luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
open-vault/command/commands.go

841 lines
26 KiB
Go
Raw Normal View History

Wire all commands together
2017-09-05 04:05:53 +00:00
package command
import (
"os"
"os/signal"
"syscall"
"github.com/hashicorp/vault/audit"
Run all builtins as plugins (#5536)
2018-11-07 01:21:24 +00:00
"github.com/hashicorp/vault/builtin/plugin"
Create sdk/ and api/ submodules (#6583)
2019-04-12 21:54:35 +00:00
"github.com/hashicorp/vault/sdk/logical"
"github.com/hashicorp/vault/sdk/physical"
Move version out of SDK. (#14229) Move version out of SDK. For now it's a copy rather than move: the part not addressed by this change is sdk/helper/useragent.String, which we'll want to remove in favour of PluginString. That will have to wait until we've removed uses of useragent.String from all builtins.
2022-12-07 18:29:51 +00:00
"github.com/hashicorp/vault/version"
Wire all commands together
2017-09-05 04:05:53 +00:00
"github.com/mitchellh/cli"
Run all builtins as plugins (#5536)
2018-11-07 01:21:24 +00:00
/*
The builtinplugins package is initialized here because it, in turn,
initializes the database plugins.
They register multiple database drivers for the "database/sql" package.
*/
_ "github.com/hashicorp/vault/helper/builtinplugins"
Wire all commands together
2017-09-05 04:05:53 +00:00
auditFile "github.com/hashicorp/vault/builtin/audit/file"
auditSocket "github.com/hashicorp/vault/builtin/audit/socket"
auditSyslog "github.com/hashicorp/vault/builtin/audit/syslog"
Add alicloud auth (#5123) * add alicloud auth commands * add dependencies
2018-08-16 19:17:49 +00:00
credAliCloud "github.com/hashicorp/vault-plugin-auth-alicloud"
Add centrify plugin as builtin
2018-01-19 11:03:33 +00:00
credCentrify "github.com/hashicorp/vault-plugin-auth-centrify"
rename pcf to cf maintaining backwards compat (#7346)
2019-08-26 16:55:08 +00:00
credCF "github.com/hashicorp/vault-plugin-auth-cf"
Add gcp and kubernetes back now that they're updated
2018-01-19 10:56:34 +00:00
credGcp "github.com/hashicorp/vault-plugin-auth-gcp/plugin"
Create alias and command for OIDC (#6206)
2019-02-11 21:37:55 +00:00
credOIDC "github.com/hashicorp/vault-plugin-auth-jwt"
Add Kerberos SPNEGO auth plugin (#7908)
2019-12-11 19:18:37 +00:00
credKerb "github.com/hashicorp/vault-plugin-auth-kerberos"
Bundle OCI Auth method (#7422)
2019-09-04 23:46:00 +00:00
credOCI "github.com/hashicorp/vault-plugin-auth-oci"
Wire all commands together
2017-09-05 04:05:53 +00:00
credAws "github.com/hashicorp/vault/builtin/credential/aws"
credCert "github.com/hashicorp/vault/builtin/credential/cert"
credGitHub "github.com/hashicorp/vault/builtin/credential/github"
credLdap "github.com/hashicorp/vault/builtin/credential/ldap"
credOkta "github.com/hashicorp/vault/builtin/credential/okta"
credToken "github.com/hashicorp/vault/builtin/credential/token"
credUserpass "github.com/hashicorp/vault/builtin/credential/userpass"
Run all builtins as plugins (#5536)
2018-11-07 01:21:24 +00:00
logicalKv "github.com/hashicorp/vault-plugin-secrets-kv"
logicalDb "github.com/hashicorp/vault/builtin/logical/database"
Aerospike storage backend (#10131) * add an Aerospike storage backend * go mod vendor * add Aerospike storage configuration docs * review fixes * bump aerospike client to v3.1.1 * rename the defaultHostname variable * relocate the docs page
2021-01-12 23:26:07 +00:00
physAerospike "github.com/hashicorp/vault/physical/aerospike"
Alibaba Object Storage support (#4783)
2018-08-13 21:03:24 +00:00
physAliCloudOSS "github.com/hashicorp/vault/physical/alicloudoss"
Wire all commands together
2017-09-05 04:05:53 +00:00
physAzure "github.com/hashicorp/vault/physical/azure"
physCassandra "github.com/hashicorp/vault/physical/cassandra"
physCockroachDB "github.com/hashicorp/vault/physical/cockroachdb"
physConsul "github.com/hashicorp/vault/physical/consul"
physCouchDB "github.com/hashicorp/vault/physical/couchdb"
physDynamoDB "github.com/hashicorp/vault/physical/dynamodb"
physEtcd "github.com/hashicorp/vault/physical/etcd"
FoundationDB physical backend (#4900)
2018-07-16 14:18:09 +00:00
physFoundationDB "github.com/hashicorp/vault/physical/foundationdb"
Wire all commands together
2017-09-05 04:05:53 +00:00
physGCS "github.com/hashicorp/vault/physical/gcs"
Adding Manta Storage Backend (#3720) This PR adds a new Storage Backend for Triton's Object Storage - Manta ``` make testacc TEST=./physical/manta ==> Checking that code complies with gofmt requirements... ==> Checking that build is using go version >= 1.9.1... go generate VAULT_ACC=1 go test -tags='vault' ./physical/manta -v -timeout 45m === RUN TestMantaBackend --- PASS: TestMantaBackend (61.18s) PASS ok github.com/hashicorp/vault/physical/manta 61.210s ``` Manta behaves differently to how S3 works - it has no such concepts of Buckets - it is merely a filesystem style object store Therefore, we have chosen the approach of when writing a secret `foo` it will actually map (on disk) as foo/.vault_value The reason for this is because if we write the secret `foo/bar` and then try and Delete a key using the name `foo` then Manta will complain that the folder is not empty because `foo/bar` exists. Therefore, `foo/bar` is written as `foo/bar/.vault_value` The value of the key is *always* written to a directory tree of the name and put in a `.vault_value` file.
2018-02-12 23:22:41 +00:00
physManta "github.com/hashicorp/vault/physical/manta"
Wire all commands together
2017-09-05 04:05:53 +00:00
physMSSQL "github.com/hashicorp/vault/physical/mssql"
physMySQL "github.com/hashicorp/vault/physical/mysql"
Added OCI Object Storage Plugin (#6985)
2019-09-04 18:33:16 +00:00
physOCI "github.com/hashicorp/vault/physical/oci"
Wire all commands together
2017-09-05 04:05:53 +00:00
physPostgreSQL "github.com/hashicorp/vault/physical/postgresql"
Raft Storage Backend (#6888) * Work on raft backend * Add logstore locally * Add encryptor and unsealable interfaces * Add clustering support to raft * Remove client and handler * Bootstrap raft on init * Cleanup raft logic a bit * More raft work * Work on TLS config * More work on bootstrapping * Fix build * More work on bootstrapping * More bootstrapping work * fix build * Remove consul dep * Fix build * merged oss/master into raft-storage * Work on bootstrapping * Get bootstrapping to work * Clean up FMS and node-id * Update local node ID logic * Cleanup node-id change * Work on snapshotting * Raft: Add remove peer API (#906) * Add remove peer API * Add some comments * Fix existing snapshotting (#909) * Raft get peers API (#912) * Read raft configuration * address review feedback * Use the Leadership Transfer API to step-down the active node (#918) * Raft join and unseal using Shamir keys (#917) * Raft join using shamir * Store AEAD instead of master key * Split the raft join process to answer the challenge after a successful unseal * get the follower to standby state * Make unseal work * minor changes * Some input checks * reuse the shamir seal access instead of new default seal access * refactor joinRaftSendAnswer function * Synchronously send answer in auto-unseal case * Address review feedback * Raft snapshots (#910) * Fix existing snapshotting * implement the noop snapshotting * Add comments and switch log libraries * add some snapshot tests * add snapshot test file * add TODO * More work on raft snapshotting * progress on the ConfigStore strategy * Don't use two buckets * Update the snapshot store logic to hide the file logic * Add more backend tests * Cleanup code a bit * [WIP] Raft recovery (#938) * Add recovery functionality * remove fmt.Printfs * Fix a few fsm bugs * Add max size value for raft backend (#942) * Add max size value for raft backend * Include physical.ErrValueTooLarge in the message * Raft snapshot Take/Restore API (#926) * Inital work on raft snapshot APIs * Always redirect snapshot install/download requests * More work on the snapshot APIs * Cleanup code a bit * On restore handle special cases * Use the seal to encrypt the sha sum file * Add sealer mechanism and fix some bugs * Call restore while state lock is held * Send restore cb trigger through raft log * Make error messages nicer * Add test helpers * Add snapshot test * Add shamir unseal test * Add more raft snapshot API tests * Fix locking * Change working to initalize * Add underlying raw object to test cluster core * Move leaderUUID to core * Add raft TLS rotation logic (#950) * Add TLS rotation logic * Cleanup logic a bit * Add/Remove from follower state on add/remove peer * add comments * Update more comments * Update request_forwarding_service.proto * Make sure we populate all nodes in the followerstate obj * Update times * Apply review feedback * Add more raft config setting (#947) * Add performance config setting * Add more config options and fix tests * Test Raft Recovery (#944) * Test raft recovery * Leave out a node during recovery * remove unused struct * Update physical/raft/snapshot_test.go * Update physical/raft/snapshot_test.go * fix vendoring * Switch to new raft interface * Remove unused files * Switch a gogo -> proto instance * Remove unneeded vault dep in go.sum * Update helper/testhelpers/testhelpers.go Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com> * Update vault/cluster/cluster.go * track active key within the keyring itself (#6915) * track active key within the keyring itself * lookup and store using the active key ID * update docstring * minor refactor * Small text fixes (#6912) * Update physical/raft/raft.go Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com> * review feedback * Move raft logical system into separate file * Update help text a bit * Enforce cluster addr is set and use it for raft bootstrapping * Fix tests * fix http test panic * Pull in latest raft-snapshot library * Add comment
