Add command line flag for create-from-role

This commit is contained in:
Alex Dadgar 2017-01-27 14:11:34 -08:00
parent 817805bdcf
commit 08a32cb93c
2 changed files with 5 additions and 0 deletions

View file

@ -120,6 +120,7 @@ func (c *Command) readConfig() *Config {
}), "vault-allow-unauthenticated", "")
flags.StringVar(&cmdConfig.Vault.Token, "vault-token", "", "")
flags.StringVar(&cmdConfig.Vault.Addr, "vault-address", "", "")
flags.StringVar(&cmdConfig.Vault.Role, "vault-create-from-role", "", "")
flags.StringVar(&cmdConfig.Vault.TLSCaFile, "vault-ca-file", "", "")
flags.StringVar(&cmdConfig.Vault.TLSCaPath, "vault-ca-path", "", "")
flags.StringVar(&cmdConfig.Vault.TLSCertFile, "vault-cert-file", "", "")
@ -934,6 +935,9 @@ Vault Options:
This only needs to be set on Servers. Overrides the Vault token read from
the VAULT_TOKEN environment variable.
-vault-create-from-role=<role>
The role name to create tokens for tasks from.
-vault-allow-unauthenticated
Whether to allow jobs to be sumbitted that request Vault Tokens but do not
authentication. The flag only applies to Servers.

View file

@ -65,6 +65,7 @@ via CLI arguments. The `agent` command accepts the following arguments:
* `-vault-token=<token>`: The Vault token used to derive tokens. Only needs to
be set on Servers. Overrides the Vault token read from the VAULT_TOKEN
environment variable.
* `-vault-create-from-role=<role>`: The role name to create tokens for tasks from.
* `-vault-ca-file=<path>`: Path to a PEM-encoded CA cert file used to verify the
Vault server SSL certificate.
* `-vault-ca-path=<path>`: Path to a directory of PEM-encoded CA cert files used