luxolus
/
open-nomad
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Add command line flag for create-from-role

This commit is contained in:
Alex Dadgar 2017-01-27 14:11:34 -08:00
parent 817805bdcf
commit 08a32cb93c
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
command/agent/command.go
View File

@ -120,6 +120,7 @@ func (c *Command) readConfig() *Config {
}), "vault-allow-unauthenticated", "") }), "vault-allow-unauthenticated", "")
flags.StringVar(&cmdConfig.Vault.Token, "vault-token", "", "") flags.StringVar(&cmdConfig.Vault.Token, "vault-token", "", "")
flags.StringVar(&cmdConfig.Vault.Addr, "vault-address", "", "") flags.StringVar(&cmdConfig.Vault.Addr, "vault-address", "", "")
flags.StringVar(&cmdConfig.Vault.Role, "vault-create-from-role", "", "")
flags.StringVar(&cmdConfig.Vault.TLSCaFile, "vault-ca-file", "", "") flags.StringVar(&cmdConfig.Vault.TLSCaFile, "vault-ca-file", "", "")
flags.StringVar(&cmdConfig.Vault.TLSCaPath, "vault-ca-path", "", "") flags.StringVar(&cmdConfig.Vault.TLSCaPath, "vault-ca-path", "", "")
flags.StringVar(&cmdConfig.Vault.TLSCertFile, "vault-cert-file", "", "") flags.StringVar(&cmdConfig.Vault.TLSCertFile, "vault-cert-file", "", "")
@ -934,6 +935,9 @@ Vault Options:
This only needs to be set on Servers. Overrides the Vault token read from This only needs to be set on Servers. Overrides the Vault token read from
the VAULT_TOKEN environment variable. the VAULT_TOKEN environment variable.
-vault-create-from-role=<role>
The role name to create tokens for tasks from.
-vault-allow-unauthenticated -vault-allow-unauthenticated
Whether to allow jobs to be sumbitted that request Vault Tokens but do not Whether to allow jobs to be sumbitted that request Vault Tokens but do not
authentication. The flag only applies to Servers. authentication. The flag only applies to Servers.

1
website/source/docs/commands/agent.html.md.erb
View File

@ -65,6 +65,7 @@ via CLI arguments. The `agent` command accepts the following arguments:
* `-vault-token=<token>`: The Vault token used to derive tokens. Only needs to * `-vault-token=<token>`: The Vault token used to derive tokens. Only needs to
be set on Servers. Overrides the Vault token read from the VAULT_TOKEN be set on Servers. Overrides the Vault token read from the VAULT_TOKEN
environment variable. environment variable.
* `-vault-create-from-role=<role>`: The role name to create tokens for tasks from.
* `-vault-ca-file=<path>`: Path to a PEM-encoded CA cert file used to verify the * `-vault-ca-file=<path>`: Path to a PEM-encoded CA cert file used to verify the
Vault server SSL certificate. Vault server SSL certificate.
* `-vault-ca-path=<path>`: Path to a directory of PEM-encoded CA cert files used * `-vault-ca-path=<path>`: Path to a directory of PEM-encoded CA cert files used