| 33 | } |
| 34 | |
| 35 | func (c *PatchCommand) Help() string { |
| 36 | helpText := ` |
| 37 | Usage: vault patch [options] PATH [DATA K=V...] |
| 38 | |
| 39 | Patches data in Vault at the given path. The data can be credentials, secrets, |
| 40 | configuration, or arbitrary data. The specific behavior of this command is |
| 41 | determined at the thing mounted at the path. |
| 42 | |
| 43 | Data is specified as "key=value" pairs. If the value begins with an "@", then |
| 44 | it is loaded from a file. If the value is "-", Vault will read the value from |
| 45 | stdin. |
| 46 | |
| 47 | Unlike write, patch will only modify specified fields. |
| 48 | |
| 49 | Persist data in the generic secrets engine without modifying any other fields: |
| 50 | |
| 51 | $ vault patch pki/roles/example allow_localhost=false |
| 52 | |
| 53 | The data can also be consumed from a file on disk by prefixing with the "@" |
| 54 | symbol. For example: |
| 55 | |
| 56 | $ vault patch pki/roles/example @role.json |
| 57 | |
| 58 | Or it can be read from stdin using the "-" symbol: |
| 59 | |
| 60 | $ echo "example.com" | vault patch pki/roles/example allowed_domains=- |
| 61 | |
| 62 | For a full list of examples and paths, please see the documentation that |
| 63 | corresponds to the secret engines in use. |
| 64 | |
| 65 | ` + c.Flags().Help() |
| 66 | |
| 67 | return strings.TrimSpace(helpText) |
| 68 | } |
| 69 | |
| 70 | func (c *PatchCommand) Flags() *FlagSets { |
| 71 | set := c.flagSet(FlagSetHTTP | FlagSetOutputField | FlagSetOutputFormat) |