Swap order of naming convention for backend flags

jace-ys · Apr 28, 2021 · 6b796c7 · 6b796c7
1 parent c7e1984
commit 6b796c7
Show file tree

Hide file tree

Showing 8 changed files with 23 additions and 22 deletions.
diff --git a/README.md b/README.md
@@ -61,10 +61,11 @@ $ vault-init --help
 
 Configuration options can also be passed in as environment variables, using the uppercased snake-case version of the respective flag name (eg. `VAULT_ADDR` for `--vault-addr`).
 
-Most commands require you to specify the encryption and storage backend to use via the `--encryption` and `--storage` flag, respectively. Each backend has its own set of configuration options, with their names typically following the given pattern:
+Most commands require you to specify the encryption and storage backend to use via the `--encryption` and `--storage` flag, respectively. Each backend has its own set of configuration options, with their names typically following the given patterns:
 
 ```
---[backend-name]-[encryption|storage]-[flag-name]
+--encryption-[backend-name]-[flag-name]
+--storage-[backend-name]-[flag-name]
 ```
 
 You will need to specify the appropriate flags depending on the backends you have chosen. Full documentation on configuration options for each backend can be found in [`docs/encryption.md`](docs/encryption.md) and [`docs/storage.md`](docs/storage.md).

diff --git a/cmd/vault-init/show.go b/cmd/vault-init/show.go
@@ -34,8 +34,8 @@ func attachShowCommand(cmd *kingpin.CmdClause) *ShowCommand {
 		Default("local").
 		EnumVar(&show.Encryption.Name, "local")
 
-	cmd.Flag("local-encryption-secret-key", "The 32-byte secret key to use for encrypting root tokens and unseal keys.").
-		Envar("LOCAL_ENCRYPTION_SECRET_KEY").
+	cmd.Flag("encryption-local-secret-key", "The 32-byte secret key to use for encrypting root tokens and unseal keys.").
+		Envar("ENCRYPTION_LOCAL_SECRET_KEY").
 		PlaceHolder("SECRET-KEY").
 		StringVar(&show.Encryption.Local.SecretKey)
 
@@ -44,8 +44,8 @@ func attachShowCommand(cmd *kingpin.CmdClause) *ShowCommand {
 		Default("postgres").
 		EnumVar(&show.Storage.Name, "postgres")
 
-	cmd.Flag("postgres-storage-connection-url", "The URL to use for connecting to the Postgres server.").
-		Envar("POSTGRES_STORAGE_CONNECTION_URL").
+	cmd.Flag("storage-postgres-connection-url", "The URL to use for connecting to the Postgres server.").
+		Envar("STORAGE_POSTGRES_CONNECTION_URL").
 		PlaceHolder("CONNECTION-URL").
 		URLVar(&show.Storage.Postgres.ConnectionURL)
 

diff --git a/cmd/vault-init/start.go b/cmd/vault-init/start.go
@@ -51,8 +51,8 @@ func attachStartCommand(cmd *kingpin.CmdClause) *StartCommand {
 		Default("local").
 		EnumVar(&start.Encryption.Name, "local")
 
-	cmd.Flag("local-encryption-secret-key", "The 32-byte secret key to use for encrypting root tokens and unseal keys.").
-		Envar("LOCAL_ENCRYPTION_SECRET_KEY").
+	cmd.Flag("encryption-local-secret-key", "The 32-byte secret key to use for encrypting root tokens and unseal keys.").
+		Envar("ENCRYPTION_LOCAL_SECRET_KEY").
 		PlaceHolder("SECRET-KEY").
 		StringVar(&start.Encryption.Local.SecretKey)
 
@@ -61,8 +61,8 @@ func attachStartCommand(cmd *kingpin.CmdClause) *StartCommand {
 		Default("postgres").
 		EnumVar(&start.Storage.Name, "postgres")
 