2019-06-20 19:14:58 +00:00
physRaft "github.com/hashicorp/vault/physical/raft"
Wire all commands together
2017-09-05 04:05:53 +00:00
physS3 "github.com/hashicorp/vault/physical/s3"
Add support for Google Cloud Spanner (#3977)
2018-02-15 01:31:20 +00:00
physSpanner "github.com/hashicorp/vault/physical/spanner"
Wire all commands together
2017-09-05 04:05:53 +00:00
physSwift "github.com/hashicorp/vault/physical/swift"
physZooKeeper "github.com/hashicorp/vault/physical/zookeeper"
Move physical/file to sdk
2019-04-15 18:51:33 +00:00
physFile "github.com/hashicorp/vault/sdk/physical/file"
Switch to go modules (#6585) * Switch to go modules * Make fmt
2019-04-13 07:44:06 +00:00
physInmem "github.com/hashicorp/vault/sdk/physical/inmem"
Introduce optional service_registration stanza (#7887) * move ServiceDiscovery into methods * add ServiceDiscoveryFactory * add serviceDiscovery field to vault.Core * refactor ConsulServiceDiscovery into separate struct * cleanup * revert accidental change to go.mod * cleanup * get rid of un-needed struct tags in vault.CoreConfig * add service_discovery parser * add ServiceDiscovery to config * cleanup * cleanup * add test for ConfigServiceDiscovery to Core * unit testing for config service_discovery stanza * cleanup * get rid of un-needed redirect_addr stuff in service_discovery stanza * improve test suite * cleanup * clean up test a bit * create docs for service_discovery * check if service_discovery is configured, but storage does not support HA * tinker with test * tinker with test * tweak docs * move ServiceDiscovery into its own package * tweak a variable name * fix comment * rename service_discovery to service_registration * tweak service_registration config * Revert "tweak service_registration config" This reverts commit 5509920a8ab4c5a216468f262fc07c98121dce35. * simplify naming * refactor into ./serviceregistration/consul
2019-12-06 14:46:39 +00:00
sr "github.com/hashicorp/vault/serviceregistration"
csr "github.com/hashicorp/vault/serviceregistration/consul"
Add Kubernetes service registration (#8249)
2020-02-13 17:56:29 +00:00
ksr "github.com/hashicorp/vault/serviceregistration/kubernetes"
Wire all commands together
2017-09-05 04:05:53 +00:00
)
CLI Enhancements (#3897) * Use Colored UI if stdout is a tty * Add format options to operator unseal * Add format test on operator unseal * Add -no-color output flag, and use BasicUi if no-color flag is provided * Move seal status formatting logic to OutputSealStatus * Apply no-color to warnings from DeprecatedCommands as well * Add OutputWithFormat to support arbitrary data, add format option to auth list * Add ability to output arbitrary list data on TableFormatter * Clear up switch logic on format * Add format option for list-related commands * Add format option to rest of commands that returns a client API response * Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead * Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead * Remove -no-color flag, use env var exclusively to toggle colored output * Fix compile * Remove -no-color flag in main.go * Add missing FlagSetOutputFormat * Fix generate-root/decode test * Migrate init functions to main.go * Add no-color flag back as hidden * Handle non-supported data types for TableFormatter.OutputList * Pull formatting much further up to remove the need to use c.flagFormat (#3950) * Pull formatting much further up to remove the need to use c.flagFormat Also remove OutputWithFormat as the logic can cause issues. * Use const for env var * Minor updates * Remove unnecessary check * Fix SSH output and some tests * Fix tests * Make race detector not run on generate root since it kills Travis these days * Update docs * Update docs * Address review feedback * Handle --format as well as -format
2018-02-12 23:12:16 +00:00
const (
// EnvVaultCLINoColor is an env var that toggles colored UI output.
EnvVaultCLINoColor = `VAULT_CLI_NO_COLOR`
// EnvVaultFormat is the output format
EnvVaultFormat = `VAULT_FORMAT`
Pull out license commands, and make the OSS changes needed for the license inspect PR in ent. (#11783)
2021-06-07 18:44:20 +00:00
// EnvVaultLicense is an env var used in Vault Enterprise to provide a license blob
EnvVaultLicense = "VAULT_LICENSE"
// EnvVaultLicensePath is an env var used in Vault Enterprise to provide a
// path to a license file on disk
EnvVaultLicensePath = "VAULT_LICENSE_PATH"
Vault CLI: show detailed information with ListResponseWithInfo (#15417) * CLI: Add ability to display ListResponseWithInfos The Vault Server API includes a ListResponseWithInfo call, allowing LIST responses to contain additional information about their keys. This is in a key=value mapping format (both for each key, to get the additional metadata, as well as within each metadata). Expand the `vault list` CLI command with a `-detailed` flag (and env var VAULT_DETAILED_LISTS) to print this additional metadata. This looks roughly like the following: $ vault list -detailed pki/issuers Keys issuer_name ---- ----------- 0cba84d7-bbbe-836a-4ff6-a11b31dc0fb7 n/a 35dfb02d-0cdb-3d35-ee64-d0cd6568c6b0 n/a 382fad1e-e99c-9c54-e147-bb1faa8033d3 n/a 8bb4a793-2ad9-460c-9fa8-574c84a981f7 n/a 8bd231d7-20e2-f21f-ae1a-7aa3319715e7 n/a 9425d51f-cb81-426d-d6ad-5147d092094e n/a ae679732-b497-ab0d-3220-806a2b9d81ed n/a c5a44a1f-2ae4-2140-3acf-74b2609448cc utf8 d41d2419-efce-0e36-c96b-e91179a24dc1 something Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Allow detailed printing of LIST responses in JSON When using the JSON formatter, only the absolute list of keys were returned. Reuse the `-detailed` flag value for the `-format=json` list response printer, allowing us to show the complete API response returned by Vault. This returns something like the following: { "request_id": "e9a25dcd-b67a-97d7-0f08-3670918ef3ff", "lease_id": "", "lease_duration": 0, "renewable": false, "data": { "key_info": { "0cba84d7-bbbe-836a-4ff6-a11b31dc0fb7": { "issuer_name": "" }, "35dfb02d-0cdb-3d35-ee64-d0cd6568c6b0": { "issuer_name": "" }, "382fad1e-e99c-9c54-e147-bb1faa8033d3": { "issuer_name": "" }, "8bb4a793-2ad9-460c-9fa8-574c84a981f7": { "issuer_name": "" }, "8bd231d7-20e2-f21f-ae1a-7aa3319715e7": { "issuer_name": "" }, "9425d51f-cb81-426d-d6ad-5147d092094e": { "issuer_name": "" }, "ae679732-b497-ab0d-3220-806a2b9d81ed": { "issuer_name": "" }, "c5a44a1f-2ae4-2140-3acf-74b2609448cc": { "issuer_name": "utf8" }, "d41d2419-efce-0e36-c96b-e91179a24dc1": { "issuer_name": "something" } }, "keys": [ "0cba84d7-bbbe-836a-4ff6-a11b31dc0fb7", "35dfb02d-0cdb-3d35-ee64-d0cd6568c6b0", "382fad1e-e99c-9c54-e147-bb1faa8033d3", "8bb4a793-2ad9-460c-9fa8-574c84a981f7", "8bd231d7-20e2-f21f-ae1a-7aa3319715e7", "9425d51f-cb81-426d-d6ad-5147d092094e", "ae679732-b497-ab0d-3220-806a2b9d81ed", "c5a44a1f-2ae4-2140-3acf-74b2609448cc", "d41d2419-efce-0e36-c96b-e91179a24dc1" ] }, "warnings": null } Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add changelog Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Use field on UI rather than secret.Data Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Only include headers from visitable key_infos Certain API endpoints return data from non-visitable key_infos, by virtue of using a hand-rolled response. Limit our headers to those from visitable key_infos. This means we won't return entire columns with n/a entries, if no key matches the key_info key that includes that header. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Use setupEnv sourced detailed info Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Fix changelog environment variable Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Fix broken tests using setupEnv Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-18 17:00:50 +00:00
// EnvVaultDetailed is to output detailed information (e.g., ListResponseWithInfo).
