Merge pull request #4885 from hashicorp/f-update-consultemplate

Vendor update consul template

vendor/github.com/hashicorp/consul-template/child/child.go

@@ -226,7 +226,7 @@ func (c *Child) Kill() {
 	c.kill()
 }
 
-// Stop behaves almost identical to Kill except it supresses future processes
+// Stop behaves almost identical to Kill except it suppresses future processes
 // from being started by this child and it prevents the killing of the child
 // process from sending its value back up the exit channel. This is useful
 // when doing a graceful shutdown of an application.
@@ -362,9 +362,13 @@ func (c *Child) kill() {
 	exited := false
 	process := c.cmd.Process
 
-	select {
-	case <-c.stopCh:
-	case <-c.randomSplay():
+	if c.cmd.ProcessState == nil {
+		select {
+		case <-c.stopCh:
+		case <-c.randomSplay():
+		}
+	} else {
+		log.Printf("[DEBUG] (runner) Kill() called but process dead; not waiting for splay.")
 	}
 
 	if c.killSignal != nil {

vendor/github.com/hashicorp/consul-template/cli.go

@@ -0,0 +1,788 @@
+package main
+
+import (
+	"flag"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"log"
+	"os"
+	"os/signal"
+	"sync"
+	"time"
+
+	"github.com/hashicorp/consul-template/config"
+	"github.com/hashicorp/consul-template/logging"
+	"github.com/hashicorp/consul-template/manager"
+	"github.com/hashicorp/consul-template/signals"
+	"github.com/hashicorp/consul-template/version"
+)
+
+// Exit codes are int values that represent an exit code for a particular error.
+// Sub-systems may check this unique error to determine the cause of an error
+// without parsing the output or help text.
+//
+// Errors start at 10
+const (
+	ExitCodeOK int = 0
+
+	ExitCodeError = 10 + iota
+	ExitCodeInterrupt
+	ExitCodeParseFlagsError
+	ExitCodeRunnerError
+	ExitCodeConfigError
+)
+
+// CLI is the main entry point.
+type CLI struct {
+	sync.Mutex
+
+	// outSteam and errStream are the standard out and standard error streams to
+	// write messages from the CLI.
+	outStream, errStream io.Writer
+
+	// signalCh is the channel where the cli receives signals.
+	signalCh chan os.Signal
+
+	// stopCh is an internal channel used to trigger a shutdown of the CLI.
+	stopCh  chan struct{}
+	stopped bool
+}
+
+// NewCLI creates a new CLI object with the given stdout and stderr streams.
+func NewCLI(out, err io.Writer) *CLI {
+	return &CLI{
+		outStream: out,
+		errStream: err,
+		signalCh:  make(chan os.Signal, 1),
+		stopCh:    make(chan struct{}),
+	}
+}
+
+// Run accepts a slice of arguments and returns an int representing the exit
+// status from the command.
+func (cli *CLI) Run(args []string) int {
+	// Parse the flags
+	config, paths, once, dry, isVersion, err := cli.ParseFlags(args[1:])
+	if err != nil {
+		if err == flag.ErrHelp {
+			fmt.Fprintf(cli.errStream, usage, version.Name)
+			return 0
+		}
+		fmt.Fprintln(cli.errStream, err.Error())
+		return ExitCodeParseFlagsError
+	}
+
+	// Save original config (defaults + parsed flags) for handling reloads
+	cliConfig := config.Copy()
+
+	// Load configuration paths, with CLI taking precedence
+	config, err = loadConfigs(paths, cliConfig)
+	if err != nil {
+		return logError(err, ExitCodeConfigError)
+	}
+
+	config.Finalize()
+
+	// Setup the config and logging
+	config, err = cli.setup(config)
+	if err != nil {
+		return logError(err, ExitCodeConfigError)
+	}
+
+	// Print version information for debugging
+	log.Printf("[INFO] %s", version.HumanVersion)
+
+	// If the version was requested, return an "error" containing the version
+	// information. This might sound weird, but most *nix applications actually
+	// print their version on stderr anyway.
+	if isVersion {
+		log.Printf("[DEBUG] (cli) version flag was given, exiting now")
+		fmt.Fprintf(cli.errStream, "%s\n", version.HumanVersion)
+		return ExitCodeOK
+	}
+
+	// Initial runner
+	runner, err := manager.NewRunner(config, dry, once)
+	if err != nil {
+		return logError(err, ExitCodeRunnerError)
+	}
+	go runner.Start()
+
+	// Listen for signals
+	signal.Notify(cli.signalCh)
+
+	for {
+		select {
+		case err := <-runner.ErrCh:
+			// Check if the runner's error returned a specific exit status, and return
+			// that value. If no value was given, return a generic exit status.
+			code := ExitCodeRunnerError
+			if typed, ok := err.(manager.ErrExitable); ok {
+				code = typed.ExitStatus()
+			}
+			return logError(err, code)
+		case <-runner.DoneCh:
+			return ExitCodeOK
+		case s := <-cli.signalCh:
+			log.Printf("[DEBUG] (cli) receiving signal %q", s)
+
+			switch s {
+			case *config.ReloadSignal:
+				fmt.Fprintf(cli.errStream, "Reloading configuration...\n")
+				runner.Stop()
+
+				// Re-parse any configuration files or paths
+				config, err = loadConfigs(paths, cliConfig)
+				if err != nil {
+					return logError(err, ExitCodeConfigError)
+				}
+				config.Finalize()
+
+				// Load the new configuration from disk
+				config, err = cli.setup(config)
+				if err != nil {
+					return logError(err, ExitCodeConfigError)
+				}
+
+				runner, err = manager.NewRunner(config, dry, once)
+				if err != nil {
+					return logError(err, ExitCodeRunnerError)
+				}
+				go runner.Start()
+			case *config.KillSignal:
+				fmt.Fprintf(cli.errStream, "Cleaning up...\n")
+				runner.Stop()
+				return ExitCodeInterrupt
+			case signals.SignalLookup["SIGCHLD"]:
+				// The SIGCHLD signal is sent to the parent of a child process when it
+				// exits, is interrupted, or resumes after being interrupted. We ignore
+				// this signal because the child process is monitored on its own.
+				//
+				// Also, the reason we do a lookup instead of a direct syscall.SIGCHLD
+				// is because that isn't defined on Windows.
+			default:
+				// Propagate the signal to the child process
+				runner.Signal(s)
+			}
+		case <-cli.stopCh:
+			return ExitCodeOK
+		}
+	}
+}
+
+// stop is used internally to shutdown a running CLI
+func (cli *CLI) stop() {
+	cli.Lock()
+	defer cli.Unlock()
+
+	if cli.stopped {
+		return
+	}
+
+	close(cli.stopCh)
+	cli.stopped = true
+}
+
+// ParseFlags is a helper function for parsing command line flags using Go's
+// Flag library. This is extracted into a helper to keep the main function
+// small, but it also makes writing tests for parsing command line arguments
+// much easier and cleaner.
+func (cli *CLI) ParseFlags(args []string) (*config.Config, []string, bool, bool, bool, error) {
+	var dry, once, isVersion bool
+
+	c := config.DefaultConfig()
+
+	// configPaths stores the list of configuration paths on disk
+	configPaths := make([]string, 0, 6)
+
+	// Parse the flags and options
+	flags := flag.NewFlagSet(version.Name, flag.ContinueOnError)
+	flags.SetOutput(ioutil.Discard)
+	flags.Usage = func() {}
+
+	flags.Var((funcVar)(func(s string) error {
+		configPaths = append(configPaths, s)
+		return nil
+	}), "config", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Consul.Address = config.String(s)
+		return nil
+	}), "consul-addr", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		a, err := config.ParseAuthConfig(s)
+		if err != nil {
+			return err
+		}
+		c.Consul.Auth = a
+		return nil
+	}), "consul-auth", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Consul.Retry.Enabled = config.Bool(b)
+		return nil
+	}), "consul-retry", "")
+
+	flags.Var((funcIntVar)(func(i int) error {
+		c.Consul.Retry.Attempts = config.Int(i)
+		return nil
+	}), "consul-retry-attempts", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Consul.Retry.Backoff = config.TimeDuration(d)
+		return nil
+	}), "consul-retry-backoff", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Consul.Retry.MaxBackoff = config.TimeDuration(d)
+		return nil
+	}), "consul-retry-max-backoff", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Consul.SSL.Enabled = config.Bool(b)
+		return nil
+	}), "consul-ssl", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Consul.SSL.CaCert = config.String(s)