-	cmd.Flag("postgres-storage-connection-url", "The URL to use for connecting to the Postgres server.").
-		Envar("POSTGRES_STORAGE_CONNECTION_URL").
+	cmd.Flag("storage-postgres-connection-url", "The URL to use for connecting to the Postgres server.").
+		Envar("STORAGE_POSTGRES_CONNECTION_URL").
 		PlaceHolder("CONNECTION-URL").
 		URLVar(&start.Storage.Postgres.ConnectionURL)
 

diff --git a/docker-compose.yaml b/docker-compose.yaml
@@ -31,5 +31,5 @@ services:
       - vault
     environment:
       VAULT_ADDR: http://vault:8200
-      LOCAL_ENCRYPTION_SECRET_KEY: FjaUCqqTIorGTe1Z86rs2YfkRgQ6iIgo
-      POSTGRES_STORAGE_CONNECTION_URL: postgres://vault:vault@postgres:5432/vault?sslmode=disable
+      ENCRYPTION_LOCAL_SECRET_KEY: FjaUCqqTIorGTe1Z86rs2YfkRgQ6iIgo
+      STORAGE_POSTGRES_CONNECTION_URL: postgres://vault:vault@postgres:5432/vault?sslmode=disable
diff --git a/docs/encryption.md b/docs/encryption.md
@@ -10,7 +10,7 @@ The `local` encryption backend uses the [AES-GCM encryption algorithm](https://w
 
 #### Configuration
 
-- `--local-encryption-secret-key`: The 32-byte secret key to use for encrypting root tokens and unseal keys.
+- `--encryption-local-secret-key`: The 32-byte secret key to use for encrypting root tokens and unseal keys.
 
 You can use [OpenSSL](https://www.openssl.org/) to generate a secure 32-byte secret key:
 

diff --git a/docs/examples.md b/docs/examples.md
@@ -9,8 +9,8 @@ Run the `start` command to launch the daemon process that automatically initiali
 ```shell
 $ vault-init start \
   --vault-addr "http://127.0.0.1:8200" \
-  --local-encryption-secret-key "FjaUCqqTIorGTe1Z86rs2YfkRgQ6iIgo" \
-  --postgres-storage-connection-url "postgres://vault:[email protected]:5432/vault?sslmode=disable"
+  --encryption-local-secret-key "FjaUCqqTIorGTe1Z86rs2YfkRgQ6iIgo" \
+  --storage-postgres-connection-url "postgres://vault:[email protected]:5432/vault?sslmode=disable"
 ```
 
 ### `show`
@@ -19,8 +19,8 @@ Run the `show` command to fetch and decrypt the root token and unseal keys gener
 
 ```shell
 $ vault-init show \
-  --local-encryption-secret-key "FjaUCqqTIorGTe1Z86rs2YfkRgQ6iIgo" \
-  --postgres-storage-connection-url "postgres://vault:[email protected]:5432/vault?sslmode=disable"
+  --encryption-local-secret-key "FjaUCqqTIorGTe1Z86rs2YfkRgQ6iIgo" \
+  --storage-postgres-connection-url "postgres://vault:[email protected]:5432/vault?sslmode=disable"
 ```
 
 ## Docker

diff --git a/docs/kubernetes/example.yaml b/docs/kubernetes/example.yaml
@@ -6,7 +6,7 @@ metadata:
   labels:
     app: example
 data:
-  local-encryption-secret-key: RmphVUNxcVRJb3JHVGUxWjg2cnMyWWZrUmdRNmlJZ28=
+  encryption-local-secret-key: RmphVUNxcVRJb3JHVGUxWjg2cnMyWWZrUmdRNmlJZ28=
 ---
 apiVersion: v1
 kind: ConfigMap
@@ -79,10 +79,10 @@ spec:
           env:
             - name: VAULT_ADDR
               value: http://127.0.0.1:8200
-            - name: POSTGRES_STORAGE_CONNECTION_URL
+            - name: STORAGE_POSTGRES_CONNECTION_URL
               value: postgres://example:[email protected]:5432/example?sslmode=disable
-            - name: LOCAL_ENCRYPTION_SECRET_KEY
+            - name: ENCRYPTION_LOCAL_SECRET_KEY
               valueFrom:
                 secretKeyRef:
                   name: example-secret
-                  key: local-encryption-secret-key
+                  key: encryption-local-secret-key
diff --git a/docs/storage.md b/docs/storage.md
@@ -20,4 +20,4 @@ CREATE TABLE vault_init_data (
 
 #### Configuration
 
-- `--postgres-storage-connection-URL`: The URL to use for connecting to the Postgres server.
+- `--storage-postgres-connection-URL`: The URL to use for connecting to the Postgres server.
Original file line number	Diff line number	Diff line change
Expand Up		@@ -20,4 +20,4 @@ CREATE TABLE vault_init_data (

		#### Configuration

		- `--postgres-storage-connection-URL`: The URL to use for connecting to the Postgres server.
		- `--storage-postgres-connection-URL`: The URL to use for connecting to the Postgres server.