Allow loading vault address from ENV VAULT_ADDR

[jonsource]

Allow vault address to be read from ENV VAULT_ADDR as stated in documentation.

[jonsource]

Allow vault address to be read from ENV VAULT_ADDR as stated in documentation.

[petems]

Ironically I added this to vault_lookup but never here... https://github.com/voxpupuli/puppet-vault_lookup/pull/10/files

But... I'm pretty sure you can do this in the systemd environment file right? Thats how I've done it in the past... forgive me it's been a while

[jonsource]

Hi, thank you for your reply.

Actually it seems that the vault gem takes care of loading the VAULT_ADDR even without the piece of code I added in the first commit (still I'd consider it nice to have the same logic as for VAULT_TOKEN visible in the plugin code, and don't depend on some implicit behavior of the vault gem).

My main problem as I later found out, was with the JRuby settings. I'm running puppet-server inside the official Docker container (no systemd), and I was not able to pass the VAULT_ADDR to it. When invoked with puppet lookup ... everything worked OK. So I started investigating inside the hiera_vault plugin, and prepared the fix. As the tests passed OK I was sure it worked. But it didn't - I added a few debug messages, and basically wrote out the whole content of ENV and this led me to the root cause: you have to explicitly state which ENV variables are passed to the JRuby environment in the puppetserver.conf.

So the most important part of my addition lies probably in the documentation.

[abegosum]

Interesting, I had this problem (puppet lookup working but puppet server not finding the value) even when I set the vault token value in the JRuby environment in puppetserver.conf.

# configuration for the JRuby interpreters
jruby-puppet: {

...

environment-vars: { "VAULT_TOKEN" : 'myvaulttokenhere' }

...