EnvVaultDetailed = `VAULT_DETAILED`
VAULT-9900: Log rotation for 'agent' and 'server' commands (#18031) * Work to unify log-file for agent/server and add rotation * Updates to rotation code, tried to centralise the log config setup * logging + tests * Move LogFile to ShareConfig in test * Docs
2022-11-29 14:07:04 +00:00
// EnvVaultLogFormat is used to specify the log format. Supported values are "standard" and "json"
EnvVaultLogFormat = "VAULT_LOG_FORMAT"
VAULT-8732: Add `log-file` to Vault Agent (#17841) * Started work on adding log-file support to Agent * Allow log file to be picked up and appended * Use NewLogFile everywhere * Tried to pull out the config aggregation from Agent.Run Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2022-11-11 10:59:16 +00:00
// EnvVaultLogLevel is used to specify the log level applied to logging
// Supported log levels: Trace, Debug, Error, Warn, Info
EnvVaultLogLevel = "VAULT_LOG_LEVEL"
Audit HMAC values on AuthConfig (#4077) * Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs * docs: Add ttl params to auth enable endpoint * Rewording of go string to simply string * Add audit hmac keys as CLI flags on auth/secrets enable * Fix copypasta mistake * Add audit hmac keys to auth and secrets list * Only set config values if they exist * Fix http sys/auth tests * More auth plugin_name test fixes * Pass API values into MountEntry's config when creating auth/secrets mount * Update usage wording
2018-03-09 19:32:28 +00:00
SSCT Tokens Feature [OSS] (#14109) * port SSCT OSS * port header hmac key to ent and generate token proto without make command * remove extra nil check in request handling * add changelog * add comment to router.go * change test var to use length constants * remove local index is 0 check and extra defer which can be removed after use of ExternalID
2022-02-17 19:43:07 +00:00
// DisableSSCTokens is an env var used to disable index bearing
// token functionality
DisableSSCTokens = "VAULT_DISABLE_SERVER_SIDE_CONSISTENT_TOKENS"
Support reading Vault's address from Agent's config file (#6306) * Support reading Vault's address from Agent's config file * use consts and switch * Add tls options to agent config vault block * Update command/agent/config/config.go Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com> * remove fmt.Printfs
2019-02-28 22:29:28 +00:00
// flagNameAddress is the flag used in the base command to read in the
// address of the Vault server.
flagNameAddress = "address"
// flagnameCACert is the flag used in the base command to read in the CA
// cert.
flagNameCACert = "ca-cert"
// flagnameCAPath is the flag used in the base command to read in the CA
// cert path.
flagNameCAPath = "ca-path"
Run a more strict formatter over the code (#11312) * Update tooling * Run gofumpt * go mod vendor
2021-04-08 16:43:39 +00:00
// flagNameClientCert is the flag used in the base command to read in the
// client key
added client_key and client_cert options to the agent config (#6319)
2019-03-01 20:11:16 +00:00
flagNameClientKey = "client-key"
Run a more strict formatter over the code (#11312) * Update tooling * Run gofumpt * go mod vendor
2021-04-08 16:43:39 +00:00
// flagNameClientCert is the flag used in the base command to read in the
// client cert
added client_key and client_cert options to the agent config (#6319)
2019-03-01 20:11:16 +00:00
flagNameClientCert = "client-cert"
Support reading Vault's address from Agent's config file (#6306) * Support reading Vault's address from Agent's config file * use consts and switch * Add tls options to agent config vault block * Update command/agent/config/config.go Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com> * remove fmt.Printfs
2019-02-28 22:29:28 +00:00
// flagNameTLSSkipVerify is the flag used in the base command to read in
// the option to ignore TLS certificate verification.
flagNameTLSSkipVerify = "tls-skip-verify"
Add TLS server name to Vault stanza of Agent configuration (#7519)
2019-10-29 13:11:01 +00:00
// flagTLSServerName is the flag used in the base command to read in
// the TLS server name.
flagTLSServerName = "tls-server-name"
Audit HMAC values on AuthConfig (#4077) * Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs * docs: Add ttl params to auth enable endpoint * Rewording of go string to simply string * Add audit hmac keys as CLI flags on auth/secrets enable * Fix copypasta mistake * Add audit hmac keys to auth and secrets list * Only set config values if they exist * Fix http sys/auth tests * More auth plugin_name test fixes * Pass API values into MountEntry's config when creating auth/secrets mount * Update usage wording
2018-03-09 19:32:28 +00:00
// flagNameAuditNonHMACRequestKeys is the flag name used for auth/secrets enable
flagNameAuditNonHMACRequestKeys = "audit-non-hmac-request-keys"
// flagNameAuditNonHMACResponseKeys is the flag name used for auth/secrets enable
flagNameAuditNonHMACResponseKeys = "audit-non-hmac-response-keys"
Add description flag to secrets and auth tune subcommands (#4894) * Add description flag to secrets and auth tune subcommands * Allow empty description to be provided in secret and auth mount tune * Use flagNameDescription
2018-07-12 15:15:50 +00:00
// flagNameDescription is the flag name used for tuning the secret and auth mount description parameter
flagNameDescription = "description"
Unauthenticated endpoint to list secret and auth mounts (#4134) * Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs * docs: Add ttl params to auth enable endpoint * Rewording of go string to simply string * Add audit hmac keys as CLI flags on auth/secrets enable * Fix copypasta mistake * WIP on auth-list endpoint * Rename variable to be singular, add CLI flag, show value in auth and secrets list * Add audit hmac keys to auth and secrets list * Only set config values if they exist * Fix http sys/auth tests * More auth plugin_name test fixes * Rename tag internal_ui_show_mount to _ui_show_mount * Add tests * Make endpoint unauthed * Rename field to listing_visibility * Add listing-visibility to cli tune commands * Use ListingVisiblityType * Fix type conversion * Do not actually change token's value on testHttpGet * Remove unused ListingVisibilityAuth, use const in pathInternalUIMountsRead
2018-03-20 03:16:33 +00:00
// flagListingVisibility is the flag to toggle whether to show the mount in the UI-specific listing endpoint
flagNameListingVisibility = "listing-visibility"
Passthrough request headers (#4172) * Add passthrough request headers for secret/auth mounts * Update comments * Fix SyncCache deletion of passthrough_request_headers * Remove debug line * Case-insensitive header comparison * Remove unnecessary allocation * Short-circuit filteredPassthroughHeaders if there's nothing to filter * Add whitelistedHeaders list * Update router logic after merge * Add whitelist test * Add lowercase x-vault-kv-client to whitelist * Add back const * Refactor whitelist logic
2018-03-21 23:56:47 +00:00
// flagNamePassthroughRequestHeaders is the flag name used to set passthrough request headers to the backend
flagNamePassthroughRequestHeaders = "passthrough-request-headers"
Add allowed_response_headers (#6115)
2019-02-05 21:02:15 +00:00
// flagNameAllowedResponseHeaders is used to set allowed response headers from a plugin
flagNameAllowedResponseHeaders = "allowed-response-headers"
Batch tokens (#755)
2018-10-15 16:56:24 +00:00
// flagNameTokenType is the flag name used to force a specific token type
flagNameTokenType = "token-type"
CLI changes for new mount tune config parameter allowed_managed_keys (#13255) * CLI changes for new mount tune config parameter allowed_managed_keys * Correct allowed_managed_keys description in auth and secrets * Documentation update for secrets and removed changes for auth * Add changelog and remove documentation changes for auth * removed changelog * Correct the field description
2021-12-10 17:08:28 +00:00
// flagNameAllowedManagedKeys is the flag name used for auth/secrets enable
flagNameAllowedManagedKeys = "allowed-managed-keys"
CLI: Tune plugin version for auth/secret mounts (#17277) * Add -plugin-version flag to vault auth/secrets tune * CLI tests for auth/secrets tune * CLI test for plugin register * Plugin catalog listing bug where plugins of different type with the same name could be double counted * Use constant for -plugin-version flag name
2022-09-22 19:55:46 +00:00
// flagNamePluginVersion selects what version of a plugin should be used.
