open-vault/command/list.go

118 lines
2.5 KiB
Go
Raw Normal View History

2016-01-14 19:18:27 +00:00
package command
import (
"fmt"
"strings"
2017-09-05 04:02:15 +00:00
"github.com/mitchellh/cli"
"github.com/posener/complete"
2016-01-14 19:18:27 +00:00
)
var (
_ cli.Command = (*ListCommand)(nil)
_ cli.CommandAutocomplete = (*ListCommand)(nil)
)
2017-09-05 04:02:15 +00:00
2016-01-14 19:18:27 +00:00
type ListCommand struct {
2017-09-05 04:02:15 +00:00
*BaseCommand
}
func (c *ListCommand) Synopsis() string {
2017-09-08 01:59:46 +00:00
return "List data or secrets"
2017-09-05 04:02:15 +00:00
}
func (c *ListCommand) Help() string {
helpText := `
Usage: vault list [options] PATH
Lists data from Vault at the given path. This can be used to list keys in a,
2017-09-08 01:59:46 +00:00
given secret engine.
2017-09-05 04:02:15 +00:00
2017-09-08 01:59:46 +00:00
List values under the "my-app" folder of the generic secret engine:
2017-09-05 04:02:15 +00:00
$ vault list secret/my-app/
For a full list of examples and paths, please see the documentation that
2017-09-08 01:59:46 +00:00
corresponds to the secret engine in use. Not all engines support listing.
2017-09-05 04:02:15 +00:00
` + c.Flags().Help()
return strings.TrimSpace(helpText)
}
func (c *ListCommand) Flags() *FlagSets {
Vault CLI: show detailed information with ListResponseWithInfo (#15417) * CLI: Add ability to display ListResponseWithInfos The Vault Server API includes a ListResponseWithInfo call, allowing LIST responses to contain additional information about their keys. This is in a key=value mapping format (both for each key, to get the additional metadata, as well as within each metadata). Expand the `vault list` CLI command with a `-detailed` flag (and env var VAULT_DETAILED_LISTS) to print this additional metadata. This looks roughly like the following: $ vault list -detailed pki/issuers Keys issuer_name ---- ----------- 0cba84d7-bbbe-836a-4ff6-a11b31dc0fb7 n/a 35dfb02d-0cdb-3d35-ee64-d0cd6568c6b0 n/a 382fad1e-e99c-9c54-e147-bb1faa8033d3 n/a 8bb4a793-2ad9-460c-9fa8-574c84a981f7 n/a 8bd231d7-20e2-f21f-ae1a-7aa3319715e7 n/a 9425d51f-cb81-426d-d6ad-5147d092094e n/a ae679732-b497-ab0d-3220-806a2b9d81ed n/a c5a44a1f-2ae4-2140-3acf-74b2609448cc utf8 d41d2419-efce-0e36-c96b-e91179a24dc1 something Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Allow detailed printing of LIST responses in JSON When using the JSON formatter, only the absolute list of keys were returned. Reuse the `-detailed` flag value for the `-format=json` list response printer, allowing us to show the complete API response returned by Vault. This returns something like the following: { "request_id": "e9a25dcd-b67a-97d7-0f08-3670918ef3ff", "lease_id": "", "lease_duration": 0, "renewable": false, "data": { "key_info": { "0cba84d7-bbbe-836a-4ff6-a11b31dc0fb7": { "issuer_name": "" }, "35dfb02d-0cdb-3d35-ee64-d0cd6568c6b0": { "issuer_name": "" }, "382fad1e-e99c-9c54-e147-bb1faa8033d3": { "issuer_name": "" }, "8bb4a793-2ad9-460c-9fa8-574c84a981f7": { "issuer_name": "" }, "8bd231d7-20e2-f21f-ae1a-7aa3319715e7": { "issuer_name": "" }, "9425d51f-cb81-426d-d6ad-5147d092094e": { "issuer_name": "" }, "ae679732-b497-ab0d-3220-806a2b9d81ed": { "issuer_name": "" }, "c5a44a1f-2ae4-2140-3acf-74b2609448cc": { "issuer_name": "utf8" }, "d41d2419-efce-0e36-c96b-e91179a24dc1": { "issuer_name": "something" } }, "keys": [ "0cba84d7-bbbe-836a-4ff6-a11b31dc0fb7", "35dfb02d-0cdb-3d35-ee64-d0cd6568c6b0", "382fad1e-e99c-9c54-e147-bb1faa8033d3", "8bb4a793-2ad9-460c-9fa8-574c84a981f7", "8bd231d7-20e2-f21f-ae1a-7aa3319715e7", "9425d51f-cb81-426d-d6ad-5147d092094e", "ae679732-b497-ab0d-3220-806a2b9d81ed", "c5a44a1f-2ae4-2140-3acf-74b2609448cc", "d41d2419-efce-0e36-c96b-e91179a24dc1" ] }, "warnings": null } Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add changelog Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Use field on UI rather than secret.Data Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Only include headers from visitable key_infos Certain API endpoints return data from non-visitable key_infos, by virtue of using a hand-rolled response. Limit our headers to those from visitable key_infos. This means we won't return entire columns with n/a entries, if no key matches the key_info key that includes that header. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Use setupEnv sourced detailed info Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Fix changelog environment variable Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Fix broken tests using setupEnv Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-18 17:00:50 +00:00
