From 0bea4ff7fff6534719185abe8dceea87f263a662 Mon Sep 17 00:00:00 2001 From: vishalnayak Date: Thu, 9 Jun 2016 13:38:46 -0400 Subject: [PATCH] Added VAULT_GITHUB_AUTH_TOKEN env var to receive GitHub auth token --- builtin/credential/github/cli.go | 5 ++++- website/source/docs/auth/github.html.md | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/builtin/credential/github/cli.go b/builtin/credential/github/cli.go index aef1b7c88a..8827fc2a9d 100644 --- a/builtin/credential/github/cli.go +++ b/builtin/credential/github/cli.go @@ -2,6 +2,7 @@ package github import ( "fmt" + "os" "strings" "github.com/hashicorp/vault/api" @@ -17,7 +18,9 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (string, error) { token, ok := m["token"] if !ok { - return "", fmt.Errorf("'token' var must be set") + if token = os.Getenv("VAULT_GITHUB_AUTH_TOKEN"); token == "" { + return "", fmt.Errorf("GitHub token should be provided either as 'value' for 'token' key,\nor via an env var VAULT_GITHUB_AUTH_TOKEN") + } } path := fmt.Sprintf("auth/%s/login", mount) diff --git a/website/source/docs/auth/github.html.md b/website/source/docs/auth/github.html.md index 6e8ff07a13..ea22c00672 100644 --- a/website/source/docs/auth/github.html.md +++ b/website/source/docs/auth/github.html.md @@ -28,7 +28,8 @@ $ vault auth -method=github token= The endpoint for the GitHub login is `auth/github/login`. -The `github` mountpoint value in the url is the default mountpoint value. If you have mounted the `github` backend with a different mountpoint, use that value. +The `github` mountpoint value in the url is the default mountpoint value. +If you have mounted the `github` backend with a different mountpoint, use that value. The `token` should be sent in the POST body encoded as JSON. @@ -117,6 +118,8 @@ The above would make anyone in the "admins" team a root user in Vault You can then auth with a user that is a member of the "admins" team using a Personal Access Token with the `read:org` scope. +GitHub token can also be supplied from the env variable `VAULT_GITHUB_AUTH_TOKEN`. + ``` $ vault auth -method=github token=000000905b381e723b3d6a7d52f148a5d43c4b45 Successfully authenticated! The policies that are associated