forked from hashicorp/vault
-
Notifications
You must be signed in to change notification settings - Fork 0
/
command.go
100 lines (83 loc) · 1.9 KB
/
command.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
package disk
import (
"flag"
"fmt"
"io"
"os"
"strings"
"github.com/mitchellh/go-homedir"
)
// DefaultPath is the default path where the Vault token is stored.
const DefaultPath = "~/.vault-token"
type Command struct {
Path string
}
func (c *Command) Run(args []string) int {
var path string
pathDefault := DefaultPath
if c.Path != "" {
pathDefault = c.Path
}
f := flag.NewFlagSet("token-disk", flag.ContinueOnError)
f.StringVar(&path, "path", pathDefault, "")
f.Usage = func() { fmt.Fprintf(os.Stderr, c.Help()+"\n") }
if err := f.Parse(args); err != nil {
fmt.Fprintf(os.Stderr, "\n%s\n", err)
return 1
}
path, err := homedir.Expand(path)
if err != nil {
fmt.Fprintf(os.Stderr, "Error expanding directory: %s\n", err)
return 1
}
args = f.Args()
switch args[0] {
case "get":
f, err := os.Open(path)
if os.IsNotExist(err) {
return 0
}
if err != nil {
fmt.Fprintf(os.Stderr, "%s\n", err)
return 1
}
defer f.Close()
if _, err := io.Copy(os.Stdout, f); err != nil {
fmt.Fprintf(os.Stderr, "%s\n", err)
return 1
}
case "store":
f, err := os.Create(path)
if err != nil {
fmt.Fprintf(os.Stderr, "%s\n", err)
return 1
}
defer f.Close()
if _, err := io.Copy(f, os.Stdin); err != nil {
fmt.Fprintf(os.Stderr, "%s\n", err)
return 1
}
case "erase":
if err := os.Remove(path); err != nil && !os.IsNotExist(err) {
fmt.Fprintf(os.Stderr, "%s\n", err)
return 1
}
default:
fmt.Fprintf(os.Stderr, "Error: unknown subcommand: %s\n", args[0])
return 1
}
return 0
}
func (c *Command) Synopsis() string {
return "Stores Vault tokens on disk"
}
func (c *Command) Help() string {
helpText := `
Usage: vault token-disk [options] [operation]
Vault token helper (see vault config "token_helper") that writes
authenticated tokens to disk unencrypted.
Options:
-path=path Path to store the token.
`
return strings.TrimSpace(helpText)
}