/// <summary>
/// Sets a Vault access control policy.
/// </summary>
/// <param name="policy">The policy.</param>
/// <returns>The command response.</returns>
public CommandResponse SetPolicy(VaultPolicy policy)
{
Covenant.Requires <ArgumentNullException>(policy != null);
VerifyToken();
var bundle = new CommandBundle("./create-vault-policy.sh");
bundle.AddFile("create-vault-policy.sh",
$@"#!/bin/bash
export VAULT_TOKEN={hive.HiveLogin.VaultCredentials.RootToken}
vault policy-write {policy.Name} policy.hcl
",
isExecutable: true);
bundle.AddFile("policy.hcl", policy);
var response = hive.GetReachableManager().SudoCommand(bundle, hive.SecureRunOptions | RunOptions.FaultOnError);
response.BashCommand = bundle.ToBash();
return(response);
}
/// <summary>
/// Executes a command on a specific hive manager node using the root Vault token.
/// </summary>
/// <param name="manager">The target manager.</param>
/// <param name="command">The command (including the <b>vault</b>).</param>
/// <param name="args">The optional arguments.</param>
/// <returns>The command response.</returns>
/// <remarks>
/// <note>
/// This method does not fault or throw an exception if the command returns
/// a non-zero exit code.
/// </note>
/// </remarks>
public CommandResponse CommandNoFault(SshProxy <NodeDefinition> manager, string command, params object[] args)
{
Covenant.Requires <ArgumentNullException>(manager != null);
Covenant.Requires <ArgumentNullException>(command != null);
VerifyToken();
var scriptBundle = new CommandBundle(command, args);
var bundle = new CommandBundle("./vault-command.sh");
bundle.AddFile("vault-command.sh",
$@"#!/bin/bash
export VAULT_TOKEN={hive.HiveLogin.VaultCredentials.RootToken}
{scriptBundle}
",
isExecutable: true);
var response = manager.SudoCommand(bundle, hive.SecureRunOptions);
response.BashCommand = bundle.ToBash();
return(response);
}
/// <summary>
/// <para>
/// Formats the command such that it could be added to a Bash script.
/// </para>
/// <note>
/// This doesn't work if the command has attached files.
/// </note>
/// </summary>
/// <param name="comment">Optional comment text (without a leading <b>#</b>).</param>
/// <returns>The command formatted for Bash.</returns>
/// <exception cref="NotSupportedException">
/// <see cref="ToBash"/> does not support commands with attached files.
/// </exception>
/// <remarks>
/// This can be useful for making copies of hive configuration commands
/// on the server as scripts for situations where system operators need
/// to manually tweak things.
/// </remarks>
public string ToBash(string comment = null)
{
return(commandBundle.ToBash());
}
