secret/script/vault-start.ps1

# Create directories
New-Item -ItemType Directory -Path ".\vault-data" -Force -ErrorAction SilentlyContinue
New-Item -ItemType Directory -Path ".\vault-logs" -Force -ErrorAction SilentlyContinue

# Start Vault server
$vaultArgs = @(
    "server",
    "-dev",
    "-dev-tls",
    "-dev-root-token-id=root",
    "-dev-listen-address=127.0.0.1:8200"
)

Write-Output "✅ Starting Vault server..."
$process = Start-Process -FilePath ".\vault.exe" `
    -ArgumentList $vaultArgs `
    -PassThru `
    -NoNewWindow `
    -RedirectStandardOutput "vault-logs/stdout.log" `
    -RedirectStandardError "vault-logs/stderr.log"

$vaultPid = $process.Id
Write-Output "✅ Vault process started with PID: $vaultPid"

# Wait for Vault to become ready using port check
$timeout = 30
$counter = 0
$isReady = $false
$vaultPort = 8200

Write-Output "🕐 Waiting for Vault to start on port $vaultPort..."

while ($counter -lt $timeout) {
    # Check if process is still running
    if (-not (Get-Process -Id $vaultPid -ErrorAction SilentlyContinue)) {
        Write-Output "❌ Vault process died unexpectedly!"
        break
    }
    
    # Check if port is listening
    try {
        $tcpClient = New-Object System.Net.Sockets.TcpClient
        $asyncResult = $tcpClient.BeginConnect("127.0.0.1", $vaultPort, $null, $null)
        $wait = $asyncResult.AsyncWaitHandle.WaitOne(1000, $false)
        if ($wait) {
            $tcpClient.EndConnect($asyncResult)
            $tcpClient.Close()
            $isReady = $true
            Write-Output "✅ Vault server is listening on port $vaultPort!"
            break
        }
        $tcpClient.Close()
    } catch {
        # Port not ready yet
    }
    
    Write-Output "🕐 Waiting for Vault to start... ($counter/$timeout)"
    Start-Sleep -Seconds 1
    $counter++
}

if (-not $isReady) {
    Write-Output "❌ Vault server failed to start within $timeout seconds"
    
    # Show process status
    Write-Output "=== PROCESS STATUS ==="
    Get-Process -Id $vaultPid -ErrorAction SilentlyContinue | Format-List *
    
    # Show logs
    Write-Output "=== STDOUT (last 20 lines) ==="
    Get-Content "vault-logs/stdout.log" -ErrorAction SilentlyContinue | Select-Object -Last 20
    
    Write-Output "=== STDERR (last 20 lines) ==="
    Get-Content "vault-logs/stderr.log" -ErrorAction SilentlyContinue | Select-Object -Last 20
    
    # Cleanup
    Stop-Process -Id $vaultPid -Force -ErrorAction SilentlyContinue
    exit 1
}

# Set environment variables
$env:VAULT_ADDR = "https://127.0.0.1:8200"
$env:VAULT_TOKEN = "test-token"
$env:VAULT_SKIP_VERIFY = "true"

# Final check with vault status (with timeout)
Write-Output "🕐 Performing final status check..."
$statusCheck = Start-Process -FilePath ".\vault.exe" `
    -ArgumentList "status" `
    -PassThru `
    -NoNewWindow `
    -Wait `
    -TimeoutSec 10

if ($LASTEXITCODE -ne 0) {
    Write-Output "❌ Vault status check failed after startup"
    Write-Output "❌ Status exit code: $LASTEXITCODE"
    exit 1
}

Write-Output "✅ Vault server started successfully!"