mirror of
https://github.com/hashicorp/vault.git
synced 2025-08-15 11:07:00 +02:00
0b12cdcfd1
* Adding explicit MPL license for sub-package. This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Adding explicit MPL license for sub-package. This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository. * Updating the license from MPL to Business Source License. Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at https://hashi.co/bsl-blog, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl. * add missing license headers * Update copyright file headers to BUS-1.1 * Fix test that expected exact offset on hcl file --------- Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com> Co-authored-by: Sarah Thompson <sthompson@hashicorp.com> Co-authored-by: Brian Kassouf <bkassouf@hashicorp.com>
104 lines
2.7 KiB
Go
104 lines
2.7 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: BUSL-1.1
|
|
|
|
package config
|
|
|
|
import (
|
|
"fmt"
|
|
"io/ioutil"
|
|
"os"
|
|
|
|
"github.com/hashicorp/hcl"
|
|
"github.com/hashicorp/hcl/hcl/ast"
|
|
"github.com/hashicorp/vault/sdk/helper/hclutil"
|
|
homedir "github.com/mitchellh/go-homedir"
|
|
)
|
|
|
|
const (
|
|
// DefaultConfigPath is the default path to the configuration file
|
|
DefaultConfigPath = "~/.vault"
|
|
|
|
// ConfigPathEnv is the environment variable that can be used to
|
|
// override where the Vault configuration is.
|
|
ConfigPathEnv = "VAULT_CONFIG_PATH"
|
|
)
|
|
|
|
// Config is the CLI configuration for Vault that can be specified via
|
|
// a `$HOME/.vault` file which is HCL-formatted (therefore HCL or JSON).
|
|
type DefaultConfig struct {
|
|
// TokenHelper is the executable/command that is executed for storing
|
|
// and retrieving the authentication token for the Vault CLI. If this
|
|
// is not specified, then vault's internal token store will be used, which
|
|
// stores the token on disk unencrypted.
|
|
TokenHelper string `hcl:"token_helper"`
|
|
}
|
|
|
|
// Config loads the configuration and returns it. If the configuration
|
|
// is already loaded, it is returned.
|
|
func Config() (*DefaultConfig, error) {
|
|
var err error
|
|
config, err := LoadConfig("")
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return config, nil
|
|
}
|
|
|
|
// LoadConfig reads the configuration from the given path. If path is
|
|
// empty, then the default path will be used, or the environment variable
|
|
// if set.
|
|
func LoadConfig(path string) (*DefaultConfig, error) {
|
|
if path == "" {
|
|
path = DefaultConfigPath
|
|
}
|
|
if v := os.Getenv(ConfigPathEnv); v != "" {
|
|
path = v
|
|
}
|
|
|
|
// NOTE: requires HOME env var to be set
|
|
path, err := homedir.Expand(path)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error expanding config path %q: %w", path, err)
|
|
}
|
|
|
|
contents, err := ioutil.ReadFile(path)
|
|
if err != nil && !os.IsNotExist(err) {
|
|
return nil, err
|
|
}
|
|
|
|
conf, err := ParseConfig(string(contents))
|
|
if err != nil {
|
|
return nil, fmt.Errorf("error parsing config file at %q: %w; ensure that the file is valid; Ansible Vault is known to conflict with it.", path, err)
|
|
}
|
|
|
|
return conf, nil
|
|
}
|
|
|
|
// ParseConfig parses the given configuration as a string.
|
|
func ParseConfig(contents string) (*DefaultConfig, error) {
|
|
root, err := hcl.Parse(contents)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// Top-level item should be the object list
|
|
list, ok := root.Node.(*ast.ObjectList)
|
|
if !ok {
|
|
return nil, fmt.Errorf("failed to parse config; does not contain a root object")
|
|
}
|
|
|
|
valid := []string{
|
|
"token_helper",
|
|
}
|
|
if err := hclutil.CheckHCLKeys(list, valid); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
var c DefaultConfig
|
|
if err := hcl.DecodeObject(&c, list); err != nil {
|
|
return nil, err
|
|
}
|
|
return &c, nil
|
|
}
|