+		return nil
+	}), "consul-ssl-ca-cert", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Consul.SSL.CaPath = config.String(s)
+		return nil
+	}), "consul-ssl-ca-path", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Consul.SSL.Cert = config.String(s)
+		return nil
+	}), "consul-ssl-cert", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Consul.SSL.Key = config.String(s)
+		return nil
+	}), "consul-ssl-key", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Consul.SSL.ServerName = config.String(s)
+		return nil
+	}), "consul-ssl-server-name", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Consul.SSL.Verify = config.Bool(b)
+		return nil
+	}), "consul-ssl-verify", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Consul.Token = config.String(s)
+		return nil
+	}), "consul-token", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Consul.Transport.DialKeepAlive = config.TimeDuration(d)
+		return nil
+	}), "consul-transport-dial-keep-alive", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Consul.Transport.DialTimeout = config.TimeDuration(d)
+		return nil
+	}), "consul-transport-dial-timeout", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Consul.Transport.DisableKeepAlives = config.Bool(b)
+		return nil
+	}), "consul-transport-disable-keep-alives", "")
+
+	flags.Var((funcIntVar)(func(i int) error {
+		c.Consul.Transport.MaxIdleConnsPerHost = config.Int(i)
+		return nil
+	}), "consul-transport-max-idle-conns-per-host", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Consul.Transport.TLSHandshakeTimeout = config.TimeDuration(d)
+		return nil
+	}), "consul-transport-tls-handshake-timeout", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Dedup.Enabled = config.Bool(b)
+		return nil
+	}), "dedup", "")
+
+	flags.BoolVar(&dry, "dry", false, "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Exec.Enabled = config.Bool(true)
+		c.Exec.Command = config.String(s)
+		return nil
+	}), "exec", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		sig, err := signals.Parse(s)
+		if err != nil {
+			return err
+		}
+		c.Exec.KillSignal = config.Signal(sig)
+		return nil
+	}), "exec-kill-signal", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Exec.KillTimeout = config.TimeDuration(d)
+		return nil
+	}), "exec-kill-timeout", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		sig, err := signals.Parse(s)
+		if err != nil {
+			return err
+		}
+		c.Exec.ReloadSignal = config.Signal(sig)
+		return nil
+	}), "exec-reload-signal", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Exec.Splay = config.TimeDuration(d)
+		return nil
+	}), "exec-splay", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		sig, err := signals.Parse(s)
+		if err != nil {
+			return err
+		}
+		c.KillSignal = config.Signal(sig)
+		return nil
+	}), "kill-signal", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.LogLevel = config.String(s)
+		return nil
+	}), "log-level", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.MaxStale = config.TimeDuration(d)
+		return nil
+	}), "max-stale", "")
+
+	flags.BoolVar(&once, "once", false, "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.PidFile = config.String(s)
+		return nil
+	}), "pid-file", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		sig, err := signals.Parse(s)
+		if err != nil {
+			return err
+		}
+		c.ReloadSignal = config.Signal(sig)
+		return nil
+	}), "reload-signal", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Consul.Retry.Backoff = config.TimeDuration(d)
+		return nil
+	}), "retry", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Syslog.Enabled = config.Bool(b)
+		return nil
+	}), "syslog", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Syslog.Facility = config.String(s)
+		return nil
+	}), "syslog-facility", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		t, err := config.ParseTemplateConfig(s)
+		if err != nil {
+			return err
+		}
+		*c.Templates = append(*c.Templates, t)
+		return nil
+	}), "template", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Vault.Address = config.String(s)
+		return nil
+	}), "vault-addr", "")
+
+	flags.Var((funcDurationVar)(func(t time.Duration) error {
+		c.Vault.Grace = config.TimeDuration(t)
+		return nil
+	}), "vault-grace", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Vault.RenewToken = config.Bool(b)
+		return nil
+	}), "vault-renew-token", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Vault.Retry.Enabled = config.Bool(b)
+		return nil
+	}), "vault-retry", "")
+
+	flags.Var((funcIntVar)(func(i int) error {
+		c.Vault.Retry.Attempts = config.Int(i)
+		return nil
+	}), "vault-retry-attempts", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Vault.Retry.Backoff = config.TimeDuration(d)
+		return nil
+	}), "vault-retry-backoff", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Vault.Retry.MaxBackoff = config.TimeDuration(d)
+		return nil
+	}), "vault-retry-max-backoff", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Vault.SSL.Enabled = config.Bool(b)
+		return nil
+	}), "vault-ssl", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Vault.SSL.CaCert = config.String(s)
+		return nil
+	}), "vault-ssl-ca-cert", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Vault.SSL.CaPath = config.String(s)
+		return nil
+	}), "vault-ssl-ca-path", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Vault.SSL.Cert = config.String(s)
+		return nil
+	}), "vault-ssl-cert", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Vault.SSL.Key = config.String(s)
+		return nil
+	}), "vault-ssl-key", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Vault.SSL.ServerName = config.String(s)
+		return nil
+	}), "vault-ssl-server-name", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Vault.SSL.Verify = config.Bool(b)
+		return nil
+	}), "vault-ssl-verify", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Vault.Transport.DialKeepAlive = config.TimeDuration(d)
+		return nil
+	}), "vault-transport-dial-keep-alive", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Vault.Transport.DialTimeout = config.TimeDuration(d)
+		return nil
+	}), "vault-transport-dial-timeout", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Vault.Transport.DisableKeepAlives = config.Bool(b)
+		return nil
+	}), "vault-transport-disable-keep-alives", "")
+
+	flags.Var((funcIntVar)(func(i int) error {
+		c.Vault.Transport.MaxIdleConnsPerHost = config.Int(i)
+		return nil
+	}), "vault-transport-max-idle-conns-per-host", "")
+
+	flags.Var((funcDurationVar)(func(d time.Duration) error {
+		c.Vault.Transport.TLSHandshakeTimeout = config.TimeDuration(d)
+		return nil
+	}), "vault-transport-tls-handshake-timeout", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		c.Vault.Token = config.String(s)
+		return nil
+	}), "vault-token", "")
+
+	flags.Var((funcBoolVar)(func(b bool) error {
+		c.Vault.UnwrapToken = config.Bool(b)
+		return nil
+	}), "vault-unwrap-token", "")
+
+	flags.Var((funcVar)(func(s string) error {
+		w, err := config.ParseWaitConfig(s)
+		if err != nil {
+			return err
+		}
+		c.Wait = w
+		return nil
+	}), "wait", "")
+
+	flags.BoolVar(&isVersion, "v", false, "")
+	flags.BoolVar(&isVersion, "version", false, "")
+
+	// If there was a parser error, stop
+	if err := flags.Parse(args); err != nil {
+		return nil, nil, false, false, false, err
+	}
+
+	// Error if extra arguments are present
+	args = flags.Args()
+	if len(args) > 0 {
+		return nil, nil, false, false, false, fmt.Errorf("cli: extra args: %q", args)
+	}
+
+	return c, configPaths, once, dry, isVersion, nil
+}
+
+// loadConfigs loads the configuration from the list of paths. The optional
+// configuration is the list of overrides to apply at the very end, taking
+// precedence over any configurations that were loaded from the paths. If any
+// errors occur when reading or parsing those sub-configs, it is returned.
+func loadConfigs(paths []string, o *config.Config) (*config.Config, error) {
+	finalC := config.DefaultConfig()
+
+	for _, path := range paths {
+		c, err := config.FromPath(path)
+		if err != nil {
+			return nil, err
+		}
+
+		finalC = finalC.Merge(c)
+	}
+
+	finalC = finalC.Merge(o)
+	finalC.Finalize()
+	return finalC, nil
+}
+
+// logError logs an error message and then returns the given status.
+func logError(err error, status int) int {
+	log.Printf("[ERR] (cli) %s", err)
+	return status
+}
+
+func (cli *CLI) setup(conf *config.Config) (*config.Config, error) {
+	if err := logging.Setup(&logging.Config{
+		Name:           version.Name,
+		Level:          config.StringVal(conf.LogLevel),
+		Syslog:         config.BoolVal(conf.Syslog.Enabled),
+		SyslogFacility: config.StringVal(conf.Syslog.Facility),
+		Writer:         cli.errStream,
+	}); err != nil {
+		return nil, err
+	}
+
+	return conf, nil
+}
+
+const usage = `Usage: %s [options]
+
+  Watches a series of templates on the file system, writing new changes when
+  Consul is updated. It runs until an interrupt is received unless the -once
+  flag is specified.
+
+Options:
+
+  -config=<path>
+      Sets the path to a configuration file or folder on disk. This can be
+      specified multiple times to load multiple files or folders. If multiple
+      values are given, they are merged left-to-right, and CLI arguments take
+      the top-most precedence.
+
+  -consul-addr=<address>
+      Sets the address of the Consul instance
+
+  -consul-auth=<username[:password]>
+      Set the basic authentication username and password for communicating
+      with Consul.
+
+  -consul-retry
+      Use retry logic when communication with Consul fails
+
+  -consul-retry-attempts=<int>
+      The number of attempts to use when retrying failed communications
+
+  -consul-retry-backoff=<duration>
+      The base amount to use for the backoff duration. This number will be
+      increased exponentially for each retry attempt.
+
+  -consul-retry-max-backoff=<duration>
+      The maximum limit of the retry backoff duration. Default is one minute.
+      0 means infinite. The backoff will increase exponentially until given value.
+
+  -consul-ssl
+      Use SSL when connecting to Consul
+
+  -consul-ssl-ca-cert=<string>
+      Validate server certificate against this CA certificate file list
+
+  -consul-ssl-ca-path=<string>
+      Sets the path to the CA to use for TLS verification
+
+  -consul-ssl-cert=<string>
+      SSL client certificate to send to server
+
+  -consul-ssl-key=<string>
+      SSL/TLS private key for use in client authentication key exchange
+
+  -consul-ssl-server-name=<string>
+      Sets the name of the server to use when validating TLS.
+
+  -consul-ssl-verify
+      Verify certificates when connecting via SSL
+
+  -consul-token=<token>
+      Sets the Consul API token
+
+  -consul-transport-dial-keep-alive=<duration>
+      Sets the amount of time to use for keep-alives
+
+  -consul-transport-dial-timeout=<duration>
+      Sets the amount of time to wait to establish a connection
+
+  -consul-transport-disable-keep-alives
+      Disables keep-alives (this will impact performance)
+
+  -consul-transport-max-idle-conns-per-host=<int>
+      Sets the maximum number of idle connections to permit per host
+
+  -consul-transport-tls-handshake-timeout=<duration>
+      Sets the handshake timeout
+
+  -dedup
+      Enable de-duplication mode - reduces load on Consul when many instances of
+      Consul Template are rendering a common template
+
+  -dry
+      Print generated templates to stdout instead of rendering
+
+  -exec=<command>
+      Enable exec mode to run as a supervisor-like process - the given command
+      will receive all signals provided to the parent process and will receive a
+      signal when templates change
+
+  -exec-kill-signal=<signal>
+      Signal to send when gracefully killing the process
+
+  -exec-kill-timeout=<duration>
+      Amount of time to wait before force-killing the child
+
+  -exec-reload-signal=<signal>
+      Signal to send when a reload takes place
+
+  -exec-splay=<duration>
+      Amount of time to wait before sending signals
+
+  -kill-signal=<signal>
+      Signal to listen to gracefully terminate the process
+
+  -log-level=<level>
+      Set the logging level - values are "debug", "info", "warn", and "err"
+
+  -max-stale=<duration>
+      Set the maximum staleness and allow stale queries to Consul which will
+      distribute work among all servers instead of just the leader
+
+  -once
+      Do not run the process as a daemon
+
+  -pid-file=<path>
+      Path on disk to write the PID of the process
+
+  -reload-signal=<signal>
+      Signal to listen to reload configuration
+
+  -retry=<duration>
+      The amount of time to wait if Consul returns an error when communicating
+      with the API
+
+  -syslog
+      Send the output to syslog instead of standard error and standard out. The
+      syslog facility defaults to LOCAL0 and can be changed using a
+      configuration file
+
+  -syslog-facility=<facility>
+      Set the facility where syslog should log - if this attribute is supplied,
+      the -syslog flag must also be supplied
+
+  -template=<template>
+       Adds a new template to watch on disk in the format 'in:out(:command)'
+
+  -vault-addr=<address>
+      Sets the address of the Vault server
+
+  -vault-grace=<duration>
+      Sets the grace period between lease renewal and secret re-acquisition - if
+      the remaining lease duration is less than this value, Consul Template will
+      acquire a new secret from Vault
+
+  -vault-renew-token
+      Periodically renew the provided Vault API token - this defaults to "true"
+      and will renew the token at half of the lease duration
+
+  -vault-retry
+      Use retry logic when communication with Vault fails
+
+  -vault-retry-attempts=<int>
+      The number of attempts to use when retrying failed communications
+
+  -vault-retry-backoff=<duration>
+      The base amount to use for the backoff duration. This number will be
+      increased exponentially for each retry attempt.
+
+  -vault-retry-max-backoff=<duration>
+      The maximum limit of the retry backoff duration. Default is one minute.
+      0 means infinite. The backoff will increase exponentially until given value.
+
+  -vault-ssl
+      Specifies whether communications with Vault should be done via SSL
+
+  -vault-ssl-ca-cert=<string>
+      Sets the path to the CA certificate to use for TLS verification
+
+  -vault-ssl-ca-path=<string>
+      Sets the path to the CA to use for TLS verification
+
+  -vault-ssl-cert=<string>
+      Sets the path to the certificate to use for TLS verification
+
+  -vault-ssl-key=<string>
+      Sets the path to the key to use for TLS verification
+
+  -vault-ssl-server-name=<string>
+      Sets the name of the server to use when validating TLS.
+
+  -vault-ssl-verify
+      Enable SSL verification for communications with Vault.
+
+  -vault-token=<token>
+      Sets the Vault API token
+
+  -vault-transport-dial-keep-alive=<duration>
+      Sets the amount of time to use for keep-alives
+
+  -vault-transport-dial-timeout=<duration>
+      Sets the amount of time to wait to establish a connection
+
+  -vault-transport-disable-keep-alives
+      Disables keep-alives (this will impact performance)
+
+  -vault-transport-max-idle-conns-per-host=<int>
+      Sets the maximum number of idle connections to permit per host
+
+  -vault-transport-tls-handshake-timeout=<duration>
+      Sets the handshake timeout
+
+  -vault-unwrap-token
+      Unwrap the provided Vault API token (see Vault documentation for more
+      information on this feature)
+
+  -wait=<duration>
+      Sets the 'min(:max)' amount of time to wait before writing a template (and
+      triggering a command)
+
+  -v, -version
+      Print the version of this daemon
+`

