diff --git a/README.adoc b/README.adoc index 9af3a511..24cbfd83 100644 --- a/README.adoc +++ b/README.adoc @@ -43,12 +43,14 @@ To get started with Vault and this guide you need a *Install Vault* +[source,bash] ---- $ src/test/bash/install_vault.sh ---- *Create SSL certificates for Vault* +[source,bash] ---- $ src/test/bash/create_certificates.sh ---- @@ -58,15 +60,21 @@ NOTE: `create_certificates.sh` creates certificates in `work/ca` and a JKS trust [[quickstart.vault.start]] *Start Vault server* +[source,bash] ---- $ src/test/bash/local_run_vault.sh ---- Vault is started listening on `0.0.0.0:8200` using the `inmem` storage and `https`. -Vault is sealed and not initialized when starting up -so you need to initialize it first. +Vault is sealed and not initialized when starting up. +NOTE: If you want to run tests, leave Vault uninitialized. The tests will +initialize Vault and create a root token `00000000-0000-0000-0000-000000000000`. + +If you want to use Vault for your application or give it a try then you need to initialize it first. + +[source,bash] ---- $ export VAULT_ADDR="https://localhost:8200" $ export VAULT_SKIP_VERIFY=true # Don't do this for production @@ -75,6 +83,7 @@ $ vault init You should see something like: +[source,bash] ---- Key 1: 7149c6a2e16b8833f6eb1e76df03e47f6113a3288b3093faf5033d44f0e70fe701 Key 2: 901c534c7988c18c20435a85213c683bdcf0efcd82e38e2893779f152978c18c02 @@ -96,11 +105,14 @@ Vault will initialize and return a set of unsealing keys and the root token. Pick 3 keys and unseal Vault. Store the Vault token in the `VAULT_TOKEN` environment variable. +[source,bash] ---- $ vault unseal (Key 1) $ vault unseal (Key 2) $ vault unseal (Key 3) $ export VAULT_TOKEN=(Root token) +# Required to run Spring Cloud Vault tests after manual initialization +$ vault token-create -id="00000000-0000-0000-0000-000000000000" -policy="root" ---- Spring Cloud Vault accesses different resources. By default, the secret @@ -134,7 +146,7 @@ the test cases). Example Maven configuration: org.springframework.boot spring-boot-starter-parent - 1.5.2.RELEASE + 1.5.4.RELEASE @@ -199,6 +211,7 @@ spring.cloud.vault: host: localhost port: 8200 scheme: https + uri: https://localhost:8200 connection-timeout: 5000 read-timeout: 15000 config: @@ -211,6 +224,7 @@ for SSL certificate validation * `port` sets the Vault port * `scheme` setting the scheme to `http` will use plain HTTP. Supported schemes are `http` and `https`. +* `uri` configure the Vault endpoint with an URI. Takes precedence over host/port/scheme configuration * `connection-timeout` sets the connection timeout in milliseconds * `read-timeout` sets the read timeout in milliseconds * `config.order` sets the order for the property source @@ -257,15 +271,23 @@ setup are scripted, the scripts are located in `src/test/bash`. The following scripts need to be run prior to building the project for the tests to pass. - $ ./src/test/bash/install_vault.sh - $ ./src/test/bash/create_certificates.sh - $ ./src/test/bash/local_run_vault.sh +[source,bash] +---- +$ ./src/test/bash/install_vault.sh +$ ./src/test/bash/create_certificates.sh +$ ./src/test/bash/local_run_vault.sh +---- + +Leave Vault uninitialized, the tests will initialize and unseal Vault. They will also create a root token `00000000-0000-0000-0000-000000000000`. Changes to the documentation should be made to the adocs found under `docs/src/main/asciidoc/` -README.adoc can be re-generated via the following +`README.adoc` can be re-generated via the following - $ ./docs/src/main/ruby/generate_readme.sh > README.adoc +[source,bash] +---- +$ ./docs/src/main/ruby/generate_readme.sh > README.adoc +---- This script requires ruby and the asciidoctor gem installed (`gem install asciidoctor`) @@ -403,4 +425,4 @@ added after the original pull request but