Re-add lost stored-shares parameter to operator rekey command. (#3974)

Also change the rekey API to not require explicitly setting values to 1. Fixes #3969
2025-10-31 02:28:09 +00:00 · 2018-02-14 16:10:45 -05:00
parent ee4327d71b
commit 7ddc025dee
4 changed files with 43 additions and 35 deletions
--- a/command/operator_init.go
+++ b/command/operator_init.go
@@ -196,15 +196,6 @@ func (c *OperatorInitCommand) Flags() *FlagSets {
 			"is only used in HSM mode.",
 	})

-	f.IntVar(&IntVar{
-		Name:       "stored-shares",
-		Target:     &c.flagStoredShares,
-		Default:    0, // No default, because we need to check if was supplied
-		Completion: complete.PredictAnything,
-		Usage: "Number of unseal keys to store on an HSM. This must be equal to " +
-			"-key-shares. This is only used in HSM mode.",
-	})
-
 	// Deprecations
 	// TODO: remove in 0.9.0
 	f.BoolVar(&BoolVar{
@@ -222,6 +213,15 @@ func (c *OperatorInitCommand) Flags() *FlagSets {
 		Usage:   "",
 	})

+	// Kept to keep scripts passing the flag working, but not used
+	f.IntVar(&IntVar{
+		Name:    "stored-shares",
+		Target:  &c.flagStoredShares,
+		Default: 0,
+		Hidden:  true,
+		Usage:   "",
+	})
+
 	return set
 }

@@ -456,7 +456,7 @@ func (c *OperatorInitCommand) init(client *api.Client, req *api.InitRequest) int
 	c.UI.Output("")
 	c.UI.Output(fmt.Sprintf("Initial Root Token: %s", resp.RootToken))

-	if req.StoredShares < 1 {
+	if len(resp.Keys) > 0 {
 		c.UI.Output("")
 		c.UI.Output(wrapAtLength(fmt.Sprintf(
 			"Vault initialized with %d key shares and a key threshold of %d. Please "+