vendor/github.com/hashicorp/consul-template/config/config.go

@@ -280,7 +280,7 @@ func Must(s string) *Config {
 	return c
 }
 
-// TestConfig returuns a default, finalized config, with the provided
+// TestConfig returns a default, finalized config, with the provided
 // configuration taking precedence.
 func TestConfig(c *Config) *Config {
 	d := DefaultConfig().Merge(c)

vendor/github.com/hashicorp/consul-template/config/convert.go

@@ -30,7 +30,7 @@ func BoolGoString(b *bool) string {
 	return fmt.Sprintf("%t", *b)
 }
 
-// BoolPresent returns a boolean indiciating if the pointer is nil, or if the
+// BoolPresent returns a boolean indicating if the pointer is nil, or if the
 // pointer is pointing to the zero value..
 func BoolPresent(b *bool) bool {
 	if b == nil {
@@ -62,7 +62,7 @@ func FileModeGoString(o *os.FileMode) string {
 	return fmt.Sprintf("%q", *o)
 }
 
-// FileModePresent returns a boolean indiciating if the pointer is nil, or if
+// FileModePresent returns a boolean indicating if the pointer is nil, or if
 // the pointer is pointing to the zero value.
 func FileModePresent(o *os.FileMode) bool {
 	if o == nil {
@@ -93,7 +93,7 @@ func IntGoString(i *int) string {
 	return fmt.Sprintf("%d", *i)
 }
 
-// IntPresent returns a boolean indiciating if the pointer is nil, or if the
+// IntPresent returns a boolean indicating if the pointer is nil, or if the
 // pointer is pointing to the zero value.
 func IntPresent(i *int) bool {
 	if i == nil {
@@ -127,7 +127,7 @@ func SignalGoString(s *os.Signal) string {
 	return fmt.Sprintf("%q", *s)
 }
 
