add ability to specify the mounts since the default policy doesn't expose them except for via the UI.
This commit is contained in:
parent
8315cec8ad
commit
adda893775
@ -8,14 +8,6 @@
|
||||
<xs:include schemaLocation="./std.xsd"/>
|
||||
<xs:include schemaLocation="./unix.xsd"/>
|
||||
|
||||
<xs:complexType name="t_vaultpass_star_gpg">
|
||||
<xs:simpleContent>
|
||||
<xs:extension base="t_unix_filepath">
|
||||
<xs:attribute name="gpgHome" type="t_unix_filepath" use="optional"/>
|
||||
</xs:extension>
|
||||
</xs:simpleContent>
|
||||
</xs:complexType>
|
||||
|
||||
<xs:complexType name="t_vaultpass_auth_plain">
|
||||
<xs:choice minOccurs="1" maxOccurs="1">
|
||||
<xs:element name="appRole">
|
||||
@ -109,6 +101,46 @@
|
||||
</xs:choice>
|
||||
</xs:complexType>
|
||||
|
||||
<xs:simpleType name="t_vaultpass_mount_path">
|
||||
<xs:restriction base="xs:token">
|
||||
<!-- I can't believe Vault accepts this charset for mount names. -->
|
||||
<xs:pattern value="[A-Za-z0-9!"#$%&'()*+,./:;=<>\?\\@\[\]\^_`{|}~-]+"/>
|
||||
<xs:whiteSpace value="collapse"/>
|
||||
</xs:restriction>
|
||||
</xs:simpleType>
|
||||
|
||||
<xs:complexType name="t_vaultpass_mount">
|
||||
<xs:simpleContent>
|
||||
<xs:extension base="t_vaultpass_mount_path">
|
||||
<xs:attribute name="type" use="optional" default="kv2">
|
||||
<xs:simpleType>
|
||||
<xs:restriction base="xs:token">
|
||||
<xs:enumeration value="cubbyhole"/>
|
||||
<xs:enumeration value="kv"/>
|
||||
<xs:enumeration value="kv2"/>
|
||||
<!-- TODO: can any of the below be enabled? -->
|
||||
<!-- more at .../ui/vault/settings/mount-secret-backend -->
|
||||
<!--
|
||||
<xs:enumeration value="pki"/>
|
||||
<xs:enumeration value="ssh"/>
|
||||
<xs:enumeration value="transit"/>
|
||||
<xs:enumeration value="totp"/>
|
||||
-->
|
||||
</xs:restriction>
|
||||
</xs:simpleType>
|
||||
</xs:attribute>
|
||||
</xs:extension>
|
||||
</xs:simpleContent>
|
||||
</xs:complexType>
|
||||
|
||||
<xs:complexType name="t_vaultpass_star_gpg">
|
||||
<xs:simpleContent>
|
||||
<xs:extension base="t_unix_filepath">
|
||||
<xs:attribute name="gpgHome" type="t_unix_filepath" use="optional"/>
|
||||
</xs:extension>
|
||||
</xs:simpleContent>
|
||||
</xs:complexType>
|
||||
|
||||
<xs:simpleType name="t_vaultpass_tokensource">
|
||||
<xs:union memberTypes="t_std_envvar t_unix_filepath"/>
|
||||
</xs:simpleType>
|
||||
|
@ -23,6 +23,13 @@
|
||||
</xs:complexType>
|
||||
</xs:element>
|
||||
<xs:element ref="t_vaultpass_authselect" minOccurs="1" maxOccurs="1"/>
|
||||
<xs:element name="mounts" minOccurs="0" maxOccurs="1">
|
||||
<xs:complexType>
|
||||
<xs:sequence>
|
||||
<xs:element name="mount" minOccurs="1" maxOccurs="unbounded" type="t_vaultpass_mount"/>
|
||||
</xs:sequence>
|
||||
</xs:complexType>
|
||||
</xs:element>
|
||||
</xs:all>
|
||||
</xs:complexType>
|
||||
</xs:element>
|
||||
|
Loading…
Reference in New Issue
Block a user