open-vault/command/commands.go

1006 lines
27 KiB
Go
Raw Normal View History

2017-09-05 04:05:53 +00:00
package command
import (
"fmt"
2017-09-05 04:05:53 +00:00
"os"
"os/signal"
"syscall"
ad "github.com/hashicorp/vault-plugin-secrets-ad/plugin"
2018-09-19 15:42:28 +00:00
alicloud "github.com/hashicorp/vault-plugin-secrets-alicloud"
azure "github.com/hashicorp/vault-plugin-secrets-azure"
2018-03-22 03:07:16 +00:00
gcp "github.com/hashicorp/vault-plugin-secrets-gcp/plugin"
2018-10-23 06:39:25 +00:00
gcpkms "github.com/hashicorp/vault-plugin-secrets-gcpkms"
2018-03-22 02:56:52 +00:00
kv "github.com/hashicorp/vault-plugin-secrets-kv"
2017-09-05 04:05:53 +00:00
"github.com/hashicorp/vault/audit"
"github.com/hashicorp/vault/logical"
"github.com/hashicorp/vault/physical"
"github.com/hashicorp/vault/version"
"github.com/mitchellh/cli"
"github.com/hashicorp/vault/builtin/logical/aws"
"github.com/hashicorp/vault/builtin/logical/cassandra"
"github.com/hashicorp/vault/builtin/logical/consul"
"github.com/hashicorp/vault/builtin/logical/database"
"github.com/hashicorp/vault/builtin/logical/mongodb"
"github.com/hashicorp/vault/builtin/logical/mssql"
"github.com/hashicorp/vault/builtin/logical/mysql"
"github.com/hashicorp/vault/builtin/logical/nomad"
2017-09-05 04:05:53 +00:00
"github.com/hashicorp/vault/builtin/logical/pki"
"github.com/hashicorp/vault/builtin/logical/postgresql"
"github.com/hashicorp/vault/builtin/logical/rabbitmq"
"github.com/hashicorp/vault/builtin/logical/ssh"
"github.com/hashicorp/vault/builtin/logical/totp"
"github.com/hashicorp/vault/builtin/logical/transit"
"github.com/hashicorp/vault/builtin/plugin"
auditFile "github.com/hashicorp/vault/builtin/audit/file"
auditSocket "github.com/hashicorp/vault/builtin/audit/socket"
auditSyslog "github.com/hashicorp/vault/builtin/audit/syslog"
credAliCloud "github.com/hashicorp/vault-plugin-auth-alicloud"
credAzure "github.com/hashicorp/vault-plugin-auth-azure"
2018-01-19 11:03:33 +00:00
credCentrify "github.com/hashicorp/vault-plugin-auth-centrify"
credGcp "github.com/hashicorp/vault-plugin-auth-gcp/plugin"
2018-07-09 20:21:47 +00:00
credJWT "github.com/hashicorp/vault-plugin-auth-jwt"
credKube "github.com/hashicorp/vault-plugin-auth-kubernetes"
2017-09-05 04:05:53 +00:00
credAppId "github.com/hashicorp/vault/builtin/credential/app-id"
credAppRole "github.com/hashicorp/vault/builtin/credential/approle"
credAws "github.com/hashicorp/vault/builtin/credential/aws"
credCert "github.com/hashicorp/vault/builtin/credential/cert"
credGitHub "github.com/hashicorp/vault/builtin/credential/github"
credLdap "github.com/hashicorp/vault/builtin/credential/ldap"
credOkta "github.com/hashicorp/vault/builtin/credential/okta"
credRadius "github.com/hashicorp/vault/builtin/credential/radius"
credToken "github.com/hashicorp/vault/builtin/credential/token"
credUserpass "github.com/hashicorp/vault/builtin/credential/userpass"
2018-08-13 21:03:24 +00:00
physAliCloudOSS "github.com/hashicorp/vault/physical/alicloudoss"
2017-09-05 04:05:53 +00:00
physAzure "github.com/hashicorp/vault/physical/azure"
physCassandra "github.com/hashicorp/vault/physical/cassandra"
physCockroachDB "github.com/hashicorp/vault/physical/cockroachdb"
physConsul "github.com/hashicorp/vault/physical/consul"
physCouchDB "github.com/hashicorp/vault/physical/couchdb"
physDynamoDB "github.com/hashicorp/vault/physical/dynamodb"
physEtcd "github.com/hashicorp/vault/physical/etcd"
physFile "github.com/hashicorp/vault/physical/file"
2018-07-16 14:18:09 +00:00
physFoundationDB "github.com/hashicorp/vault/physical/foundationdb"
2017-09-05 04:05:53 +00:00
physGCS "github.com/hashicorp/vault/physical/gcs"
physInmem "github.com/hashicorp/vault/physical/inmem"
physManta "github.com/hashicorp/vault/physical/manta"
2017-09-05 04:05:53 +00:00