-// SignalPresent returns a boolean indiciating if the pointer is nil, or if the pointer is pointing to the zero value..
+// SignalPresent returns a boolean indicating if the pointer is nil, or if the pointer is pointing to the zero value..
 func SignalPresent(s *os.Signal) bool {
 	if s == nil {
 		return false
@@ -157,7 +157,7 @@ func StringGoString(s *string) string {
 	return fmt.Sprintf("%q", *s)
 }
 
-// StringPresent returns a boolean indiciating if the pointer is nil, or if the pointer is pointing to the zero value..
+// StringPresent returns a boolean indicating if the pointer is nil, or if the pointer is pointing to the zero value..
 func StringPresent(s *string) bool {
 	if s == nil {
 		return false
@@ -188,7 +188,7 @@ func TimeDurationGoString(t *time.Duration) string {
 	return fmt.Sprintf("%s", t)
 }
 
-// TimeDurationPresent returns a boolean indiciating if the pointer is nil, or if the pointer is pointing to the zero value..
+// TimeDurationPresent returns a boolean indicating if the pointer is nil, or if the pointer is pointing to the zero value..
 func TimeDurationPresent(t *time.Duration) bool {
 	if t == nil {
 		return false

vendor/github.com/hashicorp/consul-template/config/env.go

@@ -12,13 +12,13 @@ import (
 // for mapstructure's decoding.
 type EnvConfig struct {
 	// BlacklistEnv specifies a list of environment variables to explicitly
-	// disclude from the list of environment variables populated to the child.
+	// exclude from the list of environment variables populated to the child.
 	// If both WhitelistEnv and BlacklistEnv are provided, BlacklistEnv takes
 	// precedence over the values in WhitelistEnv.
 	Blacklist []string `mapstructure:"blacklist"`
 
 	// CustomEnv specifies custom environment variables to pass to the child
-	// process. These are provided programatically, override any environment
+	// process. These are provided programmatically, override any environment
 	// variables of the same name, are ignored from whitelist/blacklist, and
 	// are still included even if PristineEnv is set to true.
 	Custom []string `mapstructure:"custom"`

vendor/github.com/hashicorp/consul-template/config/retry.go

@@ -30,7 +30,7 @@ type RetryConfig struct {
 	Attempts *int
 
 	// Backoff is the base of the exponentialbackoff. This number will be
-	// multipled by the next power of 2 on each iteration.
+	// multiplied by the next power of 2 on each iteration.
 	Backoff *time.Duration
 
 	// MaxBackoff is an upper limit to the sleep time between retries

vendor/github.com/hashicorp/consul-template/config/transport.go

@@ -56,7 +56,7 @@ type TransportConfig struct {
 	// host.
 	MaxIdleConnsPerHost *int `mapstructure:"max_idle_conns_per_host"`
 
-	// TLSHandshakeTimeout is the amout of time to wait to complete the TLS
+	// TLSHandshakeTimeout is the amount of time to wait to complete the TLS
 	// handshake.
 	TLSHandshakeTimeout *time.Duration `mapstructure:"tls_handshake_timeout"`
 }

vendor/github.com/hashicorp/consul-template/dependency/vault_common.go

@@ -115,7 +115,7 @@ func transformSecret(theirs *api.Secret) *Secret {
 
 // updateSecret updates our secret with the new data from the api, careful to
 // not overwrite missing data. Renewals don't include the original secret, and
-// we don't want to delete that data accidentially.
+// we don't want to delete that data accidentally.
 func updateSecret(ours *Secret, theirs *api.Secret) {
 	if theirs.RequestID != "" {
 		ours.RequestID = theirs.RequestID

vendor/github.com/hashicorp/consul-template/flags.go

@@ -0,0 +1,56 @@
+package main
+
+import (
+	"strconv"
+	"time"
+)
+
+// funcVar is a type of flag that accepts a function that is the string given
+// by the user.
+type funcVar func(s string) error
+
+func (f funcVar) Set(s string) error { return f(s) }
+func (f funcVar) String() string     { return "" }
+func (f funcVar) IsBoolFlag() bool   { return false }
+
+// funcBoolVar is a type of flag that accepts a function, converts the user's
+// value to a bool, and then calls the given function.
+type funcBoolVar func(b bool) error
+
+func (f funcBoolVar) Set(s string) error {
+	v, err := strconv.ParseBool(s)
+	if err != nil {
+		return err
+	}
+	return f(v)
+}
+func (f funcBoolVar) String() string   { return "" }
+func (f funcBoolVar) IsBoolFlag() bool { return true }
+
+// funcDurationVar is a type of flag that accepts a function, converts the
+// user's value to a duration, and then calls the given function.
+type funcDurationVar func(d time.Duration) error
+
+func (f funcDurationVar) Set(s string) error {
+	v, err := time.ParseDuration(s)
+	if err != nil {
+		return err
+	}
+	return f(v)
+}
+func (f funcDurationVar) String() string   { return "" }
+func (f funcDurationVar) IsBoolFlag() bool { return false }
+
+// funcIntVar is a type of flag that accepts a function, converts the
+// user's value to a int, and then calls the given function.
+type funcIntVar func(i int) error
+
+func (f funcIntVar) Set(s string) error {
+	v, err := strconv.ParseInt(s, 10, 32)
+	if err != nil {
+		return err
+	}
+	return f(int(v))
+}
+func (f funcIntVar) String() string   { return "" }
+func (f funcIntVar) IsBoolFlag() bool { return false }

