本文整理匯總了Golang中github.com/hashicorp/vault/meta.GeneralOptionsUsage函數的典型用法代碼示例。如果您正苦於以下問題:Golang GeneralOptionsUsage函數的具體用法?Golang GeneralOptionsUsage怎麽用?Golang GeneralOptionsUsage使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了GeneralOptionsUsage函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Golang代碼示例。
示例1: Help
func (c *MountCommand) Help() string {
helpText := `
Usage: vault mount [options] type
Mount a logical backend.
This command mounts a logical backend for storing and/or generating
secrets.
General Options:
` + meta.GeneralOptionsUsage() + `
Mount Options:
-description=<desc> Human-friendly description of the purpose for
the mount. This shows up in the mounts command.
-path=<path> Mount point for the logical backend. This
defauls to the type of the mount.
-default-lease-ttl=<duration> Default lease time-to-live for this backend.
If not specified, uses the global default, or
the previously set value. Set to '0' to
explicitly set it to use the global default.
-max-lease-ttl=<duration> Max lease time-to-live for this backend.
If not specified, uses the global default, or
the previously set value. Set to '0' to
explicitly set it to use the global default.
`
return strings.TrimSpace(helpText)
}
示例2: Help
func (c *AuditEnableCommand) Help() string {
helpText := `
Usage: vault audit-enable [options] type [config...]
Enable an audit backend.
This command enables an audit backend of type "type". Additional
options for configuring the audit backend can be specified after the
type in the same format as the "vault write" command in key/value pairs.
For example, to configure the file audit backend to write audit logs at
the path /var/log/audit.log:
$ vault audit-enable file file_path=/var/log/audit.log
For information on available configuration options, please see the
documentation.
General Options:
` + meta.GeneralOptionsUsage() + `
Audit Enable Options:
-description=<desc> A human-friendly description for the backend. This
shows up only when querying the enabled backends.
-path=<path> Specify a unique path for this audit backend. This
is purely for referencing this audit backend. By
default this will be the backend type.
`
return strings.TrimSpace(helpText)
}
示例3: Help
func (c *UnsealCommand) Help() string {
helpText := `
Usage: vault unseal [options] [key]
Unseal the vault by entering a portion of the master key. Once all
portions are entered, the Vault will be unsealed.
Every Vault server initially starts as sealed. It cannot perform any
operation except unsealing until it is sealed. Secrets cannot be accessed
in any way until the vault is unsealed. This command allows you to enter
a portion of the master key to unseal the vault.
The unseal key can be specified via the command line, but this is
not recommended. The key may then live in your terminal history. This
only exists to assist in scripting.
General Options:
` + meta.GeneralOptionsUsage() + `
Unseal Options:
-reset Reset the unsealing process by throwing away
prior keys in process to unseal the vault.
`
return strings.TrimSpace(helpText)
}
示例4: Help
func (c *WriteCommand) Help() string {
helpText := `
Usage: vault write [options] path [data]
Write data (secrets or configuration) into Vault.
Write sends data into Vault at the given path. The behavior of the write is
determined by the backend at the given path. For example, writing to
"aws/policy/ops" will create an "ops" IAM policy for the AWS backend
(configuration), but writing to "consul/foo" will write a value directly into
Consul at that key. Check the documentation of the logical backend you're
using for more information on key structure.
Data is sent via additional arguments in "key=value" pairs. If value begins
with an "@", then it is loaded from a file. Write expects data in the file to
be in JSON format. If you want to start the value with a literal "@", then
prefix the "@" with a slash: "\@".
General Options:
` + meta.GeneralOptionsUsage() + `
Write Options:
-f | -force Force the write to continue without any data values
specified. This allows writing to keys that do not
need or expect any fields to be specified.
-format=table The format for output. By default it is a whitespace-
delimited table. This can also be json or yaml.
-field=field If included, the raw value of the specified field
will be output raw to stdout.
`
return strings.TrimSpace(helpText)
}
示例5: Help
func (c *MountTuneCommand) Help() string {
helpText := `
Usage: vault mount-tune [options] path
Tune configuration options for a mounted secret backend.
Example: vault mount-tune -default-lease-ttl="24h" secret
General Options:
` + meta.GeneralOptionsUsage() + `
Mount Options:
-default-lease-ttl=<duration> Default lease time-to-live for this backend.
If not specified, uses the system default, or
the previously set value. Set to 'system' to
explicitly set it to use the system default.
-max-lease-ttl=<duration> Max lease time-to-live for this backend.
