Open AkhilGNair opened 4 years ago
Add CLI flags to supply client-side authorisation files.
Example behavior:
vault-sidekick can't access vault without client authorisation
vault-sidekick
$ export VAULT_ADDR=https://${vault_addr}:${vault_port} $ export VAULT_AUTH_METHOD=kubernetes $ export VAULT_SIDEKICK_ROLE=example $ $ bin/vault-sidekick [error] unable to create the vault client: Post https://${vault_addr}:${vault_port}/v1/auth/kubernetes/login: remote error: tls: bad certificate
Supplying the key + cert, we can now talk to vault (hitting an expected error)
$ bin/vault-sidekick \ -client-cert vault-client.crt \ -client-key vault-client.key [error] unable to create the vault client: Error making API request. URL: POST https://${vault_addr}:${vault_port}/v1/auth/kubernetes/login Code: 400. Errors: * missing client token
Error if you try to supply only the key or cert
$ bin/vault-sidekick \ -client-cert vault-client.crt [error] invalid options, you are supplying the client certificate, but not the private key
The build is failing because you haven't formatted the go files. Run go fmt on the scripts
go fmt
Add CLI flags to supply client-side authorisation files.
Example behavior:
vault-sidekick
can't access vault without client authorisationSupplying the key + cert, we can now talk to vault (hitting an expected error)
Error if you try to supply only the key or cert