set := c.flagSet(FlagSetHTTP | FlagSetOutputFormat | FlagSetOutputDetailed)
return set
2017-09-05 04:02:15 +00:00
}
func (c *ListCommand) AutocompleteArgs() complete.Predictor {
return c.PredictVaultFolders()
}
func (c *ListCommand) AutocompleteFlags() complete.Flags {
return c.Flags().Completions()
2016-01-14 19:18:27 +00:00
}
func (c *ListCommand) Run(args []string) int {
2017-09-05 04:02:15 +00:00
f := c.Flags()
2016-01-14 19:18:27 +00:00
2017-09-05 04:02:15 +00:00
if err := f.Parse(args); err != nil {
c.UI.Error(err.Error())
2016-01-14 19:18:27 +00:00
return 1
}
2017-09-05 04:02:15 +00:00
args = f.Args()
2017-09-08 01:59:46 +00:00
switch {
case len(args) < 1:
c.UI.Error(fmt.Sprintf("Not enough arguments (expected 1, got %d)", len(args)))
2017-09-05 04:02:15 +00:00
return 1
2017-09-08 01:59:46 +00:00
case len(args) > 1:
2017-09-05 04:02:15 +00:00
c.UI.Error(fmt.Sprintf("Too many arguments (expected 1, got %d)", len(args)))
return 1
}
2016-01-14 19:18:27 +00:00
client, err := c.Client()
if err != nil {
2017-09-05 04:02:15 +00:00
c.UI.Error(err.Error())
2016-01-14 19:18:27 +00:00
return 2
}
path := sanitizePath(args[0])
2017-09-05 04:02:15 +00:00
secret, err := client.Logical().List(path)
2016-01-14 19:18:27 +00:00
if err != nil {
2017-09-05 04:02:15 +00:00
c.UI.Error(fmt.Sprintf("Error listing %s: %s", path, err))
return 2
2016-01-14 19:18:27 +00:00
}
// If the secret is wrapped, return the wrapped response.
if secret != nil && secret.WrapInfo != nil && secret.WrapInfo.TTL != 0 {
return OutputSecret(c.UI, secret)
}
_, ok := extractListData(secret)
if Format(c.UI) != "table" {
if secret == nil || secret.Data == nil || !ok {
OutputData(c.UI, map[string]interface{}{})
return 2
}
}
if secret == nil {
2017-09-05 04:02:15 +00:00
c.UI.Error(fmt.Sprintf("No value found at %s", path))
return 2
2016-01-14 19:18:27 +00:00
}
if secret.Data == nil {
// If secret wasn't nil, we have warnings, so output them anyways. We
// may also have non-keys info.
return OutputSecret(c.UI, secret)
}
2017-09-05 04:02:15 +00:00
if !ok {
2017-09-05 04:02:15 +00:00
c.UI.Error(fmt.Sprintf("No entries found at %s", path))
return 2
2016-01-14 19:18:27 +00:00
}
CLI Enhancements (#3897) * Use Colored UI if stdout is a tty * Add format options to operator unseal * Add format test on operator unseal * Add -no-color output flag, and use BasicUi if no-color flag is provided * Move seal status formatting logic to OutputSealStatus * Apply no-color to warnings from DeprecatedCommands as well * Add OutputWithFormat to support arbitrary data, add format option to auth list * Add ability to output arbitrary list data on TableFormatter * Clear up switch logic on format * Add format option for list-related commands * Add format option to rest of commands that returns a client API response * Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead * Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead * Remove -no-color flag, use env var exclusively to toggle colored output * Fix compile * Remove -no-color flag in main.go * Add missing FlagSetOutputFormat * Fix generate-root/decode test * Migrate init functions to main.go * Add no-color flag back as hidden * Handle non-supported data types for TableFormatter.OutputList * Pull formatting much further up to remove the need to use c.flagFormat (#3950) * Pull formatting much further up to remove the need to use c.flagFormat Also remove OutputWithFormat as the logic can cause issues. * Use const for env var * Minor updates * Remove unnecessary check * Fix SSH output and some tests * Fix tests * Make race detector not run on generate root since it kills Travis these days * Update docs * Update docs * Address review feedback * Handle --format as well as -format
2018-02-12 23:12:16 +00:00
return OutputList(c.UI, secret)
2016-01-14 19:18:27 +00:00
}