vendor/github.com/hashicorp/consul-template/logging/logging.go

@@ -0,0 +1,88 @@
+package logging
+
+import (
+	"fmt"
+	"io"
+	"io/ioutil"
+	"log"
+	"strings"
+
+	"github.com/hashicorp/go-syslog"
+	"github.com/hashicorp/logutils"
+)
+
+// Levels are the log levels we respond to=o.
+var Levels = []logutils.LogLevel{"TRACE", "DEBUG", "INFO", "WARN", "ERR"}
+
+// Config is the configuration for this log setup.
+type Config struct {
+	// Name is the progname as it will appear in syslog output (if enabled).
+	Name string `json:"name"`
+
+	// Level is the log level to use.
+	Level string `json:"level"`
+
+	// Syslog and SyslogFacility are the syslog configuration options.
+	Syslog         bool   `json:"syslog"`
+	SyslogFacility string `json:"syslog_facility"`
+
+	// Writer is the output where logs should go. If syslog is enabled, data will
+	// be written to writer in addition to syslog.
+	Writer io.Writer `json:"-"`
+}
+
+func Setup(config *Config) error {
+	var logOutput io.Writer
+
+	// Setup the default logging
+	logFilter := NewLogFilter()
+	logFilter.MinLevel = logutils.LogLevel(strings.ToUpper(config.Level))
+	logFilter.Writer = config.Writer
+	if !ValidateLevelFilter(logFilter.MinLevel, logFilter) {
+		levels := make([]string, 0, len(logFilter.Levels))
+		for _, level := range logFilter.Levels {
+			levels = append(levels, string(level))
+		}
+		return fmt.Errorf("invalid log level %q, valid log levels are %s",
+			config.Level, strings.Join(levels, ", "))
+	}
+
+	// Check if syslog is enabled
+	if config.Syslog {
+		log.Printf("[DEBUG] (logging) enabling syslog on %s", config.SyslogFacility)
+
+		l, err := gsyslog.NewLogger(gsyslog.LOG_NOTICE, config.SyslogFacility, config.Name)
+		if err != nil {
+			return fmt.Errorf("error setting up syslog logger: %s", err)
+		}
+		syslog := &SyslogWrapper{l, logFilter}
+		logOutput = io.MultiWriter(logFilter, syslog)
+	} else {
+		logOutput = io.MultiWriter(logFilter)
+	}
+
+	log.SetFlags(log.Ldate | log.Ltime | log.Lmicroseconds | log.LUTC)
+	log.SetOutput(logOutput)
+
+	return nil
+}
+
+// NewLogFilter returns a LevelFilter that is configured with the log levels that
+// we use.
+func NewLogFilter() *logutils.LevelFilter {
+	return &logutils.LevelFilter{
+		Levels:   Levels,
+		MinLevel: "WARN",
+		Writer:   ioutil.Discard,
+	}
+}
+
+// ValidateLevelFilter verifies that the log levels within the filter are valid.
+func ValidateLevelFilter(min logutils.LogLevel, filter *logutils.LevelFilter) bool {
+	for _, level := range filter.Levels {
+		if level == min {
+			return true
+		}
+	}
+	return false
+}

vendor/github.com/hashicorp/consul-template/logging/syslog.go

@@ -0,0 +1,53 @@
+package logging
+
+import (
+	"bytes"
+
+	"github.com/hashicorp/go-syslog"
+	"github.com/hashicorp/logutils"
+)
+
+// syslogPriorityMap is used to map a log level to a syslog priority level.
+var syslogPriorityMap = map[string]gsyslog.Priority{
+	"DEBUG": gsyslog.LOG_INFO,
+	"INFO":  gsyslog.LOG_NOTICE,
+	"WARN":  gsyslog.LOG_WARNING,
+	"ERR":   gsyslog.LOG_ERR,
+}
+
+// SyslogWrapper is used to cleanup log messages before writing them to a
+// Syslogger. Implements the io.Writer interface.
+type SyslogWrapper struct {
+	l    gsyslog.Syslogger
+	filt *logutils.LevelFilter
+}
+
+// Write is used to implement io.Writer.
+func (s *SyslogWrapper) Write(p []byte) (int, error) {
+	// Skip syslog if the log level doesn't apply
+	if !s.filt.Check(p) {
+		return 0, nil
+	}
+
+	// Extract log level
+	var level string
+	afterLevel := p
+	x := bytes.IndexByte(p, '[')
+	if x >= 0 {
+		y := bytes.IndexByte(p[x:], ']')
+		if y >= 0 {
+			level = string(p[x+1 : x+y])
+			afterLevel = p[x+y+2:]
+		}
+	}
+
+	// Each log level will be handled by a specific syslog priority.
+	priority, ok := syslogPriorityMap[level]
+	if !ok {
+		priority = gsyslog.LOG_NOTICE
+	}
+
+	// Attempt the write
+	err := s.l.WriteLevel(priority, afterLevel)
+	return len(p), err
+}

vendor/github.com/hashicorp/consul-template/main.go

@@ -0,0 +1,8 @@
+package main // import "github.com/hashicorp/consul-template"
+
+import "os"
+
+func main() {
+	cli := NewCLI(os.Stdout, os.Stderr)
+	os.Exit(cli.Run(os.Args))
+}

vendor/github.com/hashicorp/consul-template/manager/dedup.go

@@ -3,7 +3,6 @@ package manager
 import (
 	"bytes"
 	"compress/lzw"
-	"crypto/md5"
 	"encoding/gob"
 	"fmt"
 	"log"
@@ -11,6 +10,8 @@ import (
 	"sync"
 	"time"
 
+	"github.com/mitchellh/hashstructure"
+
 	"github.com/hashicorp/consul-template/config"
 	dep "github.com/hashicorp/consul-template/dependency"
 	"github.com/hashicorp/consul-template/template"
@@ -67,10 +68,10 @@ type DedupManager struct {
 	// config is the deduplicate configuration
 	config *config.DedupConfig
 
-	// clients is used to access the underlying clinets
+	// clients is used to access the underlying clients
 	clients *dep.ClientSet
 
-	// Brain is where we inject udpates
+	// Brain is where we inject updates
 	brain *template.Brain
 
 	// templates is the set of templates we are trying to dedup
@@ -81,7 +82,7 @@ type DedupManager struct {
 	leaderLock sync.RWMutex
 
 	// lastWrite tracks the hash of the data paths
-	lastWrite     map[*template.Template][]byte
+	lastWrite     map[*template.Template]uint64
 	lastWriteLock sync.RWMutex
 
 	// updateCh is used to indicate an update watched data
@@ -103,7 +104,7 @@ func NewDedupManager(config *config.DedupConfig, clients *dep.ClientSet, brain *
 		brain:     brain,
 		templates: templates,
 		leader:    make(map[*template.Template]<-chan struct{}),
-		lastWrite: make(map[*template.Template][]byte),
+		lastWrite: make(map[*template.Template]uint64),
 		updateCh:  make(chan struct{}, 1),
 		stopCh:    make(chan struct{}),
 	}
@@ -220,6 +221,23 @@ func (d *DedupManager) UpdateDeps(t *template.Template, deps []dep.Dependency) e
 		}
 	}
 
