vault.yaml

namespace: /bison

vault:
  defines: runnable
  inherits: /vault/latest
  containers:
    defines: containers
    vault:
      hooks:
        container-started: inject-keys
  checks:
    defines: checks
    readyness:
      code: exec("vault", "/bin/sh", "-c", `VAULT_TOKEN=${root-token} vault kv list -address=http://127.0.0.1:8200 validators`) "ksm" contains?
      period: 15
      initialDelay: 13
  variables:
    defines: variables
    vault_cli_no_color:
      type: bool
      value: true
      env: VAULT_CLI_NO_COLOR
    dot_validator_sk:
      type: string
      value: ""
    dot_validator_ed25519_pk:
      type: string
      value: ""
    dot_validator_sr25519_pk:
      type: string
      value: ""
    ksm_validator_sk:
      type: string
      value: ""
    ksm_validator_ed25519_pk:
      type: string
      value: ""
    ksm_validator_sr25519_pk:
      type: string
      value: ""
    
  actions:
    defines: actions
    inject-keys:
      code: |
        exec("vault", "/bin/sh", "-c", `VAULT_TOKEN=${root-token} vault secrets enable -address=http://127.0.0.1:8200 -path=validators/ kv`)
        exec("vault", "/bin/sh", "-c", `VAULT_TOKEN=${root-token} vault kv put -address=http://127.0.0.1:8200 validators/dot/validator_sk key=${dot_validator_sk}`)
        exec("vault", "/bin/sh", "-c", `VAULT_TOKEN=${root-token} vault kv put -address=http://127.0.0.1:8200 validators/dot/validator_ed25519_pk key=${dot_validator_ed25519_pk}`)
        exec("vault", "/bin/sh", "-c", `VAULT_TOKEN=${root-token} vault kv put -address=http://127.0.0.1:8200 validators/dot/validator_sr25519_pk key=${dot_validator_sr25519_pk}`)
        exec("vault", "/bin/sh", "-c", `VAULT_TOKEN=${root-token} vault kv put -address=http://127.0.0.1:8200 validators/ksm/validator_sk key=${ksm_validator_sk}`)
        exec("vault", "/bin/sh", "-c", `VAULT_TOKEN=${root-token} vault kv put -address=http://127.0.0.1:8200 validators/ksm/validator_ed25519_pk key=${ksm_validator_ed25519_pk}`)
        exec("vault", "/bin/sh", "-c", `VAULT_TOKEN=${root-token} vault kv put -address=http://127.0.0.1:8200 validators/ksm/validator_sr25519_pk key=${ksm_validator_sr25519_pk}`)