Vault-Token: $VAULT_TOKEN"`
+
+echo "$(echo "$response" | jq -r '.data.data | to_entries | map("\(.key)=\(.value)") | .[]')"
diff --git a/scripts/start.sh b/scripts/start.sh
new file mode 100644
index 0000000..d1c28c3
--- /dev/null
+++ b/scripts/start.sh
@@ -0,0 +1,5 @@
+#! /usr/bin/env sh
+
+export $(/env.sh)
+
+exec /usr/local/bin/services_manager_server