If not specified, uses the system default, or
the previously set value. Set to 'system' to
explicitly set it to use the system default.
`
return strings.TrimSpace(helpText)
}
示例6: Help
func (c *TokenRenewCommand) Help() string {
helpText := `
Usage: vault token-renew [options] [token] [increment]
Renew an auth token, extending the amount of time it can be used. If a token
is given to the command, '/auth/token/renew' will be called with the given
token; otherwise, '/auth/token/renew-self' will be called with the client
token.
This command is similar to "renew", but "renew" is only for leases; this
command is only for tokens.
An optional increment can be given to request a certain number of seconds to
increment the lease. This request is advisory; Vault may not adhere to it at
all. If a token is being passed in on the command line, the increment can as
well; otherwise it must be passed in via the '-increment' flag.
General Options:
` + meta.GeneralOptionsUsage() + `
Token Renew Options:
-increment=3600 The desired increment. If not supplied, Vault will
use the default TTL. If supplied, it may still be
ignored. This can be submitted as an integer number
of seconds or a string duration (e.g. "72h").
-format=table The format for output. By default it is a whitespace-
delimited table. This can also be json or yaml.
`
return strings.TrimSpace(helpText)
}
示例7: Help
func (c *RevokeCommand) Help() string {
helpText := `
Usage: vault revoke [options] id
Revoke a secret by its lease ID.
This command revokes a secret by its lease ID that was returned with it. Once
the key is revoked, it is no longer valid.
With the -prefix flag, the revoke is done by prefix: any secret prefixed with
the given partial ID is revoked. Lease IDs are structured in such a way to
make revocation of prefixes useful.
With the -force flag, the lease is removed from Vault even if the revocation
fails. This is meant for certain recovery scenarios and should not be used
lightly. This option requires -prefix.
General Options:
` + meta.GeneralOptionsUsage() + `
Revoke Options:
-prefix=true Revoke all secrets with the matching prefix. This
defaults to false: an exact revocation.
-force=true Delete the lease even if the actual revocation
operation fails.
`
return strings.TrimSpace(helpText)
}
示例8: Help
func (c *KeyStatusCommand) Help() string {
helpText := `
Usage: vault key-status [options]
Provides information about the active encryption key. Specifically,
the current key term and the key installation time.
General Options:
` + meta.GeneralOptionsUsage()
return strings.TrimSpace(helpText)
}
示例9: Help
func (c *SSHCommand) Help() string {
helpText := `
Usage: vault ssh [options] [email protected]
Establishes an SSH connection with the target machine.
This command generates a key and uses it to establish an SSH
connection with the target machine. This operation requires
that SSH backend is mounted and at least one 'role' be registed
with vault at priori.
For setting up SSH backends with one-time-passwords, installation
of agent in target machines is required.
See [https://github.com/hashicorp/vault-ssh-agent]
General Options:
` + meta.GeneralOptionsUsage() + `
SSH Options:
-role Role to be used to create the key.
Each IP is associated with a role. To see the associated
roles with IP, use "lookup" endpoint. If you are certain
that there is only one role associated with the IP, you can
skip mentioning the role. It will be chosen by default. If
there are no roles associated with the IP, register the
CIDR block of that IP using the "roles/" endpoint.
-no-exec Shows the credentials but does not establish connection.
-mount-point Mount point of SSH backend. If the backend is mounted at
'ssh', which is the default as well, this parameter can be
skipped.
-format If no-exec option is enabled, then the credentials will be
printed out and SSH connection will not be established. The
format of the output can be 'json' or 'table'. JSON output
is useful when writing scripts. Default is 'table'.
-strict-host-key-checking This option corresponds to StrictHostKeyChecking of SSH configuration.
If 'sshpass' is employed to enable automated login, then if host key
is not "known" to the client, 'vault ssh' command will fail. Set this
option to "no" to bypass the host key checking. Defaults to "ask".
Can also be specified with VAULT_SSH_STRICT_HOST_KEY_CHECKING environment
variable.
-user-known-hosts-file This option corresponds to UserKnownHostsFile of SSH configuration.
Assigns the file to use for storing the host keys. If this option is
set to "/dev/null" along with "-strict-host-key-checking=no", both
warnings and host key checking can be avoided while establishing the
connection. Defaults to "~/.ssh/known_hosts". Can also be specified
with VAULT_SSH_USER_KNOWN_HOSTS_FILE environment variable.
