VAULT-12564 Add new token_file auto-auth method (#18740)

* VAULT-12564 Work so far on token file auto-auth * VAULT-12564 remove lifetime watcher struct modifications * VAULT-12564 add other config items, and clean up * VAULT-12564 clean-up and more tests * VAULT-12564 clean-up * VAULT-12564 lookup-self and some clean-up * VAULT-12564 safer client usage * VAULT-12564 some clean-up * VAULT-12564 changelog * VAULT-12564 some clean-ups * VAULT-12564 batch token warning * VAULT-12564 remove follow_symlink reference * VAULT-12564 Remove redundant stat, change temp file creation * VAULT-12564 Remove ability to delete token after auth
2025-11-02 03:27:54 +00:00 · 2023-01-24 16:09:32 -05:00
parent 2ffe49aab0
commit 17be1024e4
6 changed files with 423 additions and 23 deletions
--- a/command/agent.go
+++ b/command/agent.go
@@ -16,6 +16,8 @@ import (
 	"sync"
 	"time"

+	token_file "github.com/hashicorp/vault/command/agent/auth/token-file"
+
 	ctconfig "github.com/hashicorp/consul-template/config"
 	"github.com/hashicorp/go-multierror"

@@ -368,6 +370,8 @@ func (c *AgentCommand) Run(args []string) int {
 			method, err = kubernetes.NewKubernetesAuthMethod(authConfig)
 		case "approle":
 			method, err = approle.NewApproleAuthMethod(authConfig)
+		case "token_file":
+			method, err = token_file.NewTokenFileAuthMethod(authConfig)
 		case "pcf": // Deprecated.
 			method, err = cf.NewCFAuthMethod(authConfig)
 		default: