From 8b9c3494ff4abd91761364d047765a12242bed29 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Mon, 18 Apr 2022 16:44:55 +0100 Subject: [PATCH] ops/vault/reissue-secret-id: don't fail on systems with no pre-existing secrets --- ops/vault/reissue-secret-id.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ops/vault/reissue-secret-id.sh b/ops/vault/reissue-secret-id.sh index ae0e8bf5d8..6514af9e12 100755 --- a/ops/vault/reissue-secret-id.sh +++ b/ops/vault/reissue-secret-id.sh @@ -14,7 +14,7 @@ echo Destroying existing secrets for that server... >&2 vault list -format=json "auth/approle/role/${server_name}/secret-id" | jq -r '.[]' | while read -r secret_id_accessor; do echo -ne "\t$secret_id_accessor\n" vault write "auth/approle/role/${server_name}/secret-id-accessor/destroy" secret_id_accessor="${secret_id_accessor}" -done +done || true echo Creating new secret... >&2 vault write -f -format=json -wrap-ttl=3m "auth/approle/role/${server_name}/secret-id" | jq -r '.wrap_info.token'