def pre_flight_check(client: hvac.Client) -> bool:
if not client.is_initialized() or client.is_sealed():
logging.error("The vault is either not initialized or sealed. That's odd.")
elif not client.is_authenticated():
logging.error("It seems the authentication token is invalid. Vault does"
" not like it. Clean everything up and come back.")
else:
logging.info("Everything looks good so far, pre-flight check ok")
return True
return False
def reset_vault(client: hvac.Client) -> (str, List[str]):
assert not client.is_initialized()
logging.warning("The vault is not initialized yet, it will be initialized with {} keys and a threshold of {}. "
"Security is overrated anyway.".format(shares, threshold))
result = client.initialize(secret_shares=shares,
secret_threshold=threshold)
root_token, unseal_keys = result['root_token'], result['keys']
logging.warning("Okay, initialized. The root_token is {} and the unseal key(s) are {}. Keep that around, you'll"
" need it".format(root_token, unseal_keys))
assert client.is_sealed()
logging.info('The vault is sealed. Unsealing...')
client.unseal_multi(unseal_keys)
logging.info("Okay, you're good to go.")
return root_token, unseal_keys