From e3752ce9107b4c7d7799a4dfa7a1a8003be05cd6 Mon Sep 17 00:00:00 2001
From: maze <maze@maze.io>
Date: Tue, 9 Sep 2025 16:29:58 +0200
Subject: [PATCH] Simplify Vault start on Windows

---
 .gitea/workflows/test.yaml |   5 ++
 script/vault-start.ps1     | 105 ++++++++-----------------------------
 script/vault-stop.ps1      |  71 +++++++------------------
 3 files changed, 46 insertions(+), 135 deletions(-)

diff --git a/.gitea/workflows/test.yaml b/.gitea/workflows/test.yaml
index 755ca8a..c965537 100644
--- a/.gitea/workflows/test.yaml
+++ b/.gitea/workflows/test.yaml
@@ -73,6 +73,11 @@ jobs:
           VAULT_SKIP_VERIFY: "true"
         run: |
           .\script\vault-setup.ps1
+        artifacts:
+          paths:
+            - vault.pid
+            - vault.out.log
+            - vault.err.log
 
       - name: Vet
         run: go vet -v ./...
diff --git a/script/vault-start.ps1 b/script/vault-start.ps1
index 890380a..509a540 100755
--- a/script/vault-start.ps1
+++ b/script/vault-start.ps1
@@ -1,92 +1,31 @@
-# Create directories
-New-Item -ItemType Directory -Path ".\vault-data" -Force -ErrorAction SilentlyContinue
-New-Item -ItemType Directory -Path ".\vault-logs" -Force -ErrorAction SilentlyContinue
-
-# Start Vault server
-$vaultArgs = @(
-    "server",
-    "-dev",
-    "-dev-tls",
-    "-dev-root-token-id=root",
-    "-dev-listen-address=127.0.0.1:8200",
-    "-log-level=debug",
-    "-log-file=.\vault-logs\vault.log"
-)
-
-Write-Output "✅ Starting Vault server..."
-$vaultJob = Start-Job -Name "VaultServer" -ScriptBlock {
-    param($Args)
-    & ".\vault.exe" $Args
-} -ArgumentList $vaultArgs
+Write-Host "Starting Vault dev server..."
+$vaultProc = Start-Process vault `
+    -ArgumentList "server -dev -dev-tls" `
+    -RedirectStandardOutput "vault.out.log" `
+    -RedirectStandardError "vault.err.log" `
+    -WindowStyle Hidden `
+    -PassThru
+$vaultPid = $vaultProc.Id
+Write-Host "Vault started with PID $vaultPid"
+Set-Content -Path vault.pid -Value $vaultPid
 