physMSSQL "github.com/hashicorp/vault/physical/mssql"
physMySQL "github.com/hashicorp/vault/physical/mysql"
physPostgreSQL "github.com/hashicorp/vault/physical/postgresql"
physS3 "github.com/hashicorp/vault/physical/s3"
physSpanner "github.com/hashicorp/vault/physical/spanner"
2017-09-05 04:05:53 +00:00
physSwift "github.com/hashicorp/vault/physical/swift"
physZooKeeper "github.com/hashicorp/vault/physical/zookeeper"
)
CLI Enhancements (#3897) * Use Colored UI if stdout is a tty * Add format options to operator unseal * Add format test on operator unseal * Add -no-color output flag, and use BasicUi if no-color flag is provided * Move seal status formatting logic to OutputSealStatus * Apply no-color to warnings from DeprecatedCommands as well * Add OutputWithFormat to support arbitrary data, add format option to auth list * Add ability to output arbitrary list data on TableFormatter * Clear up switch logic on format * Add format option for list-related commands * Add format option to rest of commands that returns a client API response * Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead * Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead * Remove -no-color flag, use env var exclusively to toggle colored output * Fix compile * Remove -no-color flag in main.go * Add missing FlagSetOutputFormat * Fix generate-root/decode test * Migrate init functions to main.go * Add no-color flag back as hidden * Handle non-supported data types for TableFormatter.OutputList * Pull formatting much further up to remove the need to use c.flagFormat (#3950) * Pull formatting much further up to remove the need to use c.flagFormat Also remove OutputWithFormat as the logic can cause issues. * Use const for env var * Minor updates * Remove unnecessary check * Fix SSH output and some tests * Fix tests * Make race detector not run on generate root since it kills Travis these days * Update docs * Update docs * Address review feedback * Handle --format as well as -format
2018-02-12 23:12:16 +00:00
const (
// EnvVaultCLINoColor is an env var that toggles colored UI output.
EnvVaultCLINoColor = `VAULT_CLI_NO_COLOR`
// EnvVaultFormat is the output format
EnvVaultFormat = `VAULT_FORMAT`
// flagNameAuditNonHMACRequestKeys is the flag name used for auth/secrets enable
flagNameAuditNonHMACRequestKeys = "audit-non-hmac-request-keys"
// flagNameAuditNonHMACResponseKeys is the flag name used for auth/secrets enable
flagNameAuditNonHMACResponseKeys = "audit-non-hmac-response-keys"
// flagNameDescription is the flag name used for tuning the secret and auth mount description parameter
flagNameDescription = "description"
// flagListingVisibility is the flag to toggle whether to show the mount in the UI-specific listing endpoint
flagNameListingVisibility = "listing-visibility"
// flagNamePassthroughRequestHeaders is the flag name used to set passthrough request headers to the backend
flagNamePassthroughRequestHeaders = "passthrough-request-headers"
2018-10-15 16:56:24 +00:00
// flagNameTokenType is the flag name used to force a specific token type
flagNameTokenType = "token-type"
CLI Enhancements (#3897) * Use Colored UI if stdout is a tty * Add format options to operator unseal * Add format test on operator unseal * Add -no-color output flag, and use BasicUi if no-color flag is provided * Move seal status formatting logic to OutputSealStatus * Apply no-color to warnings from DeprecatedCommands as well * Add OutputWithFormat to support arbitrary data, add format option to auth list * Add ability to output arbitrary list data on TableFormatter * Clear up switch logic on format * Add format option for list-related commands * Add format option to rest of commands that returns a client API response * Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead * Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead * Remove -no-color flag, use env var exclusively to toggle colored output * Fix compile * Remove -no-color flag in main.go * Add missing FlagSetOutputFormat * Fix generate-root/decode test * Migrate init functions to main.go * Add no-color flag back as hidden * Handle non-supported data types for TableFormatter.OutputList * Pull formatting much further up to remove the need to use c.flagFormat (#3950) * Pull formatting much further up to remove the need to use c.flagFormat Also remove OutputWithFormat as the logic can cause issues. * Use const for env var * Minor updates * Remove unnecessary check * Fix SSH output and some tests * Fix tests * Make race detector not run on generate root since it kills Travis these days * Update docs * Update docs * Address review feedback * Handle --format as well as -format
2018-02-12 23:12:16 +00:00
)
var (
auditBackends = map[string]audit.Factory{
"file": auditFile.Factory,
"socket": auditSocket.Factory,
"syslog": auditSyslog.Factory,
}
credentialBackends = map[string]logical.Factory{
"alicloud": credAliCloud.Factory,
"app-id": credAppId.Factory,
"approle": credAppRole.Factory,
"aws": credAws.Factory,
2018-03-21 21:35:31 +00:00
"azure": credAzure.Factory,
"centrify": credCentrify.Factory,
"cert": credCert.Factory,
"gcp": credGcp.Factory,
"github": credGitHub.Factory,
2018-07-09 20:21:47 +00:00
"jwt": credJWT.Factory,
"kubernetes": credKube.Factory,
"ldap": credLdap.Factory,
"okta": credOkta.Factory,
"plugin": plugin.Factory,
"radius": credRadius.Factory,
"userpass": credUserpass.Factory,
}
logicalBackends = map[string]logical.Factory{
"ad": ad.Factory,
2018-09-19 15:42:28 +00:00
"alicloud": alicloud.Factory,
"aws": aws.Factory,
"azure": azure.Factory,
"cassandra": cassandra.Factory,
"consul": consul.Factory,
"database": database.Factory,
2018-03-22 03:07:16 +00:00
"gcp": gcp.Factory,
2018-10-23 06:39:25 +00:00
"gcpkms": gcpkms.Factory,
2018-03-22 02:56:52 +00:00
"kv": kv.Factory,
"mongodb": mongodb.Factory,
"mssql": mssql.Factory,
"mysql": mysql.Factory,
"nomad": nomad.Factory,
"pki": pki.Factory,
"plugin": plugin.Factory,
"postgresql": postgresql.Factory,
"rabbitmq": rabbitmq.Factory,
"ssh": ssh.Factory,
"totp": totp.Factory,
"transit": transit.Factory,
}
physicalBackends = map[string]physical.Factory{
2018-08-13 21:03:24 +00:00
"alicloudoss": physAliCloudOSS.NewAliCloudOSSBackend,
"azure": physAzure.NewAzureBackend,
"cassandra": physCassandra.NewCassandraBackend,
"cockroachdb": physCockroachDB.NewCockroachDBBackend,
"consul": physConsul.NewConsulBackend,
"couchdb_transactional": physCouchDB.NewTransactionalCouchDBBackend,
"couchdb": physCouchDB.NewCouchDBBackend,
"dynamodb": physDynamoDB.NewDynamoDBBackend,
"etcd": physEtcd.NewEtcdBackend,
"file_transactional": physFile.NewTransactionalFileBackend,
"file": physFile.NewFileBackend,
2018-07-16 14:18:09 +00:00
"foundationdb": physFoundationDB.NewFDBBackend,
"gcs": physGCS.NewBackend,
"inmem_ha": physInmem.NewInmemHA,
"inmem_transactional_ha": physInmem.NewTransactionalInmemHA,
"inmem_transactional": physInmem.NewTransactionalInmem,
"inmem": physInmem.NewInmem,
2018-02-13 02:01:14 +00:00
"manta": physManta.NewMantaBackend,
"mssql": physMSSQL.NewMSSQLBackend,
"mysql": physMySQL.NewMySQLBackend,
"postgresql": physPostgreSQL.NewPostgreSQLBackend,
"s3": physS3.NewS3Backend,
"spanner": physSpanner.NewBackend,
"swift": physSwift.NewSwiftBackend,
"zookeeper": physZooKeeper.NewZooKeeperBackend,
}
)
// DeprecatedCommand is a command that wraps an existing command and prints a
// deprecation notice and points the user to the new command. Deprecated
// commands are always hidden from help output.
type DeprecatedCommand struct {
cli.Command
UI cli.Ui
// Old is the old command name, New is the new command name.
