yann
/
vault-cert-openssh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add sealed vault support (quick & dirty)

pull/1/head
Verry Yann 2020-03-22 18:16:09 +07:00
parent e670b2fb9b
commit 2c64814975
Signed by: yann
GPG Key ID: 19754E8692B8416C
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
vault-cert-openssh.py
Unescape Escape View File

@ -154,11 +154,15 @@ if __name__ == "__main__":
if int(time.time()) > key['valid before']:
print("Need to renew %s" % sys.argv[1])
vaultRenewKey(sys.argv[1],vault)
else:
print("Nothing to do")
try:
vaultRenewKey(sys.argv[1],vault)
except hvac.exceptions.VaultDown:
print("Vault is sealed, unable to renew SSH Key")
except FileNotFoundError:
vaultRenewKey(sys.argv[1],vault)
try:
vaultRenewKey(sys.argv[1],vault)
except hvac.exceptions.VaultDown:
print("Vault is sealed, unable to renew SSH Key")
else:
print("Usage: %s [path to certificate]" % sys.argv[0])
exit(1)
exit(1)