before a merge. other target branch in the main project). * When writing a commit message please follow http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html[these conventions], if you are fixing an existing issue please add `Fixes gh-XXXX` at the end of the commit - message (where XXXX is the issue number). \ No newline at end of file + message (where XXXX is the issue number). diff --git a/docs/src/main/asciidoc/README.adoc b/docs/src/main/asciidoc/README.adoc index ac80f2fb..a66023a5 100644 --- a/docs/src/main/asciidoc/README.adoc +++ b/docs/src/main/asciidoc/README.adoc @@ -40,15 +40,23 @@ setup are scripted, the scripts are located in `src/test/bash`. The following scripts need to be run prior to building the project for the tests to pass. - $ ./src/test/bash/install_vault.sh - $ ./src/test/bash/create_certificates.sh - $ ./src/test/bash/local_run_vault.sh +[source,bash] +---- +$ ./src/test/bash/install_vault.sh +$ ./src/test/bash/create_certificates.sh +$ ./src/test/bash/local_run_vault.sh +---- + +Leave Vault uninitialized, the tests will initialize and unseal Vault. They will also create a root token `00000000-0000-0000-0000-000000000000`. Changes to the documentation should be made to the adocs found under `docs/src/main/asciidoc/` -README.adoc can be re-generated via the following +`README.adoc` can be re-generated via the following - $ ./docs/src/main/ruby/generate_readme.sh > README.adoc +[source,bash] +---- +$ ./docs/src/main/ruby/generate_readme.sh > README.adoc +---- This script requires ruby and the asciidoctor gem installed (`gem install asciidoctor`) diff --git a/docs/src/main/asciidoc/quickstart.adoc b/docs/src/main/asciidoc/quickstart.adoc index 98267d28..1f99fc54 100644 --- a/docs/src/main/asciidoc/quickstart.adoc +++ b/docs/src/main/asciidoc/quickstart.adoc @@ -10,12 +10,14 @@ To get started with Vault and this guide you need a *Install Vault* +[source,bash] ---- $ src/test/bash/install_vault.sh ---- *Create SSL certificates for Vault* +[source,bash] ---- $ src/test/bash/create_certificates.sh ---- @@ -25,15 +27,21 @@ NOTE: `create_certificates.sh` creates certificates in `work/ca` and a JKS trust [[quickstart.vault.start]] *Start Vault server* +[source,bash] ---- $ src/test/bash/local_run_vault.sh ---- Vault is started listening on `0.0.0.0:8200` using the `inmem` storage and `https`. -Vault is sealed and not initialized when starting up -so you need to initialize it first. +Vault is sealed and not initialized when starting up. +NOTE: If you want to run tests, leave Vault uninitialized. The tests will +initialize Vault and create a root token `00000000-0000-0000-0000-000000000000`. + +If you want to use Vault for your application or give it a try then you need to initialize it first. + +[source,bash] ---- $ export VAULT_ADDR="https://localhost:8200" $ export VAULT_SKIP_VERIFY=true # Don't do this for production @@ -42,6 +50,7 @@ $ vault init You should see something like: +[source,bash] ---- Key 1: 7149c6a2e16b8833f6eb1e76df03e47f6113a3288b3093faf5033d44f0e70fe701 Key 2: 901c534c7988c18c20435a85213c683bdcf0efcd82e38e2893779f152978c18c02 @@ -63,11 +72,14 @@ Vault will initialize and return a set of unsealing keys and the root token. Pick 3 keys and unseal Vault. Store the Vault token in the `VAULT_TOKEN` environment variable. +[source,bash] ---- $ vault unseal (Key 1) $ vault unseal (Key 2) $ vault unseal (Key 3) $ export VAULT_TOKEN=(Root token) +# Required to run Spring Cloud Vault tests after manual initialization +$ vault token-create -id="00000000-0000-0000-0000-000000000000" -policy="root" ---- Spring Cloud Vault accesses different resources. By default, the secret @@ -101,7 +113,7 @@ the test cases). Example Maven configuration: org.springframework.boot spring-boot-starter-parent - 1.5.2.RELEASE + 1.5.4.RELEASE