Old, New string
}
// Help wraps the embedded Help command and prints a warning about deprecations.
func (c *DeprecatedCommand) Help() string {
c.warn()
return c.Command.Help()
}
// Run wraps the embedded Run command and prints a warning about deprecation.
func (c *DeprecatedCommand) Run(args []string) int {
CLI Enhancements (#3897) * Use Colored UI if stdout is a tty * Add format options to operator unseal * Add format test on operator unseal * Add -no-color output flag, and use BasicUi if no-color flag is provided * Move seal status formatting logic to OutputSealStatus * Apply no-color to warnings from DeprecatedCommands as well * Add OutputWithFormat to support arbitrary data, add format option to auth list * Add ability to output arbitrary list data on TableFormatter * Clear up switch logic on format * Add format option for list-related commands * Add format option to rest of commands that returns a client API response * Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead * Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead * Remove -no-color flag, use env var exclusively to toggle colored output * Fix compile * Remove -no-color flag in main.go * Add missing FlagSetOutputFormat * Fix generate-root/decode test * Migrate init functions to main.go * Add no-color flag back as hidden * Handle non-supported data types for TableFormatter.OutputList * Pull formatting much further up to remove the need to use c.flagFormat (#3950) * Pull formatting much further up to remove the need to use c.flagFormat Also remove OutputWithFormat as the logic can cause issues. * Use const for env var * Minor updates * Remove unnecessary check * Fix SSH output and some tests * Fix tests * Make race detector not run on generate root since it kills Travis these days * Update docs * Update docs * Address review feedback * Handle --format as well as -format
2018-02-12 23:12:16 +00:00
if Format(c.UI) == "table" {
c.warn()
}
return c.Command.Run(args)
}
func (c *DeprecatedCommand) warn() {
c.UI.Warn(wrapAtLength(fmt.Sprintf(
"WARNING! The \"vault %s\" command is deprecated. Please use \"vault %s\" "+
"instead. This command will be removed in Vault 0.12.",
c.Old,
c.New)))
c.UI.Warn("")
}
2017-09-05 04:05:53 +00:00
// Commands is the mapping of all the available commands.
var Commands map[string]cli.CommandFactory
2017-09-22 00:51:25 +00:00
var DeprecatedCommands map[string]cli.CommandFactory
2017-09-05 04:05:53 +00:00
func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) {
loginHandlers := map[string]LoginHandler{
"alicloud": &credAliCloud.CLIHandler{},
2018-02-05 15:56:57 +00:00
"aws": &credAws.CLIHandler{},
"centrify": &credCentrify.CLIHandler{},
"cert": &credCert.CLIHandler{},
"gcp": &credGcp.CLIHandler{},
2018-02-05 15:56:57 +00:00
"github": &credGitHub.CLIHandler{},
"ldap": &credLdap.CLIHandler{},
"okta": &credOkta.CLIHandler{},
2017-09-05 04:05:53 +00:00
"radius": &credUserpass.CLIHandler{
DefaultMount: "radius",
},
"token": &credToken.CLIHandler{},
"userpass": &credUserpass.CLIHandler{
DefaultMount: "userpass",
},
}
getBaseCommand := func() *BaseCommand {
return &BaseCommand{
UI: ui,
tokenHelper: runOpts.TokenHelper,
flagAddress: runOpts.Address,
client: runOpts.Client,
}
}
2017-09-05 04:05:53 +00:00
Commands = map[string]cli.CommandFactory{
2018-07-25 02:02:27 +00:00
"agent": func() (cli.Command, error) {
return &AgentCommand{
BaseCommand: &BaseCommand{
UI: serverCmdUi,
},
ShutdownCh: MakeShutdownCh(),
}, nil
},
"audit": func() (cli.Command, error) {
return &AuditCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"audit disable": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &AuditDisableCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"audit enable": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &AuditEnableCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"audit list": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &AuditListCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"auth tune": func() (cli.Command, error) {
return &AuthTuneCommand{
BaseCommand: getBaseCommand(),
}, nil
},
2017-09-05 04:05:53 +00:00
"auth": func() (cli.Command, error) {
return &AuthCommand{
BaseCommand: getBaseCommand(),
Handlers: loginHandlers,
2017-09-05 04:05:53 +00:00
}, nil
},
"auth disable": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &AuthDisableCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"auth enable": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &AuthEnableCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"auth help": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &AuthHelpCommand{
BaseCommand: getBaseCommand(),
Handlers: loginHandlers,
2017-09-05 04:05:53 +00:00
}, nil
},
"auth list": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &AuthListCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"delete": func() (cli.Command, error) {
return &DeleteCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"lease": func() (cli.Command, error) {
return &LeaseCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"lease renew": func() (cli.Command, error) {
return &LeaseRenewCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"lease revoke": func() (cli.Command, error) {
return &LeaseRevokeCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"list": func() (cli.Command, error) {
