Added VAULT_GITHUB_AUTH_TOKEN env var to receive GitHub auth token

builtin/credential/github/cli.go

@@ -2,6 +2,7 @@ package github
 
 import (
 	"fmt"
+	"os"
 	"strings"
 
 	"github.com/hashicorp/vault/api"
@@ -17,7 +18,9 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (string, error) {
 
 	token, ok := m["token"]
 	if !ok {
-		return "", fmt.Errorf("'token' var must be set")
+		if token = os.Getenv("VAULT_GITHUB_AUTH_TOKEN"); token == "" {
+			return "", fmt.Errorf("GitHub token should be provided either as 'value' for 'token' key,\nor via an env var VAULT_GITHUB_AUTH_TOKEN")
+		}
 	}
 
 	path := fmt.Sprintf("auth/%s/login", mount)

website/source/docs/auth/github.html.md

@@ -28,7 +28,8 @@ $ vault auth -method=github token=<api token>
 
 The endpoint for the GitHub login is `auth/github/login`. 
 
-The `github` mountpoint value in the url is the default mountpoint value. If you have mounted the `github` backend with a different mountpoint, use that value.
+The `github` mountpoint value in the url is the default mountpoint value.
+If you have mounted the `github` backend with a different mountpoint, use that value.
 
 The `token` should be sent in the POST body encoded as JSON.
 
@@ -117,6 +118,8 @@ The above would make anyone in the "admins" team a root user in Vault
 
 You can then auth with a user that is a member of the "admins" team using a Personal Access Token with the `read:org` scope.
 
+GitHub token can also be supplied from the env variable `VAULT_GITHUB_AUTH_TOKEN`.
+
 ```
 $ vault auth -method=github token=000000905b381e723b3d6a7d52f148a5d43c4b45
 Successfully authenticated! The policies that are associated