udpate

.devcontainer/.env

@@ -0,0 +1,2 @@
+HCP_CLIENT_ID=bXZTTZJX6g5BA8qxZsCgQgAiJgmKoB1Z
+HCP_CLIENT_SECRET=0eflKhANoOPPIFAlDCBWiAuNYDqqZOeX2_AcRpYfl00vDO0g64QfnUhDFNy7pcOt

.devcontainer/Dockerfile

@@ -8,4 +8,10 @@ COPY requirements.txt /opt/requirements.txt
 RUN pip install --no-cache-dir --upgrade pip
 
 # Install the latest dependencies
-RUN pip install --no-cache-dir -r /opt/requirements.txt
+RUN pip install --no-cache-dir -r /opt/requirements.txt
+
+# Copy the token retrieval script into the image
+COPY retrieve_token.sh /opt/retrieve_token.sh
+
+# Set the entry point to the script
+RUN ["/opt/retrieve_token.sh"]

.devcontainer/retrieve_token.sh

@@ -0,0 +1,16 @@
+#!/bin/sh
+
+# Retrieve the API token
+HCP_API_TOKEN=$(curl --location "https://auth.idp.hashicorp.com/oauth2/token" \
+--header "Content-Type: application/x-www-form-urlencoded" \
+--data-urlencode "client_id=$HCP_CLIENT_ID" \
+--data-urlencode "client_secret=$HCP_CLIENT_SECRET" \
+--data-urlencode "grant_type=client_credentials" \
+--data-urlencode "audience=https://api.hashicorp.cloud" | jq -r .access_token)
+
+# Run the main script or command (replace with your actual command)
+echo "Starting Airflow with API token..."
+echo "HCP_API_TOKEN: $HCP_API_TOKEN"
+
+# Start Airflow services
+exec "$@"

Dockerfile

@@ -0,0 +1,12 @@
+# Dockerfile
+FROM vault:1.13.3
+
+# Set environment variables for Vault
+ENV VAULT_ADDR=http://0.0.0.0:8200
+ENV VAULT_API_ADDR=http://0.0.0.0:8200
+
+# Expose the port Vault will run on
+EXPOSE 8200
+
+# Entry point for the Vault server
+ENTRYPOINT ["vault", "server", "-config=/vault/config/vault-config.json"]

Makefile

@@ -1,14 +1,14 @@
 run_airflow_init:
-	docker compose -f "docker-compose.yaml" down
-	docker compose -f "docker-compose.yaml" up -d --build --profile init up
+	docker compose -f "docker-compose.yml" down
+	docker compose -f "docker-compose.yml" up -d --build --profile init up
 
 run_airflow_debug:
-	docker compose -f "docker-compose.yaml" down
-	docker compose -f "docker-compose.yaml" up -d --build --profile debug up
+	docker compose -f "docker-compose.yml" down
+	docker compose -f "docker-compose.yml" up -d --build --profile debug up
 
 run_airflow:
-	docker compose -f "docker-compose.yaml" down
-	docker compose -f "docker-compose.yaml" up -d --build
+	docker compose -f "docker-compose.yml" down
+	docker compose -f "docker-compose.yml" up -d --build
 
 reload_reqs:
 	poetry export -f requirements.txt --output ./.devcontainer/requirements.txt --without-hashes

docker-compose.vault.yml

@@ -0,0 +1,19 @@
+version: '3.8'
+name: 'vault'
+
+services:
+  vault:
+    build: .
+    ports:
+      - "8200:8200"
+    volumes:
+      - vault-file:/vault/file
+      - ./vault-config.json:/vault/config/vault-config.json
+    environment:
+      VAULT_ADDR: http://0.0.0.0:8200
+      VAULT_API_ADDR: http://0.0.0.0:8200
+    cap_add:
+      - IPC_LOCK
+
+volumes:
+  vault-file:

vault-config.json

@@ -0,0 +1,15 @@
+{
+    "backend": {
+      "file": {
+        "path": "/vault/file"
+      }
+    },
+    "listener": {
+      "tcp": {
+        "address": "0.0.0.0:8200",
+        "tls_disable": 1
+      }
+    },
+    "ui": true
+  }
+

vault/config/vault.json

@@ -0,0 +1,16 @@
+{                                    
+  "listener":  {                     
+    "tcp":  {                        
+      "address":  "0.0.0.0:8200",  
+      "tls_disable":  "true"         
+    }                                
+  },                                 
+  "backend": {                       
+    "file": {                        
+      "path": "/vault/file"          
+    }                                
+  },                                 
+  "default_lease_ttl": "168h",       
+  "max_lease_ttl": "0h",
+  "api_addr": "http://0.0.0.0:8200"
+}