return &ListCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"login": func() (cli.Command, error) {
return &LoginCommand{
BaseCommand: getBaseCommand(),
Handlers: loginHandlers,
}, nil
},
2018-08-10 16:17:17 +00:00
"namespace": func() (cli.Command, error) {
return &NamespaceCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"namespace list": func() (cli.Command, error) {
return &NamespaceListCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"namespace lookup": func() (cli.Command, error) {
return &NamespaceLookupCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"namespace create": func() (cli.Command, error) {
return &NamespaceCreateCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"namespace delete": func() (cli.Command, error) {
return &NamespaceDeleteCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator": func() (cli.Command, error) {
return &OperatorCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator generate-root": func() (cli.Command, error) {
return &OperatorGenerateRootCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator init": func() (cli.Command, error) {
return &OperatorInitCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator key-status": func() (cli.Command, error) {
return &OperatorKeyStatusCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator migrate": func() (cli.Command, error) {
return &OperatorMigrateCommand{
BaseCommand: getBaseCommand(),
PhysicalBackends: physicalBackends,
ShutdownCh: MakeShutdownCh(),
}, nil
},
"operator rekey": func() (cli.Command, error) {
return &OperatorRekeyCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"operator rotate": func() (cli.Command, error) {
return &OperatorRotateCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"operator seal": func() (cli.Command, error) {
return &OperatorSealCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"operator step-down": func() (cli.Command, error) {
return &OperatorStepDownCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"operator unseal": func() (cli.Command, error) {
return &OperatorUnsealCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"path-help": func() (cli.Command, error) {
return &PathHelpCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"plugin": func() (cli.Command, error) {
return &PluginCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"plugin deregister": func() (cli.Command, error) {
return &PluginDeregisterCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"plugin info": func() (cli.Command, error) {
return &PluginInfoCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"plugin list": func() (cli.Command, error) {
return &PluginListCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"plugin register": func() (cli.Command, error) {
return &PluginRegisterCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"policy": func() (cli.Command, error) {
return &PolicyCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"policy delete": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &PolicyDeleteCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"policy fmt": func() (cli.Command, error) {
return &PolicyFmtCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"policy list": func() (cli.Command, error) {
return &PolicyListCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"policy read": func() (cli.Command, error) {
return &PolicyReadCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"policy write": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &PolicyWriteCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"read": func() (cli.Command, error) {
return &ReadCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"secrets": func() (cli.Command, error) {
return &SecretsCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"secrets disable": func() (cli.Command, error) {
return &SecretsDisableCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"secrets enable": func() (cli.Command, error) {
return &SecretsEnableCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"secrets list": func() (cli.Command, error) {
return &SecretsListCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"secrets move": func() (cli.Command, error) {
return &SecretsMoveCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"secrets tune": func() (cli.Command, error) {
return &SecretsTuneCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"server": func() (cli.Command, error) {
return &ServerCommand{
BaseCommand: &BaseCommand{
UI: serverCmdUi,
tokenHelper: runOpts.TokenHelper,
flagAddress: runOpts.Address,
2017-09-05 04:05:53 +00:00
},
AuditBackends: auditBackends,
CredentialBackends: credentialBackends,
LogicalBackends: logicalBackends,
PhysicalBackends: physicalBackends,
ShutdownCh: MakeShutdownCh(),
SighupCh: MakeSighupCh(),
2017-09-05 04:05:53 +00:00
}, nil
},
"ssh": func() (cli.Command, error) {
return &SSHCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"status": func() (cli.Command, error) {
return &StatusCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"token": func() (cli.Command, error) {
return &TokenCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"token create": func() (cli.Command, error) {
2017-09-05 04:05:53 +00:00
return &TokenCreateCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"token capabilities": func() (cli.Command, error) {