 # Wait a moment for the job to start
 Start-Sleep -Seconds 2
 
-# Get the actual process ID from the job
-$vaultProcess = Get-Process -Name "vault" -ErrorAction SilentlyContinue | Select-Object -First 1
-if ($vaultProcess) {
-    $vaultProcess.Id | Out-File -FilePath "vault-pid.txt"
-    Write-Output "✅ Vault process started with PID: $($vaultProcess.Id)"
-} else {
-    Write-Output "❌ Could not find Vault process"
-    
-    # Show logs
-    Write-Output "=== LOG (last 20 lines) ==="
-    Get-Content ".\vault-logs\vault.log" -ErrorAction SilentlyContinue | Select-Object -Last 20
-    
-    exit 1
-}
-
-# Wait for Vault to become ready using port check
-$timeout = 30
-$counter = 0
-$isReady = $false
-$vaultPort = 8200
-
-Write-Output "🕐 Waiting for Vault to start on port $vaultPort..."
-while ($counter -lt $timeout) {
-    # Check if process is still running
-    if (-not (Get-Process -Id $vaultPid -ErrorAction SilentlyContinue)) {
-        Write-Output "❌ Vault process died unexpectedly!"
-        break
-    }
-    
-    # Check if port is listening
+# Wait until Vault is ready
+$maxRetries = 15
+$ok = $false
+for ($i=0; $i -lt $maxRetries; $i++) {
     try {
-        $tcpClient = New-Object System.Net.Sockets.TcpClient
-        $asyncResult = $tcpClient.BeginConnect("127.0.0.1", $vaultPort, $null, $null)
-        $wait = $asyncResult.AsyncWaitHandle.WaitOne(1000, $false)
-        if ($wait) {
-            $tcpClient.EndConnect($asyncResult)
-            $tcpClient.Close()
-            $isReady = $true
-            Write-Output "✅ Vault server is listening on port $vaultPort!"
-            break
-        }
-        $tcpClient.Close()
+        Invoke-RestMethod -UseBasicParsing -SkipCertificateCheck https://127.0.0.1:8200/v1/sys/health | Out-Null
+        $ok = $true
+        break
     } catch {
-        # Port not ready yet
+        Start-Sleep -Seconds 2
     }
-    
-    Write-Output "🕐 Waiting for Vault to start... ($counter/$timeout)"
-    Start-Sleep -Seconds 1
-    $counter++
 }
-
-if (-not $isReady) {
-    Write-Output "❌ Vault server failed to start within $timeout seconds"
-    
-    # Show process status
-    Write-Output "=== PROCESS STATUS ==="
-    Get-Process -Id $vaultPid -ErrorAction SilentlyContinue | Format-List *
-    
-    # Show logs
-    Write-Output "=== LOG (last 20 lines) ==="
-    Get-Content ".\vault-logs\vault.log" -ErrorAction SilentlyContinue | Select-Object -Last 20
-    
-    # Cleanup
-    Stop-Process -Id $vaultPid -Force -ErrorAction SilentlyContinue
-    exit 1
+if (-not $ok) {
+    Write-Error "Vault did not become ready in time"
+    Exit 1
 }
-
-Write-Output "✅ Vault server started successfully!"
+Write-Host "Vault is up and running."
\ No newline at end of file
diff --git a/script/vault-stop.ps1 b/script/vault-stop.ps1
index 500b82a..d7566fa 100644
--- a/script/vault-stop.ps1
+++ b/script/vault-stop.ps1
@@ -1,55 +1,22 @@
+if (Test-Path "vault.pid") {
+    $vaultPid = Get-Content "vault.pid"
+    Write-Host "Stopping Vault process $vaultPid"
+    Stop-Process -Id $vaultPid -Force
+    Remove-Item "vault-pid" -Force
+} else {
+    Write-Host "No PID file found, Vault may not have started."
+}
+
 # Function to display logs
-function Show-VaultLogs {
-    Write-Output "=== VAULT SERVER STDOUT (last 50 lines) ==="
-    Get-Content "vault-logs/stdout.log" -ErrorAction SilentlyContinue | Select-Object -Last 50
-    Write-Output "=== VAULT SERVER STDERR (last 50 lines) ==="
-    Get-Content "vault-logs/stderr.log" -ErrorAction SilentlyContinue | Select-Object -Last 50
+if (Test-Path "vault.out.log") {
+    Write-Output "=== VAULT SERVER STDOUT (last 25 lines) ==="
+    Get-Content "vault.out.log" -ErrorAction SilentlyContinue | Select-Object -Last 25
+} else {
+    Write-Output "No Vault output log found!"
 }
-
-# Read PID from file (Gitea alternative to env vars)
-$vaultPid = $null
-if (Test-Path "vault-pid.txt") {
-    $vaultPid = Get-Content "vault-pid.txt" -Raw
-    Write-Output "✅ Found Vault PID: $vaultPid"
+if (Test-Path "vault.err.log") {
+    Write-Output "=== VAULT SERVER STDERR (last 25 lines) ==="
+    Get-Content "vault.err.log" -ErrorAction SilentlyContinue | Select-Object -Last 25
+} else {
+    Write-Output "No Vault error log found!"
 }
-
-# Check if previous steps failed
-$previousStepFailed = $false
-if ("${{ steps.start-vault.outcome }}" -eq "failure") {
-    $previousStepFailed = $true
-    Write-Output "❌ Vault startup step failed"
-}
-
-# Stop the Vault process if we have a PID
-if ($vaultPid -and ($vaultPid -ne '')) {
-if ($previousStepFailed) {
-    Write-Output "❌ Previous step failed, showing Vault logs:"
-    Show-VaultLogs
-}
-
-# Stop the Vault process
-try {
-    Stop-Process -Id $vaultPid -Force -ErrorAction Stop
-    Write-Output "✅ Stopped Vault process $vaultPid"
-} catch {
-    Write-Warning "❌ Failed to stop process $vaultPid: $($_.Exception.Message)"
-}
-}
-
-# Clean up any remaining Vault processes
-$vaultProcesses = Get-Process -Name "vault" -ErrorAction SilentlyContinue
-if ($vaultProcesses) {
-    Write-Output "✅ Found additional Vault processes, stopping them..."
-    $vaultProcesses | Stop-Process -Force -ErrorAction SilentlyContinue
-}
-
-# Always show logs if we're in a failure state
-if ($previousStepFailed -or "${{ job.status }}" -eq "failure") {
-    Write-Output "❌ Job failed, showing final Vault logs:"
-    Show-VaultLogs
-}
-
-# Cleanup PID file
-if (Test-Path "vault-pid.txt") {
-    Remove-Item "vault-pid.txt" -Force
-}
\ No newline at end of file