flagNamePluginVersion = "plugin-version"
Vault 8305 Prevent Brute Forcing in Auth methods : Setting user lockout configuration (#17338) * config file changes * lockout config changes * auth tune r/w and auth tune * removing changes at enable * removing q.Q * go mod tidy * removing comments * changing struct name for config file * fixing mount tune * adding test file for user lockout * fixing comments and add changelog * addressing comments * fixing mount table updates * updating consts in auth_tune * small fixes * adding hcl parse test * fixing config compare * fixing github comments * optimize userlockouts.go * fixing test * minor changes * adding comments * adding sort to flaky test * fix flaky test
2022-11-01 18:02:07 +00:00
// flagNameUserLockoutThreshold is the flag name used for tuning the auth mount lockout threshold parameter
flagNameUserLockoutThreshold = "user-lockout-threshold"
// flagNameUserLockoutDuration is the flag name used for tuning the auth mount lockout duration parameter
flagNameUserLockoutDuration = "user-lockout-duration"
// flagNameUserLockoutCounterResetDuration is the flag name used for tuning the auth mount lockout counter reset parameter
flagNameUserLockoutCounterResetDuration = "user-lockout-counter-reset-duration"
// flagNameUserLockoutDisable is the flag name used for tuning the auth mount disable lockout parameter
flagNameUserLockoutDisable = "user-lockout-disable"
Added flag and env var which will disable client redirection (#17352) * Added flag and env var which will disable client redirection * Added changelog * Docs fix for unsaved file, and test single request made * Updated test for case when redirect is enabled, updated docs based on suggestions
2022-09-30 08:29:37 +00:00
// flagNameDisableRedirects is used to prevent the client from honoring a single redirect as a response to a request
flagNameDisableRedirects = "disable-redirects"
VAULT-9900: Log rotation for 'agent' and 'server' commands (#18031) * Work to unify log-file for agent/server and add rotation * Updates to rotation code, tried to centralise the log config setup * logging + tests * Move LogFile to ShareConfig in test * Docs
2022-11-29 14:07:04 +00:00
// flagNameCombineLogs is used to specify whether log output should be combined and sent to stdout
flagNameCombineLogs = "combine-logs"
VAULT-8732: Add `log-file` to Vault Agent (#17841) * Started work on adding log-file support to Agent * Allow log file to be picked up and appended * Use NewLogFile everywhere * Tried to pull out the config aggregation from Agent.Run Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2022-11-11 10:59:16 +00:00
// flagNameLogFile is used to specify the path to the log file that Vault should use for logging
flagNameLogFile = "log-file"
VAULT-9900: Log rotation for 'agent' and 'server' commands (#18031) * Work to unify log-file for agent/server and add rotation * Updates to rotation code, tried to centralise the log config setup * logging + tests * Move LogFile to ShareConfig in test * Docs
2022-11-29 14:07:04 +00:00
// flagNameLogRotateBytes is the flag used to specify the number of bytes a log file should be before it is rotated.
flagNameLogRotateBytes = "log-rotate-bytes"
// flagNameLogRotateDuration is the flag used to specify the duration after which a log file should be rotated.
flagNameLogRotateDuration = "log-rotate-duration"
// flagNameLogRotateMaxFiles is the flag used to specify the maximum number of older/archived log files to keep.
flagNameLogRotateMaxFiles = "log-rotate-max-files"
// flagNameLogFormat is the flag used to specify the log format. Supported values are "standard" and "json"
flagNameLogFormat = "log-format"
VAULT-8732: Add `log-file` to Vault Agent (#17841) * Started work on adding log-file support to Agent * Allow log file to be picked up and appended * Use NewLogFile everywhere * Tried to pull out the config aggregation from Agent.Run Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2022-11-11 10:59:16 +00:00
// flagNameLogLevel is used to specify the log level applied to logging
// Supported log levels: Trace, Debug, Error, Warn, Info
flagNameLogLevel = "log-level"
CLI Enhancements (#3897) * Use Colored UI if stdout is a tty * Add format options to operator unseal * Add format test on operator unseal * Add -no-color output flag, and use BasicUi if no-color flag is provided * Move seal status formatting logic to OutputSealStatus * Apply no-color to warnings from DeprecatedCommands as well * Add OutputWithFormat to support arbitrary data, add format option to auth list * Add ability to output arbitrary list data on TableFormatter * Clear up switch logic on format * Add format option for list-related commands * Add format option to rest of commands that returns a client API response * Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead * Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead * Remove -no-color flag, use env var exclusively to toggle colored output * Fix compile * Remove -no-color flag in main.go * Add missing FlagSetOutputFormat * Fix generate-root/decode test * Migrate init functions to main.go * Add no-color flag back as hidden * Handle non-supported data types for TableFormatter.OutputList * Pull formatting much further up to remove the need to use c.flagFormat (#3950) * Pull formatting much further up to remove the need to use c.flagFormat Also remove OutputWithFormat as the logic can cause issues. * Use const for env var * Minor updates * Remove unnecessary check * Fix SSH output and some tests * Fix tests * Make race detector not run on generate root since it kills Travis these days * Update docs * Update docs * Address review feedback * Handle --format as well as -format
2018-02-12 23:12:16 +00:00
)
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
var (
auditBackends = map[string]audit.Factory{
"file": auditFile.Factory,
"socket": auditSocket.Factory,
"syslog": auditSyslog.Factory,
}
credentialBackends = map[string]logical.Factory{
Run all builtins as plugins (#5536)
2018-11-07 01:21:24 +00:00
"plugin": plugin.Factory,
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
}
logicalBackends = map[string]logical.Factory{
Run all builtins as plugins (#5536)
2018-11-07 01:21:24 +00:00
"plugin": plugin.Factory,
"database": logicalDb.Factory,
// This is also available in the plugin catalog, but is here due to the need to
// automatically mount it.
"kv": logicalKv.Factory,
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
}
physicalBackends = map[string]physical.Factory{
Aerospike storage backend (#10131) * add an Aerospike storage backend * go mod vendor * add Aerospike storage configuration docs * review fixes * bump aerospike client to v3.1.1 * rename the defaultHostname variable * relocate the docs page
2021-01-12 23:26:07 +00:00
"aerospike": physAerospike.NewAerospikeBackend,
Alibaba Object Storage support (#4783)
2018-08-13 21:03:24 +00:00
"alicloudoss": physAliCloudOSS.NewAliCloudOSSBackend,
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
"azure": physAzure.NewAzureBackend,
"cassandra": physCassandra.NewCassandraBackend,
"cockroachdb": physCockroachDB.NewCockroachDBBackend,
"consul": physConsul.NewConsulBackend,
"couchdb_transactional": physCouchDB.NewTransactionalCouchDBBackend,
"couchdb": physCouchDB.NewCouchDBBackend,
"dynamodb": physDynamoDB.NewDynamoDBBackend,
"etcd": physEtcd.NewEtcdBackend,
"file_transactional": physFile.NewTransactionalFileBackend,
"file": physFile.NewFileBackend,
FoundationDB physical backend (#4900)
2018-07-16 14:18:09 +00:00
"foundationdb": physFoundationDB.NewFDBBackend,
Add HA support to the Google Cloud Storage backend (#4226)
2018-03-30 16:36:37 +00:00
"gcs": physGCS.NewBackend,
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
"inmem_ha": physInmem.NewInmemHA,
"inmem_transactional_ha": physInmem.NewTransactionalInmemHA,
"inmem_transactional": physInmem.NewTransactionalInmem,
"inmem": physInmem.NewInmem,
Make fmt
2018-02-13 02:01:14 +00:00
"manta": physManta.NewMantaBackend,
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
"mssql": physMSSQL.NewMSSQLBackend,
"mysql": physMySQL.NewMySQLBackend,
Added OCI Object Storage Plugin (#6985)
2019-09-04 18:33:16 +00:00
"oci": physOCI.NewBackend,
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
"postgresql": physPostgreSQL.NewPostgreSQLBackend,
"s3": physS3.NewS3Backend,
Add support for Google Cloud Spanner (#3977)
2018-02-15 01:31:20 +00:00
"spanner": physSpanner.NewBackend,
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
"swift": physSwift.NewSwiftBackend,
