vault
vault copied to clipboard
container entrypont should add `-config` when using agent
Is your feature request related to a problem? Please describe.
When using the vault container to run agent, along with VAULT_LOCAL_CONFIG
, the entrypoint does write the config file to the default location, but unlike the server
subcommand, using the agent
subcommand does not automatically add the -config
argument telling Vault where to find it.
Describe the solution you'd like
I would like to be able to use docker run -e VAULT_LOCAL_CONFIG="$MY_CONFIG" vault vault agent
where $MY_CONFIG
contains the agent config.
Describe alternatives you've considered
I tried to set the command to variations of vault agent -config="$VAULT_CONFIG_DIR/local.json"
but there are two problems with that:
- The variable
$VAULT_CONFIG_DIR
is set within the entrypoint but when invoke this way it does not seem to be able to expand it. - I still have to hardcode the name of the generated config file which could change.
In the end, I have to invoke the command as vault agent -config=/vault/config/local.json
which hardcodes everything.
Explain any additional use-cases If there are any use-cases that would help us understand the use/need/value please share them as they can help us decide on acceptance and prioritization.
Additional context Add any other context or screenshots about the feature request here.