From 3d4c96d365ff74346283fed4937a96a970913c83 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <dbd@ehtrace.com>
Date: Tue, 5 Mar 2024 14:47:58 +0100
Subject: [PATCH] Update rendered example

---
 example/bounca.nomad.hcl          | 14 +++++++-------
 example/images/bounca/Dockerfile  |  2 +-
 example/init/vault-database       |  2 +-
 example/prep.d/10-rand-pwd.sh     |  2 +-
 example/vault/policies/bounca.hcl |  4 ++--
 5 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/example/bounca.nomad.hcl b/example/bounca.nomad.hcl
index 6597402..d17d94e 100644
--- a/example/bounca.nomad.hcl
+++ b/example/bounca.nomad.hcl
@@ -75,7 +75,7 @@ job "bounca" {
       user   = 1053
 
       config {
-        image           = "danielberteaud/wait-for:24.2-1"
+        image           = "danielberteaud/wait-for:24.3-1"
         readonly_rootfs = true
         pids_limit      = 20
       }
@@ -137,7 +137,7 @@ job "bounca" {
       template {
         data        = <<_EOT
 BOUNCA_DB_NAME=bounca
-BOUNCA_DJANGO_SECRET={{ with secret "//kv/service/bounca" }}{{ .Data.data.django_secret }}{{ end }}
+BOUNCA_DJANGO_SECRET={{ with secret "/kv/service/bounca" }}{{ .Data.data.django_secret }}{{ end }}
 LANG=fr_FR.utf8
 TZ=Europe/Paris
 _EOT
@@ -193,8 +193,8 @@ _EOT
 
       template {
         data        = <<_EOT
-BOUNCA_DB_USER={{ with secret "//database/creds/bounca" }}{{ .Data.username }}{{ end }}
-BOUNCA_DB_PASSWORD={{ with secret "//database/creds/bounca" }}{{ .Data.password }}{{ end }}
+BOUNCA_DB_USER={{ with secret "/database/creds/bounca" }}{{ .Data.username }}{{ end }}
+BOUNCA_DB_PASSWORD={{ with secret "/database/creds/bounca" }}{{ .Data.password }}{{ end }}
 BOUNCA_DB_PORT=5432
 _EOT
         destination = "secrets/.db.env"
@@ -251,7 +251,7 @@ _EOT
       template {
         data        = <<_EOT
 BOUNCA_DB_NAME=bounca
-BOUNCA_DJANGO_SECRET={{ with secret "//kv/service/bounca" }}{{ .Data.data.django_secret }}{{ end }}
+BOUNCA_DJANGO_SECRET={{ with secret "/kv/service/bounca" }}{{ .Data.data.django_secret }}{{ end }}
 LANG=fr_FR.utf8
 TZ=Europe/Paris
 _EOT
@@ -263,8 +263,8 @@ _EOT
 
       template {
         data        = <<_EOT
-BOUNCA_DB_USER={{ with secret "//database/creds/bounca" }}{{ .Data.username }}{{ end }}
-BOUNCA_DB_PASSWORD={{ with secret "//database/creds/bounca" }}{{ .Data.password }}{{ end }}
+BOUNCA_DB_USER={{ with secret "/database/creds/bounca" }}{{ .Data.username }}{{ end }}
+BOUNCA_DB_PASSWORD={{ with secret "/database/creds/bounca" }}{{ .Data.password }}{{ end }}
 BOUNCA_DB_PORT=5432
 _EOT
         destination = "secrets/.db.env"
diff --git a/example/images/bounca/Dockerfile b/example/images/bounca/Dockerfile
index 0817a14..e8f4a3b 100644
--- a/example/images/bounca/Dockerfile
+++ b/example/images/bounca/Dockerfile
@@ -74,7 +74,7 @@ RUN set -euxo pipefail &&\
       nginx \
       postgresql16-client
 
-COPY --from=danielberteaud/alpine:24.2-1 /usr/local/bin/minit /usr/local/bin/minit
+COPY --from=danielberteaud/alpine:24.3-1 /usr/local/bin/minit /usr/local/bin/minit
 COPY root/ /
 
 WORKDIR /opt/bounca
diff --git a/example/init/vault-database b/example/init/vault-database
index 1b69a10..38e580f 100755
--- a/example/init/vault-database
+++ b/example/init/vault-database
@@ -1,6 +1,6 @@
 #!/bin/sh
 
-set -euo pipefailvault write /database/roles/bounca \
+set -euo pipefailvault write database/roles/bounca \
     db_name="postgres" \
     creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}'; \
         GRANT \"bounca\" TO \"{{name}}\"; \
diff --git a/example/prep.d/10-rand-pwd.sh b/example/prep.d/10-rand-pwd.sh
index 2460286..7c9b453 100755
--- a/example/prep.d/10-rand-pwd.sh
+++ b/example/prep.d/10-rand-pwd.sh
@@ -5,7 +5,7 @@ set -euo pipefail
 # vim: syntax=sh
 
 export LC_ALL=C
-VAULT_KV_PATH=/kv/service/bounca
+VAULT_KV_PATH=kv/service/bounca
 RAND_CMD="tr -dc A-Za-z0-9\-_\/=~\.+ < /dev/urandom | head -c 50"
 if ! vault kv list $(dirname ${VAULT_KV_PATH}) 2>/dev/null | grep -q -E "^$(basename ${VAULT_KV_PATH})\$"; then
   vault kv put ${VAULT_KV_PATH} \
diff --git a/example/vault/policies/bounca.hcl b/example/vault/policies/bounca.hcl
index 40cba3b..d8a9d3b 100644
--- a/example/vault/policies/bounca.hcl
+++ b/example/vault/policies/bounca.hcl
@@ -1,7 +1,7 @@
-path "/kv/data/service/bounca" {
+path "kv/data/service/bounca" {
   capabilities = ["read"]
 }
 
-path "/database/creds/bounca" {
+path "database/creds/bounca" {
   capabilities = ["read"]
 }