-
Notifications
You must be signed in to change notification settings - Fork 544
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add AppRole login #34
Conversation
Add a resource that manages AppRole auth backend logins and generating Vault tokens.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1 question about additional d.SetId
resp = renewed | ||
d.Set("lease_started", time.Now().Format(time.RFC3339)) | ||
d.Set("client_token", resp.Auth.ClientToken) | ||
d.SetId(resp.Auth.Accessor) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this resp.Auth.Accessor
value change? It's unusual to see d.SetId
outside of a create
method
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It should be a permanent, stable ID, but I think I was just setting it just to be safe. I'll remove it.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I spoke too soon, sorry. Yes, this value changes, because we're essentially replacing the resource. I'm trading in one token (that has expired) for a new token (that has not). I dunno if it's cool to play around with resource IDs like that, but this resource is of minimal utility if I can't swap out the tokens. :/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's unusual to swap them, yes, but the circumstances seem to warrant it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
…e_auth_backend_login Add AppRole login
Add a resource that manages AppRole auth backend logins and generating
Vault tokens.
Note: this PR depends on #31.