Merge pull request #6 from naphelps/issue-1

Issue 1: Reverted some of the reference changes

Makefile

@@ -6,7 +6,7 @@ arch ?= $(arch_tag)
 
 BAO_VERSION ?= 2.0.0-alpha20240329
 BAO_GPGKEY ?= "" #C874011F0AB405110D02105534365D9472D7468F
-BAO_PLUGIN_HASH := ""
+VAULT_PLUGIN_HASH := ""
 
 EXECUTABLE := hznbaoauth
 DOCKER_INAME ?= openhorizon/$(arch)_bao
@@ -42,10 +42,10 @@ $(EXECUTABLE): $(shell find . -name '*.go')
 	@echo "Producing $(EXECUTABLE) for arch: amd64"
 	$(COMPILE_ARGS) go build -o ./docker/bin/$(EXECUTABLE)
 
-bao-image: OPENBAO_PLUGIN_HASH=$(shell shasum -a 256 ./docker/bin/$(EXECUTABLE) | awk '{ print $$1 }')
+bao-image: VAULT_PLUGIN_HASH=$(shell shasum -a 256 ./docker/bin/$(EXECUTABLE) | awk '{ print $$1 }')
 
 bao-image:
-	@echo "Handling $(DOCKER_INAME):$(VERSION) with hash $(OPENBAO_PLUGIN_HASH)"
+	@echo "Handling $(DOCKER_INAME):$(VERSION) with hash $(VAULT_PLUGIN_HASH)"
 	if [ -n "$(shell docker images | grep '$(DOCKER_INAME):$(VERSION)')" ]; then \
 		echo "Skipping since $(DOCKER_INAME):$(VERSION) image exists, run 'make clean && make' if a rebuild is desired"; \
 	elif [[ $(arch) == "amd64" ]]; then \

docker/Dockerfile.ubi.amd64

@@ -12,7 +12,7 @@ COPY LICENSE.txt /licenses
 ARG BAO_VERSION
 ARG BAO_GPGKEY
 ARG ARCH
-ARG BAO_PLUGIN_HASH
+ARG VAULT_PLUGIN_HASH
 
 # Create a bao user and group first so the IDs get set the same way.
 
@@ -48,34 +48,34 @@ RUN set -eux; \
     # rm -rf /root/.gnupg  && \
     microdnf clean all
 
-# /bao/logs is made available to use as a location to store audit logs
-# /bao/file is made available to use as a location with the file storage backend
-# the server will be started with /bao/config as the configuration directory so you can add additional config files in that location.
+# /vault/logs is made available to use as a location to store audit logs
+# /vault/file is made available to use as a location with the file storage backend
+# the server will be started with /vault/config as the configuration directory so you can add additional config files in that location.
 RUN useradd -r -u 1000 -g root bao \
         && mkdir /home/bao \
         && chown -R bao:root /home/bao
 
-ENV BAO_PLUGIN_HASH ${BAO_PLUGIN_HASH}
+ENV VAULT_PLUGIN_HASH ${VAULT_PLUGIN_HASH}
 ENV HOME /home/bao
-ENV BAO_PLUGIN_AUTOMTLS_ENABLED false
-RUN mkdir -p /bao/logs && \
-    mkdir -p /bao/file && \
-    mkdir -p /bao/config && \
-    mkdir -p /bao/plugins && \
+ENV VAULT_PLUGIN_AUTOMTLS_ENABLED false
+RUN mkdir -p /vault/logs && \
+    mkdir -p /vault/file && \
+    mkdir -p /vault/config && \
+    mkdir -p /vault/plugins && \
     mkdir -p /openhorizon/policy && \
-    chown -R bao:root /bao && chown -R bao:root $HOME && chown -R bao:root /openhorizon && \
+    chown -R bao:root /vault && chown -R bao:root $HOME && chown -R bao:root /openhorizon && \
     chgrp -R 0 $HOME && chmod -R g+rwX $HOME && \
     chgrp -R 0 /bao && chmod -R g+rwX /bao && \
     chgrp -R 0 /openhorizon && chmod -R g+rwX /openhorizon
 
 
 # Expose the logs directory as a volume since there's potentially long-running
 # state in there
-VOLUME /bao/logs
+VOLUME /vault/logs
 
 # Expose the file directory as a volume since there's potentially long-running
 # state in there
-VOLUME /bao/file
+VOLUME /vault/file
 
 # 8200/tcp is the primary interface that applications use to interact with
 # Bao.
@@ -100,11 +100,11 @@ RUN chmod +x /usr/local/bin/entrypoint.sh && \
 #
 ENTRYPOINT ["entrypoint.sh"]
 
-COPY bin/hznbaoauth /bao/plugins/hznbaoauth
-COPY config/config.hcl /bao/config/config.hcl
+COPY bin/hznbaoauth /vault/plugins/hznbaoauth
+COPY config/config.hcl /vault/config/config.hcl
 COPY policy/agbot.acl.policy.hcl /openhorizon/policy/agbot.acl.policy.hcl
 
-RUN chmod +x /bao/plugins/hznbaoauth
+RUN chmod +x /vault/plugins/hznbaoauth
 
 USER bao
 

docker/scripts/entrypoint.sh

@@ -23,7 +23,7 @@ get_addr () {
       exit}'
 }
 
-if [ -z "$BAO_DEV_LISTEN_ADDRESS" ]; then
+if [ -z "$VAULT_DEV_LISTEN_ADDRESS" ]; then
     auto-unseal.sh &
 fi
 
@@ -38,13 +38,13 @@ fi
 
 # BAO_CONFIG_DIR isn't exposed as a volume but you can compose additional
 # config files in there if you use this image as a base, or use
-# BAO_LOCAL_CONFIG below.
-BAO_CONFIG_DIR=/bao/config
+# VAULT_LOCAL_CONFIG below.
+VAULT_CONFIG_DIR=/vault/config
 
-# You can also set the BAO_LOCAL_CONFIG environment variable to pass some
+# You can also set the VAULT_LOCAL_CONFIG environment variable to pass some
 # Bao configuration JSON without having to bind any volumes.
-if [ -n "$BAO_LOCAL_CONFIG" ]; then
-    echo "$BAO_LOCAL_CONFIG" > "$BAO_CONFIG_DIR/local.json"
+if [ -n "$VAULT_CONFIG_DIR" ]; then
+    echo "$VAULT_CONFIG_DIR" > "$VAULT_CONFIG_DIR/local.json"
 fi
 
 # If the user is trying to run Bao directly with some arguments, then
@@ -57,9 +57,9 @@ fi
 if [ "$1" = 'server' ]; then
     shift
     set -- bao server \
-        -config="$BAO_CONFIG_DIR" \
+        -config="$VAULT_CONFIG_DIR" \
         -dev-root-token-id="$BAO_DEV_ROOT_TOKEN_ID" \
-        -dev-listen-address="${BAO_DEV_LISTEN_ADDRESS:-"0.0.0.0:8200"}" \
+        -dev-listen-address="${VAULT_DEV_LISTEN_ADDRESS:-"0.0.0.0:8200"}" \
         "$@"
 elif [ "$1" = 'version' ]; then
     # This needs a special case because there's no help output.