`
return strings.TrimSpace(helpText)
}
示例10: Help
func (c *AuthCommand) Help() string {
helpText := `
Usage: vault auth [options] [auth-information]
Authenticate with Vault with the given token or via any supported
authentication backend.
By default, the -method is assumed to be token. If not supplied via the
command-line, a prompt for input will be shown. If the authentication
information is "-", it will be read from stdin.
The -method option allows alternative authentication methods to be used,
such as userpass, GitHub, or TLS certificates. For these, additional
values as "key=value" pairs may be required. For example, to authenticate
to the userpass auth backend:
$ vault auth -method=userpass username=my-username
Use "-method-help" to get help for a specific method.
If an auth backend is enabled at a different path, the "-method" flag
should still point to the canonical name, and the "-path" flag should be
used. If a GitHub auth backend was mounted as "github-private", one would
authenticate to this backend via:
$ vault auth -method=github -path=github-private
The value of the "-path" flag is supplied to auth providers as the "mount"
option in the payload to specify the mount point.
General Options:
` + meta.GeneralOptionsUsage() + `
Auth Options:
-method=name Outputs help for the authentication method with the given
name for the remote server. If this authentication method
is not available, exit with code 1.
-method-help If set, the help for the selected method will be shown.
-methods List the available auth methods.
-no-verify Do not verify the token after creation; avoids a use count
decrement.
-path The path at which the auth backend is enabled. If an auth
backend is mounted at multiple paths, this option can be
used to authenticate against specific paths.
`
return strings.TrimSpace(helpText)
}
示例11: Help
func (c *InitCommand) Help() string {
helpText := `
Usage: vault init [options]
Initialize a new Vault server.
This command connects to a Vault server and initializes it for the
first time. This sets up the initial set of master keys and sets up the
backend data store structure.
This command can't be called on an already-initialized Vault.
General Options:
` + meta.GeneralOptionsUsage() + `
Init Options:
-check Don't actually initialize, just check if Vault is
already initialized. A return code of 0 means Vault
is initialized; a return code of 2 means Vault is not
initialized; a return code of 1 means an error was
encountered.
-key-shares=5 The number of key shares to split the master key
into.
-key-threshold=3 The number of key shares required to reconstruct
the master key.
-stored-shares=0 The number of unseal keys to store. This is not
normally available.
-pgp-keys If provided, must be a comma-separated list of
files on disk containing binary- or base64-format
public PGP keys, or Keybase usernames specified as
"keybase:<username>". The number of given entries
must match 'key-shares'. The output unseal keys will
be encrypted and hex-encoded, in order, with the
given public keys. If you want to use them with the
'vault unseal' command, you will need to hex decode
and decrypt; this will be the plaintext unseal key.
-recovery-shares=5 The number of key shares to split the recovery key
into. This is not normally available.
-recovery-threshold=3 The number of key shares required to reconstruct
the recovery key. This is not normally available.
-recovery-pgp-keys If provided, behaves like "pgp-keys" but for the
recovery key shares. This is not normally available.
`
return strings.TrimSpace(helpText)
}
示例12: Help
func (c *PolicyWriteCommand) Help() string {
helpText := `
Usage: vault policy-write [options] name path
Write a policy with the given name from the contents of a file or stdin.
If the path is "-", the policy is read from stdin. Otherwise, it is
loaded from the file at the given path.
General Options:
` + meta.GeneralOptionsUsage()
return strings.TrimSpace(helpText)
}
示例13: Help
func (c *StatusCommand) Help() string {
helpText := `
Usage: vault status [options]
Outputs the state of the Vault, sealed or unsealed and if HA is enabled.
This command outputs whether or not the Vault is sealed. The exit
code also reflects the seal status (0 unsealed, 2 sealed, 1 error).
General Options:
` + meta.GeneralOptionsUsage()
return strings.TrimSpace(helpText)
}
示例14: Help
func (c *UnmountCommand) Help() string {
helpText := `
Usage: vault unmount [options] path
Unmount a secret backend.
This command unmounts a secret backend. All the secrets created
by this backend will be revoked and its Vault data will be deleted.
General Options:
` + meta.GeneralOptionsUsage()
return strings.TrimSpace(helpText)
}
示例15: Help
func (c *PolicyListCommand) Help() string {
helpText := `
Usage: vault policies [options] [name]
List the policies that are available or read a single policy.
This command lists the policies that are written to the Vault server.
If a name of a policy is specified, that policy is outputted.
General Options:
` + meta.GeneralOptionsUsage()
return strings.TrimSpace(helpText)
}