return &TokenCapabilitiesCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"token lookup": func() (cli.Command, error) {
return &TokenLookupCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"token renew": func() (cli.Command, error) {
return &TokenRenewCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"token revoke": func() (cli.Command, error) {
return &TokenRevokeCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"unwrap": func() (cli.Command, error) {
return &UnwrapCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"version": func() (cli.Command, error) {
return &VersionCommand{
VersionInfo: version.GetVersion(),
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"write": func() (cli.Command, error) {
return &WriteCommand{
BaseCommand: getBaseCommand(),
2017-09-05 04:05:53 +00:00
}, nil
},
"kv": func() (cli.Command, error) {
return &KVCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv put": func() (cli.Command, error) {
return &KVPutCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv patch": func() (cli.Command, error) {
return &KVPatchCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv rollback": func() (cli.Command, error) {
return &KVRollbackCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv get": func() (cli.Command, error) {
return &KVGetCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv delete": func() (cli.Command, error) {
return &KVDeleteCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv list": func() (cli.Command, error) {
return &KVListCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv destroy": func() (cli.Command, error) {
return &KVDestroyCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv undelete": func() (cli.Command, error) {
return &KVUndeleteCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv enable-versioning": func() (cli.Command, error) {
return &KVEnableVersioningCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv metadata": func() (cli.Command, error) {
return &KVMetadataCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv metadata put": func() (cli.Command, error) {
return &KVMetadataPutCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv metadata get": func() (cli.Command, error) {
return &KVMetadataGetCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"kv metadata delete": func() (cli.Command, error) {
return &KVMetadataDeleteCommand{
BaseCommand: getBaseCommand(),
}, nil
},
2017-09-05 04:05:53 +00:00
}
2017-09-22 00:51:25 +00:00
// Deprecated commands
//
CLI Enhancements (#3897) * Use Colored UI if stdout is a tty * Add format options to operator unseal * Add format test on operator unseal * Add -no-color output flag, and use BasicUi if no-color flag is provided * Move seal status formatting logic to OutputSealStatus * Apply no-color to warnings from DeprecatedCommands as well * Add OutputWithFormat to support arbitrary data, add format option to auth list * Add ability to output arbitrary list data on TableFormatter * Clear up switch logic on format * Add format option for list-related commands * Add format option to rest of commands that returns a client API response * Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead * Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead * Remove -no-color flag, use env var exclusively to toggle colored output * Fix compile * Remove -no-color flag in main.go * Add missing FlagSetOutputFormat * Fix generate-root/decode test * Migrate init functions to main.go * Add no-color flag back as hidden * Handle non-supported data types for TableFormatter.OutputList * Pull formatting much further up to remove the need to use c.flagFormat (#3950) * Pull formatting much further up to remove the need to use c.flagFormat Also remove OutputWithFormat as the logic can cause issues. * Use const for env var * Minor updates * Remove unnecessary check * Fix SSH output and some tests * Fix tests * Make race detector not run on generate root since it kills Travis these days * Update docs * Update docs * Address review feedback * Handle --format as well as -format
2018-02-12 23:12:16 +00:00
// TODO: Remove not before 0.11.0
2017-09-22 00:51:25 +00:00
DeprecatedCommands = map[string]cli.CommandFactory{
"audit-disable": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "audit-disable",
New: "audit disable",
UI: ui,
2017-09-22 00:51:25 +00:00
Command: &AuditDisableCommand{
BaseCommand: getBaseCommand(),
2017-09-22 00:51:25 +00:00
},
}, nil
},
2017-09-22 00:51:25 +00:00
"audit-enable": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "audit-enable",
New: "audit enable",
UI: ui,
Command: &AuditEnableCommand{
BaseCommand: getBaseCommand(),
2017-09-22 00:51:25 +00:00
},
}, nil
},
2017-09-22 00:51:25 +00:00
"audit-list": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "audit-list",
New: "audit list",
UI: ui,
Command: &AuditListCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"auth-disable": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "auth-disable",
New: "auth disable",
UI: ui,
Command: &AuthDisableCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"auth-enable": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "auth-enable",
New: "auth enable",
UI: ui,
Command: &AuthEnableCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"capabilities": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "capabilities",
New: "token capabilities",
