mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-08 07:37:01 +02:00
0b12cdcfd1
* Adding explicit MPL license for sub-package. This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package. This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License. Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at https://hashi.co/bsl-blog, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * add missing license headers * Update copyright file headers to BUS-1.1 * Fix test that expected exact offset on hcl file --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com> Co-authored-by: Sarah Thompson <sthompson@hashicorp.com> Co-authored-by: Brian Kassouf <bkassouf@hashicorp.com>
138 lines
3.1 KiB
Go
138 lines
3.1 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package command
|
|
|
|
import (
|
|
"bytes"
|
|
"fmt"
|
|
"io"
|
|
"os"
|
|
"strings"
|
|
|
|
"github.com/mitchellh/cli"
|
|
"github.com/posener/complete"
|
|
)
|
|
|
|
var (
|
|
_ cli.Command = (*PolicyWriteCommand)(nil)
|
|
_ cli.CommandAutocomplete = (*PolicyWriteCommand)(nil)
|
|
)
|
|
|
|
type PolicyWriteCommand struct {
|
|
*BaseCommand
|
|
|
|
testStdin io.Reader // for tests
|
|
}
|
|
|
|
func (c *PolicyWriteCommand) Synopsis() string {
|
|
return "Uploads a named policy from a file"
|
|
}
|
|
|
|
func (c *PolicyWriteCommand) Help() string {
|
|
helpText := `
|
|
Usage: vault policy write [options] NAME PATH
|
|
|
|
Uploads a policy with name NAME from the contents of a local file PATH or
|
|
stdin. If PATH is "-", the policy is read from stdin. Otherwise, it is
|
|
loaded from the file at the given path on the local disk.
|
|
|
|
Upload a policy named "my-policy" from "/tmp/policy.hcl" on the local disk:
|
|
|
|
$ vault policy write my-policy /tmp/policy.hcl
|
|
|
|
Upload a policy from stdin:
|
|
|
|
$ cat my-policy.hcl | vault policy write my-policy -
|
|
|
|
` + c.Flags().Help()
|
|
|
|
return strings.TrimSpace(helpText)
|
|
}
|
|
|
|
func (c *PolicyWriteCommand) Flags() *FlagSets {
|
|
return c.flagSet(FlagSetHTTP)
|
|
}
|
|
|
|
func (c *PolicyWriteCommand) AutocompleteArgs() complete.Predictor {
|
|
return complete.PredictFunc(func(args complete.Args) []string {
|
|
// Predict the LAST argument hcl files - we don't want to predict the
|
|
// name argument as a filepath.
|
|
if len(args.All) == 3 {
|
|
return complete.PredictFiles("*.hcl").Predict(args)
|
|
}
|
|
return nil
|
|
})
|
|
}
|
|
|
|
func (c *PolicyWriteCommand) AutocompleteFlags() complete.Flags {
|
|
return c.Flags().Completions()
|
|
}
|
|
|
|
func (c *PolicyWriteCommand) Run(args []string) int {
|
|
f := c.Flags()
|
|
|
|
if err := f.Parse(args); err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 1
|
|
}
|
|
|
|
args = f.Args()
|
|
switch {
|
|
case len(args) < 2:
|
|
c.UI.Error(fmt.Sprintf("Not enough arguments (expected 2, got %d)", len(args)))
|
|
return 1
|
|
case len(args) > 2:
|
|
c.UI.Error(fmt.Sprintf("Too many arguments (expected 2, got %d)", len(args)))
|
|
return 1
|
|
}
|
|
|
|
client, err := c.Client()
|
|
if err != nil {
|
|
c.UI.Error(err.Error())
|
|
return 2
|
|
}
|
|
|
|
// Policies are normalized to lowercase
|
|
policyName := args[0]
|
|
formattedName := strings.TrimSpace(strings.ToLower(policyName))
|
|
path := strings.TrimSpace(args[1])
|
|
|
|
// Get the policy contents, either from stdin of a file
|
|
var reader io.Reader
|
|
if path == "-" {
|
|
reader = os.Stdin
|
|
if c.testStdin != nil {
|
|
reader = c.testStdin
|
|
}
|
|
} else {
|
|
file, err := os.Open(path)
|
|
if err != nil {
|
|
c.UI.Error(fmt.Sprintf("Error opening policy file: %s", err))
|
|
return 2
|
|
}
|
|
defer file.Close()
|
|
reader = file
|
|
}
|
|
|
|
// Read the policy
|
|
var buf bytes.Buffer
|
|
if _, err := io.Copy(&buf, reader); err != nil {
|
|
c.UI.Error(fmt.Sprintf("Error reading policy: %s", err))
|
|
return 2
|
|
}
|
|
rules := buf.String()
|
|
|
|
if err := client.Sys().PutPolicy(formattedName, rules); err != nil {
|
|
c.UI.Error(fmt.Sprintf("Error uploading policy: %s", err))
|
|
return 2
|
|
}
|
|
|
|
if policyName != formattedName {
|
|
c.UI.Warn(fmt.Sprintf("Policy name was converted from \"%s\" to \"%s\"", policyName, formattedName))
|
|
}
|
|
|
|
c.UI.Output(fmt.Sprintf("Success! Uploaded policy: %s", formattedName))
|
|
return 0
|
|
}
|