How to unseal a vault that is already initialized?

nodevault / node-vault

Client for HashiCorp's Vault

https://vaultproject.io/

MIT License

522 stars 160 forks source link

How to unseal a vault that is already initialized? #211

Open CoinCoderBuffalo opened 1 year ago

CoinCoderBuffalo commented 1 year ago

Basic question. I don't see any examples on handling this scenario. Thanks

CoinCoderBuffalo commented 1 year ago

I figured out how to do this. I added an async run command to the client to handle this.

vaultClient.run = async () => {
  try {
    const status = await vaultClient.status()
    if (!status.initialized) {
      await vaultClient.init({ secret_shares: 1, secret_threshold: 1 })
    }
    if (status.sealed) {
      await vaultClient.unseal({ secret_shares: 1, key: config.vault.key })
    }
    logger.success('node-vault', 'Vault initialized and unsealed')
  } catch (err) {
    logger.error('node-vault', err.message)
  }
}

jeghers commented 1 year ago

Please add this to the documentation. There are lots of missing things in the docs that leaves us lost and unsure what to do.