+	// Compute stable hash of the data. Note we don't compute this over the actual
+	// encoded value since gob encoding does not guarantee stable ordering for
+	// maps so spuriously returns a different hash most times. See
+	// https://github.com/hashicorp/consul-template/issues/1099.
+	hash, err := hashstructure.Hash(td, nil)
+	if err != nil {
+		return fmt.Errorf("calculating hash failed: %v", err)
+	}
+	d.lastWriteLock.RLock()
+	existing, ok := d.lastWrite[t]
+	d.lastWriteLock.RUnlock()
+	if ok && existing == hash {
+		log.Printf("[INFO] (dedup) de-duplicate data '%s' already current",
+			dataPath)
+		return nil
+	}
+
 	// Encode via GOB and LZW compress
 	var buf bytes.Buffer
 	compress := lzw.NewWriter(&buf, lzw.LSB, 8)
@@ -229,17 +247,6 @@ func (d *DedupManager) UpdateDeps(t *template.Template, deps []dep.Dependency) e
 	}
 	compress.Close()
 
-	// Compute MD5 of the buffer
-	hash := md5.Sum(buf.Bytes())
-	d.lastWriteLock.RLock()
-	existing, ok := d.lastWrite[t]
-	d.lastWriteLock.RUnlock()
-	if ok && bytes.Equal(existing, hash[:]) {
-		log.Printf("[INFO] (dedup) de-duplicate data '%s' already current",
-			dataPath)
-		return nil
-	}
-
 	// Write the KV update
 	kvPair := consulapi.KVPair{
 		Key:   dataPath,
@@ -252,12 +259,12 @@ func (d *DedupManager) UpdateDeps(t *template.Template, deps []dep.Dependency) e
 	}
 	log.Printf("[INFO] (dedup) updated de-duplicate data '%s'", dataPath)
 	d.lastWriteLock.Lock()
-	d.lastWrite[t] = hash[:]
+	d.lastWrite[t] = hash
 	d.lastWriteLock.Unlock()
 	return nil
 }
 
-// UpdateCh returns a channel to watch for depedency updates
+// UpdateCh returns a channel to watch for dependency updates
 func (d *DedupManager) UpdateCh() <-chan struct{} {
 	return d.updateCh
 }

vendor/github.com/hashicorp/consul-template/manager/renderer.go

@@ -38,7 +38,7 @@ type RenderInput struct {
 }
 
 // RenderResult is returned and stored. It contains the status of the render
-// operationg.
+// operation.
 type RenderResult struct {
 	// DidRender indicates if the template rendered to disk. This will be false in
 	// the event of an error, but it will also be false in dry mode or when the

vendor/github.com/hashicorp/consul-template/manager/runner.go

@@ -139,7 +139,7 @@ type RenderEvent struct {
 	UpdatedAt time.Time
 
 	// Used is the full list of dependencies seen in the template. Because of
-	// the n-pass evaluation, this number can change over time. The dependecnies
+	// the n-pass evaluation, this number can change over time. The dependencies
 	// in this list may or may not have data. This just contains the list of all
 	// dependencies parsed out of the template with the current data.
 	UsedDeps *dep.Set
@@ -496,12 +496,12 @@ func (r *Runner) Signal(s os.Signal) error {
 // Run iterates over each template in this Runner and conditionally executes
 // the template rendering and command execution.
 //
-// The template is rendered atomicly. If and only if the template render
+// The template is rendered atomically. If and only if the template render
 // completes successfully, the optional commands will be executed, if given.
 // Please note that all templates are rendered **and then** any commands are
 // executed.
 func (r *Runner) Run() error {
-	log.Printf("[INFO] (runner) initiating run")
+	log.Printf("[DEBUG] (runner) initiating run")
 
 	var newRenderEvent, wouldRenderAny, renderedAny bool
 	runCtx := &templateRunCtx{
@@ -719,7 +719,7 @@ func (r *Runner) runTemplate(tmpl *template.Template, runCtx *templateRunCtx) (*
 		return event, nil
 	}
 
-	// Trigger an update of the de-duplicaiton manager
+	// Trigger an update of the de-duplication manager
 	if r.dedup != nil && isLeader {
 		if err := r.dedup.UpdateDeps(tmpl, used.List()); err != nil {
 			log.Printf("[ERR] (runner) failed to update dependency data for de-duplication: %v", err)
@@ -1011,7 +1011,7 @@ func (r *Runner) childEnv() []string {
 		m["VAULT_TLS_SERVER_NAME"] = config.StringVal(r.config.Vault.SSL.ServerName)
 	}
 
-	// Append runner-supplied env (this is supplied programatically).
+	// Append runner-supplied env (this is supplied programmatically).
 	for k, v := range r.Env {
 		m[k] = v
 	}

vendor/github.com/hashicorp/consul-template/template/funcs.go

@@ -829,7 +829,7 @@ func plugin(name string, args ...string) (string, error) {
 			}
 		}
 		<-done // Allow the goroutine to exit
-		return "", fmt.Errorf("exec %q: did not finishin 30s", name)
+		return "", fmt.Errorf("exec %q: did not finish in 30s", name)
 	case err := <-done:
 		if err != nil {
 			return "", fmt.Errorf("exec %q: %s\n\nstdout:\n\n%s\n\nstderr:\n\n%s",

vendor/github.com/hashicorp/consul-template/version/version.go

@@ -2,7 +2,7 @@ package version
 
 import "fmt"
 
-const Version = "0.19.5.dev"
+const Version = "0.19.5"
 
 var (
 	Name      string

vendor/github.com/hashicorp/consul-template/watch/view.go

@@ -146,7 +146,7 @@ func (v *View) poll(viewCh chan<- *View, errCh chan<- error) {
 		case <-successCh:
 			// We successfully received a non-error response from the server. This
 			// does not mean we have data (that's dataCh's job), but rather this
-			// just resets the counter indicating we communciated successfully. For
+			// just resets the counter indicating we communicated successfully. For
 			// example, Consul make have an outage, but when it returns, the view
 			// is unchanged. We have to reset the counter retries, but not update the
 			// actual template.

vendor/github.com/hashicorp/consul-template/watch/watcher.go

@@ -35,7 +35,7 @@ type Watcher struct {
 	maxStale time.Duration
 
 	// once signals if this watcher should tell views to retrieve data exactly
-	// one time intead of polling infinitely.
+	// one time instead of polling infinitely.
 	once bool
 
 	// retryFuncs specifies the different ways to retry based on the upstream.
@@ -116,7 +116,7 @@ func (w *Watcher) ErrCh() <-chan error {
 	return w.errCh
 }
 