Raft Storage Backend (#6888) * Work on raft backend * Add logstore locally * Add encryptor and unsealable interfaces * Add clustering support to raft * Remove client and handler * Bootstrap raft on init * Cleanup raft logic a bit * More raft work * Work on TLS config * More work on bootstrapping * Fix build * More work on bootstrapping * More bootstrapping work * fix build * Remove consul dep * Fix build * merged oss/master into raft-storage * Work on bootstrapping * Get bootstrapping to work * Clean up FMS and node-id * Update local node ID logic * Cleanup node-id change * Work on snapshotting * Raft: Add remove peer API (#906) * Add remove peer API * Add some comments * Fix existing snapshotting (#909) * Raft get peers API (#912) * Read raft configuration * address review feedback * Use the Leadership Transfer API to step-down the active node (#918) * Raft join and unseal using Shamir keys (#917) * Raft join using shamir * Store AEAD instead of master key * Split the raft join process to answer the challenge after a successful unseal * get the follower to standby state * Make unseal work * minor changes * Some input checks * reuse the shamir seal access instead of new default seal access * refactor joinRaftSendAnswer function * Synchronously send answer in auto-unseal case * Address review feedback * Raft snapshots (#910) * Fix existing snapshotting * implement the noop snapshotting * Add comments and switch log libraries * add some snapshot tests * add snapshot test file * add TODO * More work on raft snapshotting * progress on the ConfigStore strategy * Don't use two buckets * Update the snapshot store logic to hide the file logic * Add more backend tests * Cleanup code a bit * [WIP] Raft recovery (#938) * Add recovery functionality * remove fmt.Printfs * Fix a few fsm bugs * Add max size value for raft backend (#942) * Add max size value for raft backend * Include physical.ErrValueTooLarge in the message * Raft snapshot Take/Restore API (#926) * Inital work on raft snapshot APIs * Always redirect snapshot install/download requests * More work on the snapshot APIs * Cleanup code a bit * On restore handle special cases * Use the seal to encrypt the sha sum file * Add sealer mechanism and fix some bugs * Call restore while state lock is held * Send restore cb trigger through raft log * Make error messages nicer * Add test helpers * Add snapshot test * Add shamir unseal test * Add more raft snapshot API tests * Fix locking * Change working to initalize * Add underlying raw object to test cluster core * Move leaderUUID to core * Add raft TLS rotation logic (#950) * Add TLS rotation logic * Cleanup logic a bit * Add/Remove from follower state on add/remove peer * add comments * Update more comments * Update request_forwarding_service.proto * Make sure we populate all nodes in the followerstate obj * Update times * Apply review feedback * Add more raft config setting (#947) * Add performance config setting * Add more config options and fix tests * Test Raft Recovery (#944) * Test raft recovery * Leave out a node during recovery * remove unused struct * Update physical/raft/snapshot_test.go * Update physical/raft/snapshot_test.go * fix vendoring * Switch to new raft interface * Remove unused files * Switch a gogo -> proto instance * Remove unneeded vault dep in go.sum * Update helper/testhelpers/testhelpers.go Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com> * Update vault/cluster/cluster.go * track active key within the keyring itself (#6915) * track active key within the keyring itself * lookup and store using the active key ID * update docstring * minor refactor * Small text fixes (#6912) * Update physical/raft/raft.go Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com> * review feedback * Move raft logical system into separate file * Update help text a bit * Enforce cluster addr is set and use it for raft bootstrapping * Fix tests * fix http test panic * Pull in latest raft-snapshot library * Add comment
2019-06-20 19:14:58 +00:00
"raft": physRaft.NewRaftBackend,
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
"zookeeper": physZooKeeper.NewZooKeeperBackend,
}
Introduce optional service_registration stanza (#7887) * move ServiceDiscovery into methods * add ServiceDiscoveryFactory * add serviceDiscovery field to vault.Core * refactor ConsulServiceDiscovery into separate struct * cleanup * revert accidental change to go.mod * cleanup * get rid of un-needed struct tags in vault.CoreConfig * add service_discovery parser * add ServiceDiscovery to config * cleanup * cleanup * add test for ConfigServiceDiscovery to Core * unit testing for config service_discovery stanza * cleanup * get rid of un-needed redirect_addr stuff in service_discovery stanza * improve test suite * cleanup * clean up test a bit * create docs for service_discovery * check if service_discovery is configured, but storage does not support HA * tinker with test * tinker with test * tweak docs * move ServiceDiscovery into its own package * tweak a variable name * fix comment * rename service_discovery to service_registration * tweak service_registration config * Revert "tweak service_registration config" This reverts commit 5509920a8ab4c5a216468f262fc07c98121dce35. * simplify naming * refactor into ./serviceregistration/consul
2019-12-06 14:46:39 +00:00
serviceRegistrations = map[string]sr.Factory{
Add Kubernetes service registration (#8249)
2020-02-13 17:56:29 +00:00
"consul": csr.NewServiceRegistration,
"kubernetes": ksr.NewServiceRegistration,
Introduce optional service_registration stanza (#7887) * move ServiceDiscovery into methods * add ServiceDiscoveryFactory * add serviceDiscovery field to vault.Core * refactor ConsulServiceDiscovery into separate struct * cleanup * revert accidental change to go.mod * cleanup * get rid of un-needed struct tags in vault.CoreConfig * add service_discovery parser * add ServiceDiscovery to config * cleanup * cleanup * add test for ConfigServiceDiscovery to Core * unit testing for config service_discovery stanza * cleanup * get rid of un-needed redirect_addr stuff in service_discovery stanza * improve test suite * cleanup * clean up test a bit * create docs for service_discovery * check if service_discovery is configured, but storage does not support HA * tinker with test * tinker with test * tweak docs * move ServiceDiscovery into its own package * tweak a variable name * fix comment * rename service_discovery to service_registration * tweak service_registration config * Revert "tweak service_registration config" This reverts commit 5509920a8ab4c5a216468f262fc07c98121dce35. * simplify naming * refactor into ./serviceregistration/consul
2019-12-06 14:46:39 +00:00
}
Pull out license commands, and make the OSS changes needed for the license inspect PR in ent. (#11783)
2021-06-07 18:44:20 +00:00
initCommandsEnt = func(ui, serverCmdUi cli.Ui, runOpts *RunOptions) {}
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
)
Wire all commands together
2017-09-05 04:05:53 +00:00
// Commands is the mapping of all the available commands.
var Commands map[string]cli.CommandFactory
Change base command template to runopts and allow specifying stdout/stderr
2018-03-16 16:31:26 +00:00
func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) {
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
loginHandlers := map[string]LoginHandler{
Add alicloud auth (#5123) * add alicloud auth commands * add dependencies
2018-08-16 19:17:49 +00:00
"alicloud": &credAliCloud.CLIHandler{},
Add centrify CLI handler support
2018-02-05 15:56:57 +00:00
"aws": &credAws.CLIHandler{},
"centrify": &credCentrify.CLIHandler{},
"cert": &credCert.CLIHandler{},
Bundle OCI Auth method (#7422)
2019-09-04 23:46:00 +00:00
"cf": &credCF.CLIHandler{},
Add GCP auth helper (#4654) * update auth plugin vendoring * add GCP auth helper and docs
2018-05-30 00:36:24 +00:00
"gcp": &credGcp.CLIHandler{},
Add centrify CLI handler support
2018-02-05 15:56:57 +00:00
"github": &credGitHub.CLIHandler{},
Add Kerberos SPNEGO auth plugin (#7908)
2019-12-11 19:18:37 +00:00
"kerberos": &credKerb.CLIHandler{},
Add centrify CLI handler support
2018-02-05 15:56:57 +00:00
"ldap": &credLdap.CLIHandler{},
Bundle OCI Auth method (#7422)
2019-09-04 23:46:00 +00:00
"oci": &credOCI.CLIHandler{},
Create alias and command for OIDC (#6206)
2019-02-11 21:37:55 +00:00
"oidc": &credOIDC.CLIHandler{},
Add centrify CLI handler support
2018-02-05 15:56:57 +00:00
"okta": &credOkta.CLIHandler{},
rename pcf to cf maintaining backwards compat (#7346)
2019-08-26 16:55:08 +00:00
"pcf": &credCF.CLIHandler{}, // Deprecated.
Wire all commands together
2017-09-05 04:05:53 +00:00
"radius": &credUserpass.CLIHandler{
DefaultMount: "radius",
},
"token": &credToken.CLIHandler{},
"userpass": &credUserpass.CLIHandler{
DefaultMount: "userpass",
},
}
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
getBaseCommand := func() *BaseCommand {
return &BaseCommand{
UI: ui,
tokenHelper: runOpts.TokenHelper,
flagAddress: runOpts.Address,
Don't use environment as a mechanism for floating format around. (#4622) This turns out to not work very well for the demo server. Also, it's kinda hacky.
