1#!/bin/sh 2 3set -e 4 5# Generate an OpenAPI document for all backends. 6# 7# Assumptions: 8# 9# 1. Vault has been checked out at an appropriate version and built 10# 2. vault executable is in your path 11# 3. Vault isn't already running 12 13echo "Starting Vault..." 14if pgrep -x "vault" > /dev/null 15then 16 echo "Vault is already running. Aborting." 17 exit 1 18fi 19 20vault server -dev -dev-root-token-id=root & 21sleep 2 22VAULT_PID=$! 23 24echo "Mounting all builtin backends..." 25 26# auth backends 27vault auth enable alicloud 28vault auth enable app-id 29vault auth enable approle 30vault auth enable aws 31vault auth enable azure 32vault auth enable centrify 33vault auth enable cert 34vault auth enable cf 35vault auth enable gcp 36vault auth enable github 37vault auth enable jwt 38vault auth enable kerberos 39vault auth enable kubernetes 40vault auth enable ldap 41vault auth enable oci 42vault auth enable oidc 43vault auth enable okta 44vault auth enable radius 45vault auth enable userpass 46 47# secrets backends 48vault secrets enable ad 49vault secrets enable alicloud 50vault secrets enable aws 51vault secrets enable azure 52vault secrets enable cassandra 53vault secrets enable consul 54vault secrets enable database 55vault secrets enable gcp 56vault secrets enable gcpkms 57vault secrets enable kv 58vault secrets enable mongodb 59vault secrets enable mongodbatlas 60vault secrets enable mssql 61vault secrets enable mysql 62vault secrets enable nomad 63vault secrets enable openldap 64vault secrets enable pki 65vault secrets enable postgresql 66vault secrets enable rabbitmq 67vault secrets enable ssh 68vault secrets enable terraform 69vault secrets enable totp 70vault secrets enable transit 71 72# Enable enterprise features 73if [[ ! -z "$VAULT_LICENSE" ]] 74then 75 vault write sys/license text="$VAULT_LICENSE" 76 vault secrets enable kmip 77 vault secrets enable transform 78fi 79 80# Output OpenAPI, optionally formatted 81if [ "$1" == "-p" ]; then 82 curl -H "X-Vault-Token: root" "http://127.0.0.1:8200/v1/sys/internal/specs/openapi" | jq > openapi.json 83else 84 curl -H "X-Vault-Token: root" "http://127.0.0.1:8200/v1/sys/internal/specs/openapi" > openapi.json 85fi 86 87kill $VAULT_PID 88sleep 1 89 90echo "\nopenapi.json generated." 91