v0.6.1: Fix non-wrapped token generation

It's more efficient to ask for the token "unwrapped" for the get go instead
of unwrapping it conditionally afterwards.

Signed-off-by: Félix Cantournet <[email protected]>

v0.6.0: Move from tmpfs to disk files

We now store the token on disk instead of tmpfs.
This is kind of necessary for the 2nd change:
  you can now ask for the token to be unwrapped by the module.

Some refactoring was in order too.

v0.5.1: Handle cases when VAULT_WRAP_TTL is not set !

Should default really... TODO

Signed-off-by: Félix Cantournet <[email protected]>

v0.5.0: Fixed k8s flexvolume options parsing.

options is a map[string]string in k8s.io/pkg/volume/flexvolume
So we cannot have a key-value as string-list

We revert to the way of having several policies specified as a string split by ","

v0.4.1: Bootstrap now accepts $VAULT_TOKEN auth

For dev environments purposes

Signed-off-by: Félix Cantournet <[email protected]>

v0.4.0: Add bootstrap command

This bootstrap command make it simple to get a token for
the node and place it at the right path.
You can still use whatever else mechanism you want if this doesn't suit you.

Sadly glide also update all dependencies,
i.e vault but it's fine it's from 0.6.2 to 0.6.3

Signed-off-by: Félix Cantournet <[email protected]>

v0.3.0: Moved to Role based token creation

The token creation is now done against a role that is
specified via the VAULTTMPFS_ROLE_NAME env variable

This allows us to restrict the kind of tokens the tools can generate
You need to create a role on the vault auth token backend that
either allows explicitely the needed policies, or disallows the one
you don't want to be accessible to all pods.

This comes with a refactoring of the code to tidy things up
(or maybe it's a complete waste of time I'm not clear yet...)

Signed-off-by: Félix Cantournet <[email protected]>

v0.2.0: Added travis-ci shield

Signed-off-by: Félix Cantournet <[email protected]>

v0.1.0

first working release