add token renew and drone

.drone.yml

@@ -0,0 +1,42 @@
+---
+kind: pipeline
+type: docker
+name: default
+
+steps:
+ - name: build
+   image: golang
+   environment:
+     CGO_ENABLED: 0
+   commands:
+    - cd mini-vault
+    - go vet
+    - go build
+
+ - name: upload
+   image: plugins/s3
+   settings:
+     bucket: artifacts
+     access_key:
+       from_secret: MINIO_ACCESS_KEY
+     secret_key:
+       from_secret: MINIO_SECRET_KEY
+     endpoint: https://minio.burble.dn42
+     region: uk-lon3
+     path_style: true
+     source: mini-vault/mini-vault
+     target: /mini-vault/${DRONE_BRANCH}
+
+---
+kind: secret
+name: MINIO_ACCESS_KEY
+get:
+  path: burble.dn42/kv/data/drone/minio
+  name: ACCESS_KEY
+
+---
+kind: secret
+name: MINIO_SECRET_KEY
+get:
+  path: burble.dn42/kv/data/drone/minio
+  name: SECRET_KEY

mini-vault/mini-vault.go

@@ -56,6 +56,7 @@ func main() {
 	cmdTLSRenew.MarkFlagRequired("ca")
 	cmdTLSRenew.Flags().StringVarP(&TLSRequest, "request", "r", "", "Request Parameters")
 	cmdTLSRenew.MarkFlagRequired("request")
+	cmdTLSRenew.Flags().BoolVarP(&TLSRenewToken, "renew-token", "n", true, "Also renew the token")
 
 	cmdRoot.AddCommand(cmdToken, cmdTLS)
 	cmdToken.AddCommand(cmdTokenRenew)

mini-vault/tls.go

@@ -23,6 +23,7 @@ var (
 	TLSKeyPEM     string
 	TLSCAPEM      string
 	TLSRequest    string
+	TLSRenewToken bool
 )
 
 //////////////////////////////////////////////////////////////////////////
@@ -75,6 +76,14 @@ func CmdTLSRenew(cmd *cobra.Command, args []string) {
 	token := loadToken()
 	request := loadRequest(TLSRequest)
 
+	if TLSRenewToken {
+		err := token.Renew(vault.VAULT_TTL)
+		if err != nil {
+			fmt.Printf("ERROR: failed to renew token: %s\n", err)
+			os.Exit(1)
+		}
+	}
+
 	// load existing cert if it existed
 	if _, err := os.Stat(TLSCertPEM); err == nil {
 		fmt.Printf("Loading existing certificate: %s\n", TLSCertPEM)