2018-05-23 20:45:17 +00:00
client: runOpts.Client,
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
}
}
Wire all commands together
2017-09-05 04:05:53 +00:00
Commands = map[string]cli.CommandFactory{
VSI (#4985)
2018-07-25 02:02:27 +00:00
"agent": func() (cli.Command, error) {
return &AgentCommand{
BaseCommand: &BaseCommand{
UI: serverCmdUi,
},
ShutdownCh: MakeShutdownCh(),
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"audit": func() (cli.Command, error) {
return &AuditCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
"audit disable": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &AuditDisableCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"audit enable": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &AuditEnableCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"audit list": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &AuditListCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"auth tune": func() (cli.Command, error) {
return &AuthTuneCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
Wire all commands together
2017-09-05 04:05:53 +00:00
"auth": func() (cli.Command, error) {
return &AuthCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"auth disable": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &AuthDisableCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"auth enable": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &AuthEnableCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"auth help": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &AuthHelpCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Handlers: loginHandlers,
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"auth list": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &AuthListCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
remount cli changes (#14159)
2022-02-18 16:50:05 +00:00
"auth move": func() (cli.Command, error) {
return &AuthMoveCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Vault Debug (#7375) * cli: initial work on debug; server-status target * debug: add metrics capture target (#7376) * check against DR secondary * debug: add compression * refactor check into preflight func * debug: set short test time on tests, fix exit code bug * debug: use temp dir for output on tests * debug: use mholt/archiver for compression * first pass on adding pprof * use logger for output * refactor polling target capture logic * debug: poll and collect replication status * debug: poll and collect host-info; rename output files and collection refactor * fix comments * add archive test; fix bugs found * rename flag name to singular target * add target output test; scaffold other tests cases * debug/test: add pprof and index file tests * debug/test: add min timing check tests * debug: fix index gen race and collection goroutine race * debug: extend archive tests, handle race between program exit and polling goroutines * update docstring * debug: correctly add to pollingWg * debug: add config target support * debug: don't wait on interrupt shutdown; add file exists unit tests * move pprof bits into its goroutine * debug: skip empty metrics and some pprof file creation if permission denied, add matching unit test * address comments and feedback * Vault debug using run.Group (#7658) * debug: switch to use oklog/run.Group * debug: use context to cancel requests and interrupt rungroups. * debug: trigger the first interval properly * debug: metrics collection should use metrics interval * debug: add missing continue on metrics error * debug: remove the use of buffered chan to trigger first interval * debug: don't shadow BaseCommand's client, properly block on interval capture failures * debug: actually use c.cachedClient everywhere * go mod vendor * debug: run all pprof in goroutines; bump pprof timings in tests to reduce flakiness * debug: update help text
2019-10-15 22:39:19 +00:00
"debug": func() (cli.Command, error) {
return &DebugCommand{
BaseCommand: getBaseCommand(),
ShutdownCh: MakeShutdownCh(),
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"delete": func() (cli.Command, error) {
return &DeleteCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"lease": func() (cli.Command, error) {
return &LeaseCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"lease renew": func() (cli.Command, error) {
return &LeaseRenewCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Add command to look up a lease by ID (#11129) * snapshot * basic test * update command and add documentation * update help text * typo * add changelog for lease lookup command * run go mod vendor * remove tabs from help output
2021-03-18 16:11:09 +00:00
"lease lookup": func() (cli.Command, error) {
return &LeaseLookupCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"lease revoke": func() (cli.Command, error) {
return &LeaseRevokeCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"list": func() (cli.Command, error) {
return &ListCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"login": func() (cli.Command, error) {
return &LoginCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Handlers: loginHandlers,
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
Port over some ns stuff
2018-08-10 16:17:17 +00:00
"namespace": func() (cli.Command, error) {
return &NamespaceCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"namespace list": func() (cli.Command, error) {
return &NamespaceListCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"namespace lookup": func() (cli.Command, error) {
return &NamespaceLookupCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"namespace create": func() (cli.Command, error) {
return &NamespaceCreateCommand{
BaseCommand: getBaseCommand(),
}, nil
},
VAULT-7256: Add custom_metadata to namespaces (#16640) * add mapstructure tags to Namespace struct * add custom metadata Parse helper * add ns custom metadata and patch
2022-08-09 15:38:03 +00:00
"namespace patch": func() (cli.Command, error) {
return &NamespacePatchCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Port over some ns stuff
2018-08-10 16:17:17 +00:00
"namespace delete": func() (cli.Command, error) {
return &NamespaceDeleteCommand{
BaseCommand: getBaseCommand(),
}, nil
},
API Lock CLI OSS port (#12925) * api lock in oss * add namespace lock/unlock help
2021-10-26 16:52:29 +00:00
"namespace lock": func() (cli.Command, error) {
return &NamespaceAPILockCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"namespace unlock": func() (cli.Command, error) {
return &NamespaceAPIUnlockCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"operator": func() (cli.Command, error) {
return &OperatorCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
Expose unknown fields and duplicate sections as diagnose warnings (#11455) * Expose unknown fields and duplicate sections as diagnose warnings * section counts not needed, already handled * Address PR feedback * Prune more of the new fields before tests call deep.Equals * Update go.mod
2021-05-04 19:47:56 +00:00
"operator diagnose": func() (cli.Command, error) {
return &OperatorDiagnoseCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"operator generate-root": func() (cli.Command, error) {
return &OperatorGenerateRootCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
"operator init": func() (cli.Command, error) {
return &OperatorInitCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
"operator key-status": func() (cli.Command, error) {
return &OperatorKeyStatusCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
Add physical backend migrator command (#5143)
2018-09-25 23:18:22 +00:00
"operator migrate": func() (cli.Command, error) {
return &OperatorMigrateCommand{
BaseCommand: getBaseCommand(),
PhysicalBackends: physicalBackends,
ShutdownCh: MakeShutdownCh(),
}, nil
},
Added operator raft and operator raft snapshot descriptions (#7106)
2019-07-16 07:31:00 +00:00
"operator raft": func() (cli.Command, error) {
return &OperatorRaftCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Autopilot: Server Stabilization, State and Dead Server Cleanup (#10856) * k8s doc: update for 0.9.1 and 0.8.0 releases (#10825) * k8s doc: update for 0.9.1 and 0.8.0 releases * Update website/content/docs/platform/k8s/helm/configuration.mdx Co-authored-by: Theron Voran <tvoran@users.noreply.github.com> Co-authored-by: Theron Voran <tvoran@users.noreply.github.com> * Autopilot initial commit * Move autopilot related backend implementations to its own file * Abstract promoter creation * Add nil check for health * Add server state oss no-ops * Config ext stub for oss * Make way for non-voters * s/health/state * s/ReadReplica/NonVoter * Add synopsis and description * Remove struct tags from AutopilotConfig * Use var for config storage path * Handle nin-config when reading * Enable testing autopilot by using inmem cluster * First passing test * Only report the server as known if it is present in raft config * Autopilot defaults to on for all existing and new clusters * Add locking to some functions * Persist initial config * Clarify the command usage doc * Add health metric for each node * Fix audit logging issue * Don't set DisablePerformanceStandby to true in test * Use node id label for health metric * Log updates to autopilot config * Less aggressively consume config loading failures * Return a mutable config * Return early from known servers if raft config is unable to be pulled * Update metrics name * Reduce log level for potentially noisy log * Add knob to disable autopilot * Don't persist if default config is in use * Autopilot: Dead server cleanup (#10857) * Dead server cleanup * Initialize channel in any case * Fix a bunch of tests * Fix panic * Add follower locking in heartbeat tracker * Add LastContactFailureThreshold to config * Add log when marking node as dead * Update follower state locking in heartbeat tracker * Avoid follower states being nil * Pull test to its own file * Add execution status to state response * Optionally enable autopilot in some tests * Updates * Added API function to fetch autopilot configuration * Add test for default autopilot configuration * Configuration tests * Add State API test * Update test * Added TestClusterOptions.PhysicalFactoryConfig * Update locking * Adjust locking in heartbeat tracker * s/last_contact_failure_threshold/left_server_last_contact_threshold * Add disabling autopilot as a core config option * Disable autopilot in some tests * s/left_server_last_contact_threshold/dead_server_last_contact_threshold * Set the lastheartbeat of followers to now when setting up active node * Don't use config defaults from CLI command * Remove config file support * Remove HCL test as well * Persist only supplied config; merge supplied config with default to operate * Use pointer to structs for storing follower information * Test update * Retrieve non voter status from configbucket and set it up when a node comes up * Manage desired suffrage * Consider bucket being created already * Move desired suffrage to its own entry * s/DesiredSuffrageKey/LocalNodeConfigKey * s/witnessSuffrage/recordSuffrage * Fix test compilation * Handle local node config post a snapshot install * Commit to storage first; then record suffrage in fsm * No need of local node config being nili case, post snapshot restore * Reconcile autopilot config when a new leader takes over duty * Grab fsm lock when recording suffrage * s/Suffrage/DesiredSuffrage in FollowerState * Instantiate autopilot only in leader * Default to old ways in more scenarios * Make API gracefully handle 404 * Address some feedback * Make IsDead an atomic.Value * Simplify follower hearbeat tracking * Use uber.atomic * Don't have multiple causes for having autopilot disabled * Don't remove node from follower states if we fail to remove the dead server * Autopilot server removals map (#11019) * Don't remove node from follower states if we fail to remove the dead server * Use map to track dead server removals * Use lock and map * Use delegate lock * Adjust when to remove entry from map * Only hold the lock while accessing map * Fix race * Don't set default min_quorum * Fix test * Ensure follower states is not nil before starting autopilot * Fix race Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com> Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-03-03 18:59:50 +00:00
"operator raft autopilot get-config": func() (cli.Command, error) {
return &OperatorRaftAutopilotGetConfigCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator raft autopilot set-config": func() (cli.Command, error) {
return &OperatorRaftAutopilotSetConfigCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator raft autopilot state": func() (cli.Command, error) {
return &OperatorRaftAutopilotStateCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Rename raft configuration command to list-peers and make output easier to read (#8484) * Make the output of raft configuration easier to read * Rename raft configuration sub command to list-peers * Update command/operator_raft_listpeers.go Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com> Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-03-06 22:40:50 +00:00
"operator raft list-peers": func() (cli.Command, error) {
return &OperatorRaftListPeersCommand{
Raft CLI (#6893) * raft cli * Reuse the command's client * Better response handling * minor touchups
2019-06-21 01:32:00 +00:00
BaseCommand: getBaseCommand(),
}, nil
},
"operator raft join": func() (cli.Command, error) {
return &OperatorRaftJoinCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator raft remove-peer": func() (cli.Command, error) {
return &OperatorRaftRemovePeerCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Added operator raft and operator raft snapshot descriptions (#7106)
2019-07-16 07:31:00 +00:00
"operator raft snapshot": func() (cli.Command, error) {
return &OperatorRaftSnapshotCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Raft CLI (#6893) * raft cli * Reuse the command's client * Better response handling * minor touchups
2019-06-21 01:32:00 +00:00
"operator raft snapshot restore": func() (cli.Command, error) {
return &OperatorRaftSnapshotRestoreCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator raft snapshot save": func() (cli.Command, error) {
return &OperatorRaftSnapshotSaveCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"operator rekey": func() (cli.Command, error) {
return &OperatorRekeyCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
"operator rotate": func() (cli.Command, error) {
return &OperatorRotateCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"operator seal": func() (cli.Command, error) {
return &OperatorSealCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"operator step-down": func() (cli.Command, error) {
return &OperatorStepDownCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
"vault operator usage" CLI for client count reporting (#10365) * Working draft of CLI command. * Sort order, robustness checking. * Text edits and check of queries_available. * Added changelog.
