Skip to content

Commit

Permalink
backport of commit ba01391
Browse files Browse the repository at this point in the history
  • Loading branch information
cipherboy authored Feb 28, 2023
1 parent 1240c8c commit de5db00
Show file tree
Hide file tree
Showing 5 changed files with 50 additions and 4 deletions.
5 changes: 5 additions & 0 deletions command/commands.go
Original file line number Diff line number Diff line change
Expand Up @@ -704,6 +704,11 @@ func initCommands(ui, serverCmdUi cli.Ui, runOpts *RunOptions) map[string]cli.Co
BaseCommand: getBaseCommand(),
}, nil
},
"transit": func() (cli.Command, error) {
return &TransitCommand{
BaseCommand: getBaseCommand(),
}, nil
},
"transit import": func() (cli.Command, error) {
return &TransitImportCommand{
BaseCommand: getBaseCommand(),
Expand Down
2 changes: 1 addition & 1 deletion command/pki.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ type PKICommand struct {
}

func (c *PKICommand) Synopsis() string {
return "Interact with Vault's Key-Value storage"
return "Interact with Vault's PKI Secrets Engine"
}

func (c *PKICommand) Help() string {
Expand Down
39 changes: 39 additions & 0 deletions command/transit.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
package command

import (
"strings"

"github.com/mitchellh/cli"
)

var _ cli.Command = (*TransitCommand)(nil)

type TransitCommand struct {
*BaseCommand
}

func (c *TransitCommand) Synopsis() string {
return "Interact with Vault's Transit Secrets Engine"
}

func (c *TransitCommand) Help() string {
helpText := `
Usage: vault transit <subcommand> [options] [args]
This command has subcommands for interacting with Vault's Transit Secrets
Engine. Here are some simple examples, and more detailed examples are
available in the subcommands or the documentation.
To import a key into the specified Transit or Transform mount:
$ vault transit import transit/keys/newly-imported @path/to/key type=rsa-2048
Please see the individual subcommand help for detailed usage information.
`

return strings.TrimSpace(helpText)
}

func (c *TransitCommand) Run(args []string) int {
return cli.RunResultHelp
}
3 changes: 2 additions & 1 deletion command/transit_import_key.go
Original file line number Diff line number Diff line change
Expand Up @@ -42,10 +42,11 @@ Usage: vault transit import PATH KEY [options...]
the base64 encoded KEY (either directly on the CLI or via @path notation),
into a new key whose API path is PATH. To import a new version into an
existing key, use import_version. The remaining options after KEY (key=value
style) are passed on to the transit/transform create key endpoint. If your
style) are passed on to the Transit or Transform create key endpoint. If your
system or device natively supports the RSA AES key wrap mechanism (such as
the PKCS#11 mechanism CKM_RSA_AES_KEY_WRAP), you should use it directly
rather than this command.
` + c.Flags().Help()

return strings.TrimSpace(helpText)
Expand Down
5 changes: 3 additions & 2 deletions command/transit_import_key_version.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,13 @@ Usage: vault transit import-version PATH KEY [...]
Using the Transit or Transform key wrapping system, imports key material from
the base64 encoded KEY (either directly on the CLI or via @path notation),
into a new key whose API path is PATH. To import a new transit/transform
into a new key whose API path is PATH. To import a new Transit or Transform
key, use the import command instead. The remaining options after KEY
(key=value style) are passed on to the transit/transform create key endpoint.
(key=value style) are passed on to the Transit or Transform create key endpoint.
If your system or device natively supports the RSA AES key wrap mechanism
(such as the PKCS#11 mechanism CKM_RSA_AES_KEY_WRAP), you should use it
directly rather than this command.
` + c.Flags().Help()

return strings.TrimSpace(helpText)
Expand Down

0 comments on commit de5db00

Please sign in to comment.