search

miquella / vaulted

Spawning and storage of secure environments
MIT License
253 stars 30 forks source link

support `/` inside of vault names #197

Open Mythra opened 4 years ago

Mythra commented 4 years ago

fixes #196

not the best code of all time, for listing vaults (since i struggled of a way to think of filepath joining, without copying the string extra times? Though maybe this is more unreadable, but figured I'd at least push this up and can always change later.)

I went through some basic scenarios locally with a go built version:

$ ./vaulted create testing/test
Creating new vault 'testing/test'...

[...]

?=Help; q=Save and Quit; Ctrl+C=Abort
Edit AWS key [k,m,r,R,t,S,D,b]: q

Are you sure you wish to save and exit the vault? (y/n): y
Vault 'testing/test'
   New password: 
   Confirm password: 
Vault 'testing/test' successfully saved!
$ ./vaulted list
[...]
testing/test
[...]
$ ./vaulted cp testing/test test/a/very/big/test/lol
Vault 'testing/test'
   Password: 
Vault 'test/a/very/big/test/lol'
   New password: 
   Confirm password:
$ ./vaulted list
[...]
test/a/very/big/test/lol
testing/test
[...]
$ ./vaulted dump testing/test
Vault 'testing/test'
   Password: 
{
  "aws_key": {
    "id": "asdf",
    "secret": "asdf",
    "forgoTempCredGeneration": false
  }
} 
$ ./vaulted dump test/a/very/big/test/lol
Vault 'test/a/very/big/test/lol'
   Password: 
{
  "aws_key": {
    "id": "asdf",
    "secret": "asdf",
    "forgoTempCredGeneration": false
  }
} 
$ rm -rf /home/cynthia/.local/share/vaulted/testing/
$ rm -rf /home/cynthia/.local/share/vaulted/test/
$ ./vaulted dump test/a/very/big/test/lol
file does not exist
$ ./vaulted list
bs-root
cncf-envoy
tetrate-hub
tetrate/hub
Mythra commented 4 years ago

The failures on go 1.12 seem to be not caused by this PR:

The command "eval go get -v -t ./... " failed. Retrying, 2 of 3.
go get: warning: modules disabled by GO111MODULE=auto in GOPATH/src;
    ignoring go.mod;
    see 'go help modules'
github.com/hashicorp/vault/vendor/github.com/hashicorp/go-multierror
github.com/hashicorp/vault/vendor/github.com/hashicorp/go-retryablehttp
# github.com/hashicorp/vault/vendor/github.com/hashicorp/go-multierror
../../hashicorp/vault/vendor/github.com/hashicorp/go-multierror/multierror.go:112:9: undefined: errors.As
../../hashicorp/vault/vendor/github.com/hashicorp/go-multierror/multierror.go:117:9: undefined: errors.Is
# github.com/hashicorp/vault/vendor/github.com/hashicorp/go-retryablehttp
../../hashicorp/vault/vendor/github.com/hashicorp/go-retryablehttp/roundtripper.go:48:16: undefined: errors.Unwrap
The command "eval go get -v -t ./... " failed. Retrying, 3 of 3.
go get: warning: modules disabled by GO111MODULE=auto in GOPATH/src;
    ignoring go.mod;
    see 'go help modules'
github.com/hashicorp/vault/vendor/github.com/hashicorp/go-multierror
github.com/hashicorp/vault/vendor/github.com/hashicorp/go-retryablehttp
# github.com/hashicorp/vault/vendor/github.com/hashicorp/go-multierror
../../hashicorp/vault/vendor/github.com/hashicorp/go-multierror/multierror.go:112:9: undefined: errors.As
../../hashicorp/vault/vendor/github.com/hashicorp/go-multierror/multierror.go:117:9: undefined: errors.Is
# github.com/hashicorp/vault/vendor/github.com/hashicorp/go-retryablehttp
../../hashicorp/vault/vendor/github.com/hashicorp/go-retryablehttp/roundtripper.go:48:16: undefined: errors.Unwrap
The command "eval go get -v -t ./... " failed 3 times.
The command "go get -v -t ./..." failed and exited with 2 during .

Perhaps travisci needs GO111MODULE=on always?

miquella commented 4 years ago

Thanks for taking a crack at this!

Need to think through this a bit to make sure it's not going to cut off another feature we were considering (subvaults). I think we'll be okay, but give me a few days to discuss with @ryan-norton first.

I'll also see if I can find some time to get CI working properly again.

Mythra commented 4 years ago

Yeah no problem take your time!