2020-11-23 20:57:35 +00:00
"operator usage": func() (cli.Command, error) {
return &OperatorUsageCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"operator unseal": func() (cli.Command, error) {
return &OperatorUnsealCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Add "operator members" command to list nodes in the cluster. (#13292)
2021-11-30 19:49:58 +00:00
"operator members": func() (cli.Command, error) {
return &OperatorMembersCommand{
Add PATCH support to Vault CLI (#17650) * Add patch support to CLI This is based off the existing write command, using the JSONMergePatch(...) API client method rather than Write(...), allowing us to update specific fields. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add documentation on PATCH support Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add changelog Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-10-26 18:30:40 +00:00
BaseCommand: getBaseCommand(),
}, nil
},
"patch": func() (cli.Command, error) {
return &PatchCommand{
Add "operator members" command to list nodes in the cluster. (#13292)
2021-11-30 19:49:58 +00:00
BaseCommand: getBaseCommand(),
}, nil
},
Wire all commands together
2017-09-05 04:05:53 +00:00
"path-help": func() (cli.Command, error) {
return &PathHelpCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Add plugin CLI for interacting with the plugin catalog (#4911) * Add 'plugin list' command * Add 'plugin register' command * Add 'plugin deregister' command * Use a shared plugin helper * Add 'plugin read' command * Rename to plugin info * Add base plugin for help text * Fix arg ordering * Add docs * Rearrange to alphabetize * Fix arg ordering in example * Don't use "sudo" in command description
2018-07-13 17:35:08 +00:00
"plugin": func() (cli.Command, error) {
return &PluginCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"plugin deregister": func() (cli.Command, error) {
return &PluginDeregisterCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"plugin info": func() (cli.Command, error) {
return &PluginInfoCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"plugin list": func() (cli.Command, error) {
return &PluginListCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"plugin register": func() (cli.Command, error) {
return &PluginRegisterCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Added plugin reload function to api (#8777) * Added plugin reload function to api * Apply suggestions from code review Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com> * go mod vendor * addressing comments * addressing comments * add docs Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-05-04 18:14:23 +00:00
"plugin reload": func() (cli.Command, error) {
return &PluginReloadCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Global Plugin Reload: OSS Changes Take II (#9347) * Carefully move changes from the plugin-cluster-reload branch into this clean branch off master. * Don't test this at this level, adequately covered in the api level tests * Change PR link * go.mod * Vendoring * Vendor api/sys_plugins.go
2020-06-30 15:26:52 +00:00
"plugin reload-status": func() (cli.Command, error) {
return &PluginReloadStatusCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"policy": func() (cli.Command, error) {
return &PolicyCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"policy delete": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &PolicyDeleteCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"policy fmt": func() (cli.Command, error) {
return &PolicyFmtCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
"policy list": func() (cli.Command, error) {
return &PolicyListCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
"policy read": func() (cli.Command, error) {
return &PolicyReadCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
}, nil
},
"policy write": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &PolicyWriteCommand{
Add the ability to print curl commands from CLI (#6113)
2019-02-01 22:13:51 +00:00
BaseCommand: getBaseCommand(),
}, nil
},
remove panicking and added usage (#6208)
2019-02-11 19:19:08 +00:00
"print": func() (cli.Command, error) {
return &PrintCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Add the ability to print curl commands from CLI (#6113)
2019-02-01 22:13:51 +00:00
"print token": func() (cli.Command, error) {
return &PrintTokenCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
"read": func() (cli.Command, error) {
return &ReadCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"secrets": func() (cli.Command, error) {
return &SecretsCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"secrets disable": func() (cli.Command, error) {
return &SecretsDisableCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"secrets enable": func() (cli.Command, error) {
return &SecretsEnableCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"secrets list": func() (cli.Command, error) {
return &SecretsListCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"secrets move": func() (cli.Command, error) {
return &SecretsMoveCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"secrets tune": func() (cli.Command, error) {
return &SecretsTuneCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
"server": func() (cli.Command, error) {
return &ServerCommand{
BaseCommand: &BaseCommand{
Add RunCustom command to allow passing in a TokenHelper
2018-03-16 15:31:00 +00:00
UI: serverCmdUi,
Change base command template to runopts and allow specifying stdout/stderr
2018-03-16 16:31:26 +00:00
tokenHelper: runOpts.TokenHelper,
Allow sending address through RunCustom
2018-03-16 17:14:32 +00:00
flagAddress: runOpts.Address,
Wire all commands together
2017-09-05 04:05:53 +00:00
},
Adding tests to ensure all backends are mountable (#3861)
2018-02-01 16:30:04 +00:00
AuditBackends: auditBackends,
CredentialBackends: credentialBackends,
LogicalBackends: logicalBackends,
PhysicalBackends: physicalBackends,
Introduce optional service_registration stanza (#7887) * move ServiceDiscovery into methods * add ServiceDiscoveryFactory * add serviceDiscovery field to vault.Core * refactor ConsulServiceDiscovery into separate struct * cleanup * revert accidental change to go.mod * cleanup * get rid of un-needed struct tags in vault.CoreConfig * add service_discovery parser * add ServiceDiscovery to config * cleanup * cleanup * add test for ConfigServiceDiscovery to Core * unit testing for config service_discovery stanza * cleanup * get rid of un-needed redirect_addr stuff in service_discovery stanza * improve test suite * cleanup * clean up test a bit * create docs for service_discovery * check if service_discovery is configured, but storage does not support HA * tinker with test * tinker with test * tweak docs * move ServiceDiscovery into its own package * tweak a variable name * fix comment * rename service_discovery to service_registration * tweak service_registration config * Revert "tweak service_registration config" This reverts commit 5509920a8ab4c5a216468f262fc07c98121dce35. * simplify naming * refactor into ./serviceregistration/consul
2019-12-06 14:46:39 +00:00
ServiceRegistrations: serviceRegistrations,
ShutdownCh: MakeShutdownCh(),
SighupCh: MakeSighupCh(),
SigUSR2Ch: MakeSigUSR2Ch(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
"ssh": func() (cli.Command, error) {
return &SSHCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
"status": func() (cli.Command, error) {
return &StatusCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"token": func() (cli.Command, error) {
return &TokenCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"token create": func() (cli.Command, error) {
Wire all commands together
2017-09-05 04:05:53 +00:00
return &TokenCreateCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"token capabilities": func() (cli.Command, error) {
return &TokenCapabilitiesCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"token lookup": func() (cli.Command, error) {
return &TokenLookupCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"token renew": func() (cli.Command, error) {
return &TokenRenewCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Write all the deprecated commands together
2017-09-08 02:05:54 +00:00
"token revoke": func() (cli.Command, error) {
return &TokenRevokeCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
"unwrap": func() (cli.Command, error) {
return &UnwrapCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
"version": func() (cli.Command, error) {
return &VersionCommand{
VersionInfo: version.GetVersion(),
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
Add sys/version-history endpoint and associated command (#13766) * store version history as utc; add self-heal logic * add sys/version-history endpoint * change version history from GET to LIST, require auth * add "vault version-history" CLI command * add vault-version CLI error message for version string parsing * adding version-history API and CLI docs * add changelog entry * some version-history command fixes * remove extraneous cmd args * fix version-history command help text * specify in docs that endpoint was added in 1.10.0 Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com> * enforce UTC within storeVersionTimestamp directly * fix improper use of %w in logger.Warn * remove extra err check and erroneous return from loadVersionTimestamps * add >= 1.10.0 warning to version-history cmd * move sys/version-history tests Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2022-02-14 20:26:57 +00:00
"version-history": func() (cli.Command, error) {
