kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-06 10:25:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1978 from hashicorp/b-consul-renew

Browse Source 
Always disable renew_token for CT config
This commit is contained in:
Alex Dadgar
2016-11-10 15:19:21 -08:00
committed by GitHub
parent 96cbf337c1 ca9738f4aa
commit d4931df33c
1 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
client/consul_template.go
View File

@@ -448,13 +448,15 @@ func runnerConfig(config *config.Config, vaultToken string) (*ctconf.Config, err
}
// Setup the Vault config
// Always set these to ensure nothing is picked up from the environment
conf.Vault = &ctconf.VaultConfig{
RenewToken: false,
}
set([]string{"vault", "vault.token", "vault.renew_token"})
if config.VaultConfig != nil && config.VaultConfig.IsEnabled() {
conf.Vault = &ctconf.VaultConfig{
Address: config.VaultConfig.Addr,
Token: vaultToken,
RenewToken: false,
}
set([]string{"vault", "vault.address", "vault.token", "vault.renew_token"})
conf.Vault.Address = config.VaultConfig.Addr
conf.Vault.Token = vaultToken
set([]string{"vault.address"})
if strings.HasPrefix(config.VaultConfig.Addr, "https") || config.VaultConfig.TLSCertFile != "" {
verify := config.VaultConfig.TLSSkipVerify == nil || !*config.VaultConfig.TLSSkipVerify