UI: ui,
Command: &TokenCapabilitiesCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"generate-root": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "generate-root",
New: "operator generate-root",
UI: ui,
Command: &OperatorGenerateRootCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"init": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "init",
New: "operator init",
UI: ui,
Command: &OperatorInitCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"key-status": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "key-status",
New: "operator key-status",
UI: ui,
Command: &OperatorKeyStatusCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"renew": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "renew",
New: "lease renew",
UI: ui,
Command: &LeaseRenewCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"revoke": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "revoke",
New: "lease revoke",
UI: ui,
Command: &LeaseRevokeCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"mount": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "mount",
New: "secrets enable",
UI: ui,
Command: &SecretsEnableCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"mount-tune": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "mount-tune",
New: "secrets tune",
UI: ui,
Command: &SecretsTuneCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"mounts": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "mounts",
New: "secrets list",
UI: ui,
Command: &SecretsListCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"policies": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "policies",
New: "policy read\" or \"vault policy list", // lol
UI: ui,
Command: &PoliciesDeprecatedCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"policy-delete": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "policy-delete",
New: "policy delete",
UI: ui,
Command: &PolicyDeleteCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"policy-write": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "policy-write",
New: "policy write",
UI: ui,
Command: &PolicyWriteCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"rekey": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "rekey",
New: "operator rekey",
UI: ui,
Command: &OperatorRekeyCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"remount": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "remount",
New: "secrets move",
UI: ui,
Command: &SecretsMoveCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"rotate": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "rotate",
New: "operator rotate",
UI: ui,
Command: &OperatorRotateCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"seal": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "seal",
New: "operator seal",
UI: ui,
Command: &OperatorSealCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"step-down": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "step-down",
New: "operator step-down",
UI: ui,
Command: &OperatorStepDownCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"token-create": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "token-create",
New: "token create",
UI: ui,
Command: &TokenCreateCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"token-lookup": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "token-lookup",
New: "token lookup",
UI: ui,
Command: &TokenLookupCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"token-renew": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "token-renew",
New: "token renew",
UI: ui,
Command: &TokenRenewCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"token-revoke": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "token-revoke",
New: "token revoke",
UI: ui,
Command: &TokenRevokeCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"unmount": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "unmount",
New: "secrets disable",
UI: ui,
Command: &SecretsDisableCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
2017-09-22 00:51:25 +00:00
"unseal": func() (cli.Command, error) {
return &DeprecatedCommand{
Old: "unseal",
New: "operator unseal",
UI: ui,
Command: &OperatorUnsealCommand{
BaseCommand: getBaseCommand(),
},
2017-09-22 00:51:25 +00:00
}, nil
},
}
2017-09-22 00:51:25 +00:00
// Add deprecated commands back to the main commands so they parse.
for k, v := range DeprecatedCommands {
if _, ok := Commands[k]; ok {
// Can't deprecate an existing command...
panic(fmt.Sprintf("command %q defined as deprecated and not at the same time!", k))
}
Commands[k] = v
}
2017-09-05 04:05:53 +00:00
}
// MakeShutdownCh returns a channel that can be used for shutdown
// notifications for commands. This channel will send a message for every
// SIGINT or SIGTERM received.
func MakeShutdownCh() chan struct{} {
resultCh := make(chan struct{})
shutdownCh := make(chan os.Signal, 4)
signal.Notify(shutdownCh, os.Interrupt, syscall.SIGTERM)
go func() {
<-shutdownCh
close(resultCh)
}()
return resultCh
}
// MakeSighupCh returns a channel that can be used for SIGHUP
// reloading. This channel will send a message for every
// SIGHUP received.
func MakeSighupCh() chan struct{} {
resultCh := make(chan struct{})
signalCh := make(chan os.Signal, 4)
signal.Notify(signalCh, syscall.SIGHUP)
go func() {
for {
<-signalCh
resultCh <- struct{}{}
}
}()
return resultCh
}