scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 19:17:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Vault SSH: uninstall dynamic keys using script

Browse Source
This commit is contained in:
vishalnayak
2015-08-06 15:50:12 -04:00
parent c26782acad
commit 0542fd8389
5 changed files with 56 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
command/ssh.go
View File

@@ -51,7 +51,7 @@ func (c *SSHCommand) Run(args []string) int {
if len(input) == 1 {
u, err := user.Current()
if err != nil {
c.Ui.Error(fmt.Sprintf("Error fetching username: '%s'", err))
c.Ui.Error(fmt.Sprintf("Error fetching username: %s", err))
}
username = u.Username
ipAddr = input[0]
@@ -72,10 +72,10 @@ func (c *SSHCommand) Run(args []string) int {
if role == "" {
role, err = c.defaultRole(path, ip.String())
if err != nil {
c.Ui.Error(fmt.Sprintf("Error setting default role: '%s'", err))
c.Ui.Error(fmt.Sprintf("Error setting default role: %s", err))
return 1
}
c.Ui.Output(fmt.Sprintf("Vault SSH: Role:'%s'\n", role))
c.Ui.Output(fmt.Sprintf("Vault SSH: Role: %s\n", role))
}
data := map[string]interface{}{
@@ -149,15 +149,15 @@ func (c *SSHCommand) defaultRole(path, ip string) (string, error) {
}
secret, err := client.Logical().Write(path+"/lookup", data)
if err != nil {
return "", fmt.Errorf("Error finding roles for IP '%s':%s", ip, err)
return "", fmt.Errorf("Error finding roles for IP %s: %s", ip, err)
}
if secret == nil {
return "", fmt.Errorf("Error finding roles for IP '%s':%s", ip, err)
return "", fmt.Errorf("Error finding roles for IP %s: %s", ip, err)
}
if secret.Data["roles"] == nil {
return "", fmt.Errorf("No matching roles found for IP '%s'", ip)
return "", fmt.Errorf("No matching roles found for IP %s", ip)
}
if len(secret.Data["roles"].([]interface{})) == 1 {
@@ -168,7 +168,7 @@ func (c *SSHCommand) defaultRole(path, ip string) (string, error) {
roleNames += item.(string) + ", "
}
roleNames = strings.TrimRight(roleNames, ", ")
return "", fmt.Errorf("IP '%s' has multiple roles.\nSelect a role using '-role' option.\nPossible roles: [%s]\nNote that all roles may not be permitted, based on ACLs.", ip, roleNames)
return "", fmt.Errorf("IP %s has multiple roles.\nSelect a role using '-role' option.\nPossible roles: [%s]\nNote that all roles may not be permitted, based on ACLs.", ip, roleNames)
}
}