7 changed files with 9 additions and 35 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -1,7 +0,0 @@
-pipeline:
-  build:
-    image: nixos/nix:2.15.0
-    environment:
-      - NIX_CONFIG=experimental-features = nix-command flakes
-    commands:
-      - nix build
--- a/Cargo.lock
+++ b/Cargo.lock
@ -437,7 +437,7 @@ checksum = "830b7e5d4d90034032940e4ace0d9a9a057e7a45cd94e6c007832e39edb82f6d"

 [[package]]
 name = "vault-unseal"
-version = "0.3.0"
+version = "0.2.0"
 dependencies = [
 "dotenv",
 "serde",
--- a/Cargo.toml
+++ b/Cargo.toml
@ -1,6 +1,6 @@
 [package]
 name = "vault-unseal"
-version = "0.3.0"
+version = "0.2.0"
 edition = "2021"

 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
--- a/README.md
+++ b/README.md
@ -1,13 +1,2 @@
-# Vault Unsealer 
-| :exclamation: this method of unsealing the vault is not recommended if you have high security requirements!  |
-|-----------------------------------------|
-
-This is a simple Rust program that automatically unseals a hashicorp vault instance given a list of keys.
-
-## Environment Variables
-
-| env var    | default | description |
-| ---------- | :-------: | ----------- |
-| VAULT_ADDR |    -    | address of the vault server |
-| VAULT_KEY_FILE | - | a JSON file containing vault unseal key(s), see [./example_keys.json](./example_keys.json). |
-| UNSEAL_INTERVAL | 15 | seconds to wait between checks / unseal attempts |
+# Vault Unsealer
+This is a simple Rust program that automatically unseals a hashicorp vault instance
--- a/example_keys.json
+++ b/example_keys.json
@ -1,7 +0,0 @@
-{
-    "keys": [
-        "a",
-        "b",
-        "c"
-    ]
-}
--- a/flake.nix
+++ b/flake.nix
@ -16,7 +16,8 @@
              pname = toml.package.name;
              version = toml.package.version;
              src = self;
-              cargoLock.lockFile = ./Cargo.lock;
+              cargoSha256 =
+                "sha256-eOvTR7TpFpi83J3G8HPXgOBryTzkq4XWp6CER6UDCbo=";
            };
        };
      });
--- a/src/main.rs
+++ b/src/main.rs
@ -9,6 +9,7 @@ use std::{env, fs::File};
 use tracing::{info, subscriber, warn};
 use tracing_subscriber::FmtSubscriber;
 use ureq::Error::Status;
+use ureq::Response;

 #[derive(Debug, Deserialize)]
 struct KeyFile {
@ -54,11 +55,8 @@ fn is_sealed(health_url: &str) -> bool {
    }
 }

-/// Unseals a vault given keys and url
-/// 
-/// See: https://developer.hashicorp.com/vault/api-docs/system/unseal
 fn unseal(keyfile: &KeyFile, unseal_url: &str) {
-    for key in keyfile.keys.iter() {
+    for key in keyfile.keys.iter().enumerate() {
        match ureq::post(unseal_url).send_json(json!({ "key": key })) {
            Ok(resp) if resp.status() == 200 => {
                if let Ok(UnsealResponse {
@ -75,7 +73,7 @@ fn unseal(keyfile: &KeyFile, unseal_url: &str) {
                    info!("unsealed vault partially {progress}/{t}");
                }
            }
-            Ok(resp) | Err(Status(_, resp)) => warn!(
+            Ok(resp) => warn!(
                "error unsealing vault, got code '{}', with message: {}",
                resp.status(),
                resp.status_text()