Skip to content

feat(agent): add -token-file flag to consul agent command #23132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
majiayu000 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat(agent): add -token-file flag to consul agent command #23132

majiayu000 wants to merge 1 commit into from
+106 −5

Conversation

@majiayu000
Copy link

@majiayu000 majiayu000 commented Dec 30, 2025

Fixes #9723

Changes

  • Add -token-file CLI flag for the consul agent command to read ACL token from a file
  • Add *_file config options for all token types (default_file, agent_file, agent_recovery_file, replication_file, initial_management_file)
  • Add stringValOrFile helper that reads and trims whitespace from token files
  • When both token value and token file are specified, file takes precedence (with a warning)

Test plan

  • Added unit tests for -token-file flag
  • Added unit tests for acl.tokens.default_file config option
  • Added unit tests for precedence when both value and file are set

🤖 Generated with Claude Code

@majiayu000 @claude
feat(agent): add -token-file flag to consul agent command
081e707 
This adds the -token-file flag to the consul agent command, allowing users
to specify the default ACL token via a file path instead of passing it
directly. This is similar to the -token-sink-file flag in consul login.

The implementation includes:
- Added `*_file` fields for tokens in the Tokens config struct
  (default_file, agent_file, agent_recovery_file, replication_file,
  initial_management_file)
- Added `-token-file` command-line flag that reads the default token from
  a file
- Added stringValOrFile helper that reads token from file, trimming
  whitespace
- When both token and token_file are set, token_file takes precedence
  with a warning

Closes hashicorp#9723

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <[email protected]>
Signed-off-by: majiayu000 <[email protected]>
@majiayu000 majiayu000 requested review from a team as code owners December 30, 2025 18:04
@hashicorp-cla-app
Copy link

hashicorp-cla-app bot commented Dec 30, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

@github-actions github-actions bot added the theme/config Relating to Consul Agent configuration, including reloading label Dec 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

theme/config Relating to Consul Agent configuration, including reloading

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

"consul agent" should support -token-file

1 participant

@majiayu000