From 8669576493a1dc730f21da54e8c12c0ccff88f0f Mon Sep 17 00:00:00 2001
From: Ilan Erenstein <ilan.erenstein@move.com>
Date: Thu, 15 Dec 2016 11:31:30 -0800
Subject: [PATCH] Adding latest vault completion from
 https://github.com/iljaweis/vault-bash-completion

---
 completion/available/vault.completion.bash | 43 +++++++++++++++-------
 1 file changed, 29 insertions(+), 14 deletions(-)

diff --git a/completion/available/vault.completion.bash b/completion/available/vault.completion.bash
index d25d9850..838a0580 100644
--- a/completion/available/vault.completion.bash
+++ b/completion/available/vault.completion.bash
@@ -1,34 +1,49 @@
-# Credit https://github.com/iljaweis/vault-bash-completion/
+# ---------------------------------------------------------------------------
+# vault-bash-completion
+#
+# This adds bash completions for [HashiCorp Vault](https://www.vaultproject.io/)
+#
+# see https://github.com/iljaweis/vault-bash-completion
+# ---------------------------------------------------------------------------
+
+function _vault_mounts() {
+  (
+    set -euo pipefail
+    if ! vault mounts 2> /dev/null | awk 'NR > 1 {print $1}'; then
+      echo "secret"
+    fi
+  )
+}
 
 function _vault() {
-
   local VAULT_COMMANDS='delete path-help read renew revoke server status write audit-disable audit-enable audit-list auth auth-disable auth-enable capabilities generate-root init key-status list mount mount-tune mounts policies policy-delete policy-write rekey remount rotate seal ssh step-down token-create token-lookup token-renew token-revoke unmount unseal version'
 
-  # get root paths
-  vault mounts >/dev/null 2>&1
-  if [ $? != 0 ]; then
-    # we do not have access to list mounts
-    local VAULT_ROOTPATH="secret"
-  else
-    local VAULT_ROOTPATH=$(vault mounts | tail -n +2 | awk '{print $1}' | