-
Notifications
You must be signed in to change notification settings - Fork 4.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
improve kv CLI to remove data or custom metadata using kv patch #18067
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
```release-note:improvement | ||
cli/kv: improve kv CLI to remove data or custom metadata using kv patch | ||
``` |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,10 +21,11 @@ var ( | |
type KVPatchCommand struct { | ||
*BaseCommand | ||
|
||
flagCAS int | ||
flagMethod string | ||
flagMount string | ||
testStdin io.Reader // for tests | ||
flagCAS int | ||
flagMethod string | ||
flagMount string | ||
testStdin io.Reader // for tests | ||
flagRemoveData []string | ||
} | ||
|
||
func (c *KVPatchCommand) Synopsis() string { | ||
|
@@ -76,6 +77,10 @@ Usage: vault kv patch [options] KEY [DATA] | |
|
||
$ vault kv patch -mount=secret -method=rw foo bar=baz | ||
|
||
To remove data from the corresponding path in the key-value store, kv patch can be used. | ||
|
||
$ vault kv patch -mount=secret -remove-data=bar foo | ||
|
||
Additional flags and more advanced use cases are detailed below. | ||
|
||
` + c.Flags().Help() | ||
|
@@ -117,6 +122,13 @@ func (c *KVPatchCommand) Flags() *FlagSets { | |
v2 secrets.`, | ||
}) | ||
|
||
f.StringSliceVar(&StringSliceVar{ | ||
Name: "remove-data", | ||
Target: &c.flagRemoveData, | ||
Default: []string{}, | ||
Usage: "Key to remove from data. To specify multiple values, specify this flag multiple times.", | ||
}) | ||
|
||
return set | ||
} | ||
|
||
|
@@ -147,7 +159,7 @@ func (c *KVPatchCommand) Run(args []string) int { | |
case len(args) < 1: | ||
c.UI.Error(fmt.Sprintf("Not enough arguments (expected >1, got %d)", len(args))) | ||
return 1 | ||
case len(args) == 1: | ||
case len(c.flagRemoveData) == 0 && len(args) == 1: | ||
c.UI.Error("Must supply data") | ||
return 1 | ||
} | ||
|
@@ -211,6 +223,16 @@ func (c *KVPatchCommand) Run(args []string) int { | |
return 2 | ||
} | ||
|
||
// collecting data to be removed | ||
if newData == nil { | ||
newData = make(map[string]interface{}) | ||
} | ||
|
||
for _, key := range c.flagRemoveData { | ||
// A null in a JSON merge patch payload will remove the associated key | ||
newData[key] = nil | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. nit: Not sure if we wanted to include the same comment that you had above in the There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Sure, it would be good context! Thanks for the comment. |
||
} | ||
|
||
// Check the method and behave accordingly | ||
var secret *api.Secret | ||
var code int | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, great change to this check! I can definitely imagine scenarios where users only want to remove data.