From 1e280e8177e5013c3d12a0b794e49c5d30b18855 Mon Sep 17 00:00:00 2001
From: saikumar <saikumar.vs@percona.com>
Date: Tue, 2 Dec 2025 15:20:40 +0530
Subject: [PATCH 1/3] Add option for license file and some comment improvements

---
 hashicorp-kmip-setup.sh | 45 +++++++++++++++++++++++++++++------------
 1 file changed, 32 insertions(+), 13 deletions(-)

diff --git a/hashicorp-kmip-setup.sh b/hashicorp-kmip-setup.sh
index cf459a461..d827b837b 100755
--- a/hashicorp-kmip-setup.sh
+++ b/hashicorp-kmip-setup.sh
@@ -1,8 +1,10 @@
 #!/usr/bin/env bash
 set -euo pipefail
 
+# Initialize variables
 VERBOSE=false
-CERTS_DIR=""  # Initialize as empty
+CERTS_DIR=""
+VAULT_LICENSE=""
 
 # Parse arguments
 while [[ $# -gt 0 ]]; do
@@ -19,6 +21,14 @@ while [[ $# -gt 0 ]]; do
             fi
             shift
             ;;
+        --license=*)
+            VAULT_LICENSE="${1#*=}"
+            if [[ -z "$VAULT_LICENSE" ]]; then
+                echo "Error: --license= requires a file path"
+                exit 1
+            fi
+            shift
+            ;;
         -*)
             echo "Unknown option: $1"
             exit 1
@@ -37,8 +47,14 @@ LOG_DIR="${VAULT_BASE}/log"
 CERTS_DIR="${CERTS_DIR:-${VAULT_BASE}/certs}"
 VAULT_HCL="${CONFIG_DIR}/vault.hcl"
 SCRIPT_DIR="$(pwd)"
-VAULT_LICENSE="${SCRIPT_DIR}/vault.hclic"
 CONTAINER_NAME="kmip_hashicorp"
+DEFAULT_LICENSE="${SCRIPT_DIR}/vault.hclic"
+# Set default license path if not provided via argument
+if [[ -z "$VAULT_LICENSE" ]]; then
+    if [[ -f "$DEFAULT_LICENSE" ]]; then
+        VAULT_LICENSE="$DEFAULT_LICENSE"
+    fi
+fi
 
 # Create all necessary directories, and provide permissions for Docker container access.
 mkdir -p "${CONFIG_DIR}" "${DATA_DIR}" "${LOG_DIR}" "${CERTS_DIR}"
@@ -48,15 +64,18 @@ sudo chown -R 100:1000 "${LOG_DIR}"
 sudo chown -R 100:1000 "${CERTS_DIR}"
 
 # Ensure license file exists
-echo "[INFO] Checking for license in working directory..."
+echo "[INFO] Checking for license file..."
 
-if [[ ! -f "${VAULT_LICENSE}" ]]; then
-    echo "[ERROR] License file 'vault.hclic' not found in:"
-    echo "  ${SCRIPT_DIR}"
-    echo "[INFO] Please place the license file here and retry"
+if [[ -z "$VAULT_LICENSE" ]] || [[ ! -f "$VAULT_LICENSE" ]]; then
+    echo "[ERROR] License file not found"
+    echo "[INFO] Please provide a license file either:"
+    echo "  1. Pass the license path with: --license=/path/to/vault.hclic"
+    echo "  2. Place 'vault.hclic' in the script directory: ${SCRIPT_DIR}"
     exit 1
 fi
 
+echo "[INFO] Using license from: ${VAULT_LICENSE}"
+
 create_vault_hcl() {
   if [[ -f "${VAULT_HCL}" ]]; then
     echo "[INFO] Vault HCL config already exists at ${VAULT_HCL}"
@@ -93,15 +112,15 @@ start_vault_container() {
 
   case "${container_status}" in
     running)
-      echo "[INFO] Vault container already running"
+      echo "[INFO] HashiCorp Vault container already running"
       return 0
       ;;
     exited)
-      echo "[INFO] Starting existing Vault container"
+      echo "[INFO] Starting existing HashiCorp Vault container"
       docker start "${CONTAINER_NAME}" >/dev/null
       ;;
     *)
-      echo "[INFO] Launching new Vault container"
+      echo "[INFO] Launching new HashiCorp Vault container"
       docker run -d \
         --name "${CONTAINER_NAME}" \
         -e VAULT_DISABLE_MLOCK=true \
@@ -197,7 +216,7 @@ configure_kmip() {
 }
 
 verify_kmip_connection() {
-  echo "[INFO] Verifying KMIP connection..."
+  echo "[INFO] Verifying HashiCorp KMIP connection..."
   local output
   local timeout=10  # seconds
 
