mdjnewman · November 11, 2019 17:06
diff --git a/vault-list.sh b/vault-list.sh
 #!/usr/bin/env bash

 # Usage (assumes you're logged in):
 #   vault-list secret/

 set -o nounset
 set -o pipefail
 set -o errexit
 set -o pipefail

 # Recursive function that will
 # - List all the secrets in the given $path
 # - Call itself for all path values in the given $path
 function traverse() {
    local readonly path="$1"

    result=$(vault kv list -format=json $path 2>&1)

    status=$?
    if [ ! $status -eq 0 ]; then
        if [[ $result =~ "permission denied" ]]; then
            return
        fi
        echo >&2 "$result"
    fi

    for secret in $(echo "$result" | jq -r '.[]'); do
        if [[ "$secret" == */ ]]; then
            traverse "$path$secret"
        else
            echo "$path$secret"
        fi
    done
 }

 traverse $1
	#!/usr/bin/env bash

	# Usage (assumes you're logged in):
	# vault-list secret/

	set -o nounset
	set -o pipefail
	set -o errexit
	set -o pipefail

	# Recursive function that will
	# - List all the secrets in the given $path
	# - Call itself for all path values in the given $path
	function traverse() {
	local readonly path="$1"

	result=$(vault kv list -format=json $path 2>&1)

	status=$?
	if [ ! $status -eq 0 ]; then
	if [[ $result =~ "permission denied" ]]; then
	return
	fi
	echo >&2 "$result"
	fi

	for secret in $(echo "$result" \| jq -r '.[]'); do
	if [[ "$secret" == */ ]]; then
	traverse "$path$secret"
	else
	echo "$path$secret"
	fi
	done
	}

	traverse $1