1.7.5

• Adds a new bulk export command to complement the bulk import functionality, courtesy of @archgrove (#38)

1.7.4

• Reverts a backwards-incompatible change that was made to CredHub's error responses to authorization endpoints. This regression was causing clients expecting the older JSON structure to fail to refresh their access tokens.

1.7.3

Minor process improvements.

1.7.1

Minor bugfixes and improvements.

1.7.0

Features

• curl: CLI now supports executing arbitrary HTTPS requests to a CredHub server, using the CLI's configuration to set auth headers, establish and tunnel through socks5 proxies, etc.
• get --key: When executing a credhub get, the CLI can be configured to only return the value you're interested in, without indentation, with the --key, -k flag. No more peeling whitespace off of certificates and private keys — just use credhub get -n /my/cert -k "certificate".
• bulk-regenerate: CLI now supports the bulk regeneration of all certificates signed by a named CA, recursively.

1.6.0

This release primarily includes quality-of-life improvements, particularly for users of bosh-bootloader (bbl).

Features

• Authenticates automatically and discards bearer token after any command that requires authentication, provided certain environment variables are set. This allows us not to write a bearer token to your filesystem, and avoids frustrating re-authentication intervals. The required environment variables are:
  • CREDHUB_SERVER -- URI for CredHub server
  • CREDHUB_CLIENT -- UAA client name
  • CREDHUB_SECRET -- UAA client secret
• Supports creating a short-lived socks5 proxy over SSH and using it for the lifespan of a single command. Mimics the behavior of BOSH cli v2.0.48, though the CredHub CLI expects the ssh+socks5 URI at the CREDHUB_PROXY environment variable.
• Supports UAA's SSO authentication (thanks @aeijdenberg! -- #15)
• Supports system trust stores for validating CredHub and UAA server TLS certificates (resolves #22).

1.5.3

• Resolves error where CLI panicked when credhub --version was run without a config file having been written out (resolves #28)
• credhub --version now reports its own version before querying the targeted CredHub server (resolves #27)

1.5.2

Resolves issue with https_proxy not being respected.

1.5.1

Update GO dependencies

[#153194303] Server presents version on authenticated endpoint

Signed-off-by: Ashwin Venkatesh <[email protected]>

1.5.0

Notice

• Flag --skip-tls-validation is now deprecated. Please use --ca-cert to provide trusted CA(s) if API and/or UAA certificate is signed by an untrusted authority.

New Features

• Supported Go client library for CredHub server; Refactored CLI to depend on supported Go client library
• Added description to command help menus
• Ability to return multiple versions of a credential [requires server v1.4.0]