chore(vault-github): Add partner github and tests (#142)

1 year ago · 7e897a51e6
parent ac54966f5e
commit 7e897a51e6
4 changed files with 18 additions and 10 deletions
--- a/vault-github/README.md
+++ b/vault-github/README.md
@ -3,6 +3,7 @@ display_name: Hashicorp Vault Integration (GitHub)
 description: Authenticates with Vault using GitHub
 icon: ../.icons/vault.svg
 maintainer_github: coder
+partner_github: hashicorp
 verified: true
 tags: [helper, integration, vault, github]
 ---
@ -14,7 +15,7 @@ This module lets you authenticate with [Hashicorp Vault](https://www.vaultprojec
 ```tf
 module "vault" {
  source     = "registry.coder.com/modules/vault-github/coder"
-  version    = "1.0.2"
+  version    = "1.0.3"
  agent_id   = coder_agent.example.id
  vault_addr = "https://vault.example.com"
 }
@ -23,13 +24,13 @@ module "vault" {
 Then you can use the Vault CLI in your workspaces to fetch secrets from Vault:

 ```shell
-vault kv get -mount=secret my-secret
+vault kv get -mount=coder my-secret
 ```

 or using the Vault API:

 ```shell
-curl -H "X-Vault-Token: ${VAULT_TOKEN}" -X GET "${VAULT_ADDR}/v1/secret/data/my-secret"
+curl -H "X-Vault-Token: ${VAULT_TOKEN}" -X GET "${VAULT_ADDR}/v1/coder/data/my-secret"
 ```

 ![Vault login](../.images/vault-login.png)
@ -45,7 +46,7 @@ To configure the Vault module, you must set up a Vault GitHub auth method. See t
 ```tf
 module "vault" {
  source               = "registry.coder.com/modules/vault-github/coder"
-  version              = "1.0.2"
+  version              = "1.0.3"
  agent_id             = coder_agent.example.id
  vault_addr           = "https://vault.example.com"
  coder_github_auth_id = "my-github-auth-id"
@ -57,7 +58,7 @@ module "vault" {
 ```tf
 module "vault" {
  source                 = "registry.coder.com/modules/vault-github/coder"
-  version                = "1.0.2"
+  version                = "1.0.3"
  agent_id               = coder_agent.example.id
  vault_addr             = "https://vault.example.com"
  coder_github_auth_id   = "my-github-auth-id"
@ -70,7 +71,7 @@ module "vault" {
 ```tf
 module "vault" {
  source            = "registry.coder.com/modules/vault-github/coder"
-  version           = "1.0.2"
+  version           = "1.0.3"
  agent_id          = coder_agent.example.id
  vault_addr        = "https://vault.example.com"
  vault_cli_version = "1.15.0"
--- a/vault-github/main.test.ts
+++ b/vault-github/main.test.ts
@ -0,0 +1,11 @@
+import { describe } from "bun:test";
+import { runTerraformInit, testRequiredVariables } from "../test";
+
+describe("vault-token", async () => {
+  await runTerraformInit(import.meta.dir);
+
+  testRequiredVariables(import.meta.dir, {
+    agent_id: "foo",
+    vault_addr: "foo",
+  });
+});
--- a/vault-github/main.tf
+++ b/vault-github/main.tf
@ -49,7 +49,6 @@ resource "coder_script" "vault" {
  display_name = "Vault (GitHub)"
  icon         = "/icon/vault.svg"
  script = templatefile("${path.module}/run.sh", {
-    VAULT_ADDR : var.vault_addr,
    AUTH_PATH : var.vault_github_auth_path,
    GITHUB_EXTERNAL_AUTH_ID : data.coder_external_auth.github.id,
    INSTALL_VERSION : var.vault_cli_version,
--- a/vault-github/run.sh
+++ b/vault-github/run.sh
@ -2,7 +2,6 @@

 # Convert all templated variables to shell variables
 INSTALL_VERSION=${INSTALL_VERSION}
-VAULT_ADDR=${VAULT_ADDR}
 GITHUB_EXTERNAL_AUTH_ID=${GITHUB_EXTERNAL_AUTH_ID}
 AUTH_PATH=${AUTH_PATH}

@ -92,8 +91,6 @@ if [ $? -ne 0 ]; then
  exit 1
 fi

-export VAULT_ADDR="$${VAULT_ADDR}"
-
 # Login to vault using the GitHub token
 printf "🔑 Logging in to Vault ...\n\n"
 vault login -no-print -method=github -path=/$${AUTH_PATH} token="$${GITHUB_TOKEN}"