export VAULT_ADDR='http://0.0.0.0:8200'
brew install vault
docker-compose up -d
vault status
vault login
vault secrets list

vault secrets enable database

vault write database/config/my-mysql-database     plugin_name=mysql-database-plugin     connection_url="{{username}}:{{password}}@tcp(`docker inspect vault-playground_mysql_1 | jq -r '.[0].NetworkSettings.Networks["vault-playground_default"].IPAddress'`:3306)/"     allowed_roles="my-role"     username="root"     password="mysql"

vault write database/roles/my-role \
    db_name=my-mysql-database \
    creation_statements="CREATE USER '{{name}}'@'%' IDENTIFIED BY '{{password}}';GRANT SELECT ON *.* TO '{{name}}'@'%';" \
    default_ttl="60s" \
    max_ttl="300s"

 vault auth enable approle

cat << EOF > jenkins-pol.hcl
# Login with AppRole
path "auth/approle/login" {
  capabilities = [ "create", "read" ]
}

# Read mysql dynamic creds
path "database/creds/my-role" {
  capabilities = [ "read" ]
}
EOF

vault policy write jenkins jenkins-pol.hcl

vault write auth/approle/role/jenkins policies="jenkins"

vault read auth/approle/role/jenkins

# copy role_id to java program
vault read auth/approle/role/jenkins/role-id

# copy secret_id to java program
vault write -f auth/approle/role/jenkins/secret-id

cat << EOF > cars_mysql.sql
DROP TABLE IF EXISTS Cars;
CREATE TABLE Cars(Id INT PRIMARY KEY AUTO_INCREMENT, 
                  Name TEXT, Price INT) ENGINE=InnoDB;
                  
INSERT INTO Cars(Name, Price) VALUES('Audi', 52642);
INSERT INTO Cars(Name, Price) VALUES('Mercedes', 57127);
INSERT INTO Cars(Name, Price) VALUES('Skoda', 9000);
INSERT INTO Cars(Name, Price) VALUES('Volvo', 29000);
INSERT INTO Cars(Name, Price) VALUES('Bentley', 350000);
INSERT INTO Cars(Name, Price) VALUES('Citroen', 21000);
INSERT INTO Cars(Name, Price) VALUES('Hummer', 41400);
INSERT INTO Cars(Name, Price) VALUES('Volkswagen', 21600);
EOF

while true; do mysql --skip-column-names -u root -h 127.0.0.1 -pmysql -f < <(echo "select user from mysql.user;") | grep my-role; sleep 1; done