df07170d26
* Expose raw request from client.Logical() Not all Vault API endpoints return well-formatted JSON objects. Sometimes, in the case of the PKI secrets engine, they're not even printable (/pki/ca returns a binary (DER-encoded) certificate). While this endpoint isn't authenticated, in general the API caller would either need to use Client.RawRequestWithContext(...) directly (which the docs advise against), or setup their own net/http client and re-create much of Client and/or Client.Logical. Instead, exposing the raw Request (via the new ReadRawWithData(...)) allows callers to directly consume these non-JSON endpoints like they would nearly any other endpoint. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add raw formatter for direct []byte data As mentioned in the previous commit, some API endpoints return non-JSON data. We get as far as fetching this data (via client.Logical().Read), but parsing it as an api.Secret fails (as in this case, it is non-JSON). Given that we intend to update `vault read` to support such endpoints, we'll need a "raw" formatter that accepts []byte-encoded data and simply writes it to the UI. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add support for reading raw API endpoints Some endpoints, such as `pki/ca` and `pki/ca/pem` return non-JSON objects. When calling `vault read` on these endpoints, an error is returned because they cannot be parsed as api.Secret instances: > Error reading pki/ca/pem: invalid character '-' in numeric literal Indeed, we go to all the trouble of (successfully) fetching this value, only to be unable to Unmarshal into a Secrets value. Instead, add support for a new -format=raw option, allowing these endpoints to be consumed by callers of `vault read` directly. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add changelog entry Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Remove panic Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> |
||
|---|---|---|
| .. | ||
| auth | ||
| test-fixtures | ||
| api_test.go | ||
| auth.go | ||
| auth_test.go | ||
| auth_token.go | ||
| client.go | ||
| client_test.go | ||
| go.mod | ||
| go.sum | ||
| help.go | ||
| kv.go | ||
| kv_test.go | ||
| kv_v1.go | ||
| kv_v2.go | ||
| lifetime_watcher.go | ||
| logical.go | ||
| output_policy.go | ||
| output_string.go | ||
| plugin_helpers.go | ||
| plugin_helpers_test.go | ||
| README.md | ||
| renewer_test.go | ||
| request.go | ||
| request_test.go | ||
| response.go | ||
| secret.go | ||
| ssh.go | ||
| ssh_agent.go | ||
| ssh_agent_test.go | ||
| sys.go | ||
| sys_audit.go | ||
| sys_auth.go | ||
| sys_capabilities.go | ||
| sys_config_cors.go | ||
| sys_generate_root.go | ||
| sys_hastatus.go | ||
| sys_health.go | ||
| sys_init.go | ||
| sys_leader.go | ||
| sys_leases.go | ||
| sys_mfa.go | ||
| sys_monitor.go | ||
| sys_mounts.go | ||
| sys_mounts_test.go | ||
| sys_plugins.go | ||
| sys_plugins_test.go | ||
| sys_policy.go | ||
| sys_raft.go | ||
| sys_rekey.go | ||
| sys_rotate.go | ||
| sys_seal.go | ||
| sys_stepdown.go | ||
Vault API
This provides the github.com/hashicorp/vault/api package which contains code useful for interacting with a Vault server.
For examples of how to use this module, see the vault-examples repo. For a step-by-step walkthrough on using these client libraries, see the developer quickstart.