-// Add adds the given dependency to the list of monitored depedencies
+// Add adds the given dependency to the list of monitored dependencies
 // and start the associated view. If the dependency already exists, no action is
 // taken.
 //
@@ -176,7 +176,7 @@ func (w *Watcher) Watching(d dep.Dependency) bool {
 }
 
 // ForceWatching is used to force setting the internal state of watching
-// a depedency. This is only used for unit testing purposes.
+// a dependency. This is only used for unit testing purposes.
 func (w *Watcher) ForceWatching(d dep.Dependency, enabled bool) {
 	w.Lock()
 	defer w.Unlock()

vendor/vendor.json

@@ -149,14 +149,16 @@
 		{"path":"github.com/gorhill/cronexpr/cronexpr","checksumSHA1":"Nd/7mZb0T6Gj6+AymyOPsNCQSJs=","comment":"1.0.0","revision":"a557574d6c024ed6e36acc8b610f5f211c91568a"},
 		{"path":"github.com/gorilla/context","checksumSHA1":"g/V4qrXjUGG9B+e3hB+4NAYJ5Gs=","revision":"08b5f424b9271eedf6f9f0ce86cb9396ed337a42","revisionTime":"2016-08-17T18:46:32Z"},
 		{"path":"github.com/gorilla/mux","checksumSHA1":"STQSdSj2FcpCf0NLfdsKhNutQT0=","revision":"e48e440e4c92e3251d812f8ce7858944dfa3331c","revisionTime":"2018-08-07T07:52:56Z"},
-		{"path":"github.com/hashicorp/consul-template/child","checksumSHA1":"Nu2j1GusM7ZH0uYrGzqr1K7yH7I=","revision":"26d029ad37335b3827a9fde5569b2c5e10dcac8f","revisionTime":"2017-10-31T14:25:17Z"},
-		{"path":"github.com/hashicorp/consul-template/config","checksumSHA1":"qKAxyhYnUpKzZ5KpA6aOiIHHqqg=","revision":"26d029ad37335b3827a9fde5569b2c5e10dcac8f","revisionTime":"2017-10-31T14:25:17Z"},
-		{"path":"github.com/hashicorp/consul-template/dependency","checksumSHA1":"gZUb/+jEn+2hdO/lmQSKcYuOB/o=","revision":"26d029ad37335b3827a9fde5569b2c5e10dcac8f","revisionTime":"2017-10-31T14:25:17Z"},
-		{"path":"github.com/hashicorp/consul-template/manager","checksumSHA1":"JVwx9FW1/nxRvg1lEeydBhaf3No=","revision":"26d029ad37335b3827a9fde5569b2c5e10dcac8f","revisionTime":"2017-10-31T14:25:17Z"},
-		{"path":"github.com/hashicorp/consul-template/signals","checksumSHA1":"YSEUV/9/k85XciRKu0cngxdjZLE=","revision":"26d029ad37335b3827a9fde5569b2c5e10dcac8f","revisionTime":"2017-10-31T14:25:17Z"},
-		{"path":"github.com/hashicorp/consul-template/template","checksumSHA1":"N9qobVzScLbTEnGE7MgFnnTbGBw=","revision":"26d029ad37335b3827a9fde5569b2c5e10dcac8f","revisionTime":"2017-10-31T14:25:17Z"},
-		{"path":"github.com/hashicorp/consul-template/version","checksumSHA1":"NB5+D4AuCNV9Bsqh3YFdPi4AJ6U=","revision":"26d029ad37335b3827a9fde5569b2c5e10dcac8f","revisionTime":"2017-10-31T14:25:17Z"},
-		{"path":"github.com/hashicorp/consul-template/watch","checksumSHA1":"b4+Y+02pY2Y5620F9ALzKg8Zmdw=","revision":"26d029ad37335b3827a9fde5569b2c5e10dcac8f","revisionTime":"2017-10-31T14:25:17Z"},
+		{"path":"github.com/hashicorp/consul-template","checksumSHA1":"JGDXrGETgjJYNGIb//si5C6JIj4=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
+		{"path":"github.com/hashicorp/consul-template/child","checksumSHA1":"AhDPiKa7wzh3SE6Gx0WrsDYwBHg=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
+		{"path":"github.com/hashicorp/consul-template/config","checksumSHA1":"V+1cP51VHrIsoayaMrKyMfAjKQk=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
+		{"path":"github.com/hashicorp/consul-template/dependency","checksumSHA1":"ooC1P0Z8MTQ+JYc2cxTia+6w41w=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
+		{"path":"github.com/hashicorp/consul-template/logging","checksumSHA1":"o5N7SV389Ej+3b1iRNmz1dx5e1M=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
+		{"path":"github.com/hashicorp/consul-template/manager","checksumSHA1":"Qf3HTBNa6NpM2h/aecUNmpXA6eo=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
+		{"path":"github.com/hashicorp/consul-template/signals","checksumSHA1":"YSEUV/9/k85XciRKu0cngxdjZLE=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
+		{"path":"github.com/hashicorp/consul-template/template","checksumSHA1":"0mSanQgyqUc3X44C7IobVyy8JJc=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
+		{"path":"github.com/hashicorp/consul-template/version","checksumSHA1":"ZEI6EWoUxsaOnaajcxxqH7cnIH4=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
+		{"path":"github.com/hashicorp/consul-template/watch","checksumSHA1":"wLwStBhxVRf0qaE5fIN4yWuBkB4=","revision":"f8c8205caf458dfd0ecab69d029ab112803aa587","revisionTime":"2018-06-12T16:16:25Z"},
 		{"path":"github.com/hashicorp/consul/agent/consul/autopilot","checksumSHA1":"+I7fgoQlrnTUGW5krqNLadWwtjg=","revision":"fb848fc48818f58690db09d14640513aa6bf3c02","revisionTime":"2018-04-13T17:05:42Z"},
 		{"path":"github.com/hashicorp/consul/api","checksumSHA1":"7UvyPiYTxcB8xqRlULAT3X8+8zE=","revision":"fb848fc48818f58690db09d14640513aa6bf3c02","revisionTime":"2018-04-13T17:05:42Z"},
 		{"path":"github.com/hashicorp/consul/command/flags","checksumSHA1":"soNN4xaHTbeXFgNkZ7cX0gbFXQk=","revision":"fb848fc48818f58690db09d14640513aa6bf3c02","revisionTime":"2018-04-13T17:05:42Z"},