return &VersionHistoryCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Wire all commands together
2017-09-05 04:05:53 +00:00
"write": func() (cli.Command, error) {
return &WriteCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Wire all commands together
2017-09-05 04:05:53 +00:00
}, nil
},
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
"kv": func() (cli.Command, error) {
return &KVCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
"kv put": func() (cli.Command, error) {
return &KVPutCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
Kv preflight (#4430) * Update kv command to use a preflight check * Make the existing ui endpoint return the allowed mounts * Add kv subcommand tests * Enable `-field` in `vault kv get/put` (#4426) * Enable `-field` in `vault kv get/put` Fixes #4424 * Unify nil value handling * Use preflight helper * Update vkv plugin * Add all the mount info when authenticated * Add fix the error message on put * add metadata test * No need to sort the capabilities * Remove the kv client header * kv patch command (#4432) * Fix test * Fix tests * Use permission denied instead of entity disabled
2018-04-23 22:00:02 +00:00
"kv patch": func() (cli.Command, error) {
return &KVPatchCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
Kv preflight (#4430) * Update kv command to use a preflight check * Make the existing ui endpoint return the allowed mounts * Add kv subcommand tests * Enable `-field` in `vault kv get/put` (#4426) * Enable `-field` in `vault kv get/put` Fixes #4424 * Unify nil value handling * Use preflight helper * Update vkv plugin * Add all the mount info when authenticated * Add fix the error message on put * add metadata test * No need to sort the capabilities * Remove the kv client header * kv patch command (#4432) * Fix test * Fix tests * Use permission denied instead of entity disabled
2018-04-23 22:00:02 +00:00
}, nil
},
Add `kv rollback` (#4774) * Add `kv rollback` Like `kv patch` this is more of a helper than anything else; it provides a single command to fetch the current version (for CAS), read the version you want to roll back to, and set it as the new version (using CAS for safety).
2018-06-15 19:34:17 +00:00
"kv rollback": func() (cli.Command, error) {
return &KVRollbackCommand{
BaseCommand: getBaseCommand(),
}, nil
},
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
"kv get": func() (cli.Command, error) {
return &KVGetCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
"kv delete": func() (cli.Command, error) {
return &KVDeleteCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
"kv list": func() (cli.Command, error) {
return &KVListCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
"kv destroy": func() (cli.Command, error) {
return &KVDestroyCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
"kv undelete": func() (cli.Command, error) {
return &KVUndeleteCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
"kv enable-versioning": func() (cli.Command, error) {
return &KVEnableVersioningCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
"kv metadata": func() (cli.Command, error) {
return &KVMetadataCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
"kv metadata put": func() (cli.Command, error) {
return &KVMetadataPutCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
Add HTTP PATCH support for KV key metadata (#13215) * go get vault-plugin-secrets-kv@vault-4290-patch-metadata * add kv metadata patch command * add changelog entry * success tests for kv metadata patch flags * add more kv metadata patch flags tests * add kv metadata patch cas warning test * add kv-v2 key metadata patch API docs * add kv metadata patch to docs * prevent unintentional field overwriting in kv metadata put cmd * like create/update ops, prevent patch to paths ending in / * fix kv metadata patch cmd in docs * fix flag defaults for kv metadata put * go get vault-plugin-secrets-kv@vault-4290-patch-metadata * fix TestKvMetadataPatchCommand_Flags test * doc fixes * go get vault-plugin-secrets-kv@master; go mod tidy
2022-01-12 17:05:27 +00:00
"kv metadata patch": func() (cli.Command, error) {
return &KVMetadataPatchCommand{
BaseCommand: getBaseCommand(),
}, nil
},
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
"kv metadata get": func() (cli.Command, error) {
return &KVMetadataGetCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
"kv metadata delete": func() (cli.Command, error) {
return &KVMetadataDeleteCommand{
Add missing flags to KV commands and simplify boilerplate (#4617)
2018-05-23 13:56:47 +00:00
BaseCommand: getBaseCommand(),
command/kv: Add a "kv" subcommand for using the key-value store (#4168) * Add more cli subcommands * Add metadata commands * Add more subcommands * Update cli * Move archive commands to delete * Add helpers for making http calls to the kv backend * rename cli header * Format the various maps from kv * Add list command * Update help text * Add a command to enable versioning on a backend * Rename enable-versions command * Some review feedback * Fix listing of top level keys * Fix issue when metadata is nil * Add test for lising top level keys * Fix some typos * Add a note about deleting all versions
2018-03-21 22:02:41 +00:00
}, nil
},
Add a new "vault monitor" command (#8477) Add a new "vault monitor" command Co-authored-by: ncabatoff <ncabatoff@hashicorp.com> Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com> Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com>
2020-05-21 20:07:50 +00:00
"monitor": func() (cli.Command, error) {
return &MonitorCommand{
BaseCommand: getBaseCommand(),
ShutdownCh: MakeShutdownCh(),
}, nil
},
PKI Health Check Command (#17750) * Stub out initial health check command This command will be used to generate health check results for the PKI engine. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Start common health check implementation Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add common health check utilities These utilities will collect helpers not specific to PKI health checks, such as formatting longer durations more legibly. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add PKI health check common utils Many health checks will need issuer and/or CRL information in order to execute. We've centrally located these helpers to avoid particular health checks from needing to reimplement them each time. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Adding ca_validity_period health check Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Begin using health-checks in PKI command Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Allow parsing raw requests afterwards This shifts the last of the logic difference between Read(...) and ReadRaw(...) to a new helper, allowing ReadRaw(...) requests to be parsed into the same response structure afterwards as Read(...); this allows API callers to fetch the raw secret and inspect the raw response object in case something went wrong (error code &c) -- and when the request succeeds, they can still get the api.Secret out. This will be used with the PKI health check functionality, making both LIST and READ operations use ReadRaw, and optionally parsing the secret afterwards. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add crl_validity_period health check Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add tests for PKI health check Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Fix bug in raw reading with contexts When reading raw objects, don't manually call the context cancellation: this causes timeouts and/or EOF errors when attempting to read or parse the response body. See message in client.RawRequestWithContext(...) for more information. This was causing the test suite to randomly fail, due to the context cancelling. The test suite's client usually had a default timeout, whereas the CLI didn't, and thus didn't exhibit the same issue. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add changelog Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Fix typo in permissions message Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Move %v->%w for errs Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-11-16 14:27:56 +00:00
"pki health-check": func() (cli.Command, error) {
return &PKIHealthCheckCommand{
BaseCommand: getBaseCommand(),
}, nil
},
Wire all commands together
2017-09-05 04:05:53 +00:00
}
`vault operator diagnose` stub command (#10819) * Stub "operator diagnose" command. * Parse configuration files. * Refactor storage setup to call from diagnose. * Add the ability to run Diagnose as a prequel to server start.
2021-02-02 20:15:10 +00:00
Pull out license commands, and make the OSS changes needed for the license inspect PR in ent. (#11783)
2021-06-07 18:44:20 +00:00
initCommandsEnt(ui, serverCmdUi, runOpts)
Wire all commands together
2017-09-05 04:05:53 +00:00
}
// MakeShutdownCh returns a channel that can be used for shutdown
// notifications for commands. This channel will send a message for every
// SIGINT or SIGTERM received.
func MakeShutdownCh() chan struct{} {
resultCh := make(chan struct{})
shutdownCh := make(chan os.Signal, 4)
signal.Notify(shutdownCh, os.Interrupt, syscall.SIGTERM)
go func() {
<-shutdownCh
close(resultCh)
}()
return resultCh
}
// MakeSighupCh returns a channel that can be used for SIGHUP
// reloading. This channel will send a message for every
// SIGHUP received.
func MakeSighupCh() chan struct{} {
resultCh := make(chan struct{})
signalCh := make(chan os.Signal, 4)
signal.Notify(signalCh, syscall.SIGHUP)
go func() {
for {
<-signalCh
resultCh <- struct{}{}
}
}()
return resultCh
}