@@ -224,9 +243,9 @@ main() {
   configure_kmip
   verify_kmip_connection
 
-  echo "[INFO] Vault Enterprise deployment successful"
+  echo "[INFO] HashiCorp Vault Enterprise deployment successful"
   if [ "$VERBOSE" = true ]; then
-    echo "[INFO] KMIP setup completed successfully!"
+    echo "[INFO] HashiCorp KMIP setup completed successfully!"
     echo "[INFO] Files created within $CERTS_DIR:"
     echo "[INFO]  - Private key: $CERTS_DIR/client_key.pem"
     echo "[INFO]  - Certificate: $CERTS_DIR/client_certificate.pem"

From 77adb8ffb688efb56e4f36daa327198ebace05b4 Mon Sep 17 00:00:00 2001
From: saikumar <saikumar.vs@percona.com>
Date: Tue, 2 Dec 2025 16:42:48 +0530
Subject: [PATCH 2/3] Updates fix cert_dir bug

---
 hashicorp-kmip-setup.sh | 17 +++++++----------
 1 file changed, 7 insertions(+), 10 deletions(-)

diff --git a/hashicorp-kmip-setup.sh b/hashicorp-kmip-setup.sh
index d827b837b..83e3b527f 100755
--- a/hashicorp-kmip-setup.sh
+++ b/hashicorp-kmip-setup.sh
@@ -15,18 +15,10 @@ while [[ $# -gt 0 ]]; do
             ;;
         --cert-dir=*|--certs-dir=*)
             CERTS_DIR="${1#*=}"
-            if [[ -z "$CERTS_DIR" ]]; then
-                echo "Error: --cert-dir= or --certs-dir= requires a directory path"
-                exit 1
-            fi
             shift
             ;;
         --license=*)
             VAULT_LICENSE="${1#*=}"
-            if [[ -z "$VAULT_LICENSE" ]]; then
-                echo "Error: --license= requires a file path"
-                exit 1
-            fi
             shift
             ;;
         -*)
@@ -39,8 +31,13 @@ while [[ $# -gt 0 ]]; do
     esac
 done
 
-# Base directory under $HOME
-VAULT_BASE="${HOME}/vault"
+# If Cert Dir is not provide use $HOME as default path
+if [[ -z "$CERTS_DIR" ]]; then
+    CERTS_DIR=${HOME}
+fi
+
+# Base directory under $CERTS_DIR argument path
+VAULT_BASE="${CERTS_DIR}/vault"
 CONFIG_DIR="${VAULT_BASE}/config"
 DATA_DIR="${VAULT_BASE}/data"
 LOG_DIR="${VAULT_BASE}/log"

From cad02909729f1347fa01079247c0ca03f2e3acab Mon Sep 17 00:00:00 2001
From: saikumar <saikumar.vs@percona.com>
Date: Tue, 2 Dec 2025 20:43:39 +0530
Subject: [PATCH 3/3] Updates set cert_dir from cert_dir_home used by wrapper
 for pstress

---
 hashicorp-kmip-setup.sh | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/hashicorp-kmip-setup.sh b/hashicorp-kmip-setup.sh
index 83e3b527f..55353e908 100755
--- a/hashicorp-kmip-setup.sh
+++ b/hashicorp-kmip-setup.sh
@@ -3,7 +3,7 @@ set -euo pipefail
 
 # Initialize variables
 VERBOSE=false
-CERTS_DIR=""
+CERTS_HOME_DIR=""
 VAULT_LICENSE=""
 
 # Parse arguments
@@ -14,7 +14,7 @@ while [[ $# -gt 0 ]]; do
             shift
             ;;
         --cert-dir=*|--certs-dir=*)
-            CERTS_DIR="${1#*=}"
+            CERTS_HOME_DIR="${1#*=}"
             shift
             ;;
         --license=*)
@@ -31,17 +31,18 @@ while [[ $# -gt 0 ]]; do
     esac
 done
 
-# If Cert Dir is not provide use $HOME as default path
-if [[ -z "$CERTS_DIR" ]]; then
-    CERTS_DIR=${HOME}
+# If Cert Dir is not provided use $HOME as default path
+# A bit hacky, but used by wrappers.
+if [[ -z "$CERTS_HOME_DIR" ]] || [[ ! -d "$CERTS_HOME_DIR" ]] ; then
+    VAULT_BASE="${HOME}/vault"
+else
+    VAULT_BASE="${CERTS_HOME_DIR}/vault"
 fi
 
-# Base directory under $CERTS_DIR argument path
-VAULT_BASE="${CERTS_DIR}/vault"
 CONFIG_DIR="${VAULT_BASE}/config"
 DATA_DIR="${VAULT_BASE}/data"
 LOG_DIR="${VAULT_BASE}/log"
-CERTS_DIR="${CERTS_DIR:-${VAULT_BASE}/certs}"
+CERTS_DIR="${CERTS_HOME_DIR:-${VAULT_BASE}/certs}"
 VAULT_HCL="${CONFIG_DIR}/vault.hcl"
 SCRIPT_DIR="$(pwd)"
 CONTAINER_NAME="kmip_hashicorp"