The vault-install script automates the process of downloading and installing HashiCorp Vault. It provides an ideal method for installing on new hosts, installing updates and downgrading if necessary.
This script detects the latest version, OS and CPU-Architecture and allows installation to local or system locations. Optional parameters allow installing a specific version and installing to /usr/local/bin without prompting.
Options:
-i VERSION
: Install specific version-a
: Automatically usesudo
to install to /usr/local/bin- allows for unattended installation via scripts or CD tools
- can be set as default behavior by uncommenting line 14 (
sudoInstall=true
) - sudo password may be required unless NOPASSWD is enabled
-c
: leave binary in working directory (for CI/DevOps use)-h
: help-v
: display version
This installer is similar to my Terraform Installer and Packer Installer
Download Installer
curl -LO https://raw.github.com/robertpeteuil/vault-installer/master/vault-install.sh
chmod +x vault-install.sh
Download installer via my bootstrap server (iac.sh or https://iac.sh)
curl iac.sh/vault > getinst.sh
bash getinst.sh
# installer downloaded as vault-install.sh in current directory
./vault-install.sh
# usage: vault-install.sh [-i VERSION] [-a] [-c] [-h] [-v]
# -i VERSION : specify version to install in format '' (OPTIONAL)
# -a : automatically use sudo to install to /usr/local/bin
# -c : leave binary in working directory (for CI/DevOps use)
# -h : help
# -v : display vault-install.sh version
- System with Bash Shell (Linux, macOS, Windows Subsystem for Linux)
unzip
- vault downloads are in zip formatcurl
orwget
- script will use either one to retrieve metadata and download
Optional
jq
- if installed, latest version parsed from hashicorp downloads- Useful if latest github release differs from version on hashicorp downloads
- Avoids github api limit of 60 requests per hour (unauthenticated)
- Determines Version to Download and Install
- Uses Version specified by
-i VERSION
parameter (if specified) - Otherwise determines Latest Version
- If
jq
installed parse version from hashicorp downloads - Otherwise use GitHub API to retrieve latest tag
- If
- Uses Version specified by
- Calculates Download URL based on Version, OS and CPU-Architecture
- Verifies URL Validity before Downloading in Case:
- VERSION incorrectly specified with
-i
- Download URL Format Changed on vault Website
- VERSION incorrectly specified with
- Determines Install Destination
- Performed before Download/Install Process in case user selects
abort
- Performed before Download/Install Process in case user selects
- Installation Process
- Download, Download SHA, Verify SHA of zip, Extract, Install, Cleanup and Display Results
CPU architecture is detected for each OS accordingly:
- Linux / Windows (WSL since this is a Bash script)
- detected with
lscpu
or by inspecting/proc/cpuinfo
- detected with
- macOS - uses Default Arch
amd64
as it's the only version available on macOS - Default Value -
amd64
I am a HashiCorp employee, but this is a personal project and not officially endorsed or supported by HashiCorp.
Apache 2.0 License - Copyright (c) 2019 Robert Peteuil