From 2bae64c40b4819b5a46495acecfc93f249e2e1a6 Mon Sep 17 00:00:00 2001
From: vincent <vincent@ducamps.win>
Date: Sat, 10 Feb 2024 10:40:23 +0100
Subject: [PATCH] create script to bootstrap vault secret

---
 script/generate-vault-secret | 50 ++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100755 script/generate-vault-secret

diff --git a/script/generate-vault-secret b/script/generate-vault-secret
new file mode 100755
index 0000000..28278ce
--- /dev/null
+++ b/script/generate-vault-secret
@@ -0,0 +1,50 @@
+#!/usr/bin/env python
+
+import requests
+import secrets
+import json
+import os
+
+class VaultSecret:
+    def __init__(self,path: str,data: dict) -> None:
+       self.path=path
+       self.data=self.fill_empty_secret(data)
+
+    @staticmethod
+    def fill_empty_secret(data):
+        for k,v in data.items():
+            if v is None or v == "":
+                data[k]=secrets.token_urlsafe(16)
+        return data
+
+
+
+class Vault:
+    def __init__(self,url: str,token: str) -> None:
+       self.URL=url
+       self.token=token
+
+    def create_vault_secret (self,secret: VaultSecret) -> None:
+        resp=requests.post(
+            url= f'{self.URL}/v1/secrets/data/{secret.path}',
+            headers={
+                'X-Vault-Token': self.token
+            },
+            data=json.dumps({"data":secret.data,
+                             "options": {"cas": 0}
+                             })
+        )
+        print(resp.content)
+
+
+def main() -> None:
+    secretList=[]
+    secretList.append(VaultSecret("nomad/ldap",{"admin":""}))
+    token=os.getenv('VAULT_TOKEN',"")
+    vault_addr=os.getenv('VAULT_ADDR',"")
+    vault=Vault(vault_addr,token)
+    for secret in secretList:
+        vault.create_vault_secret(secret)
+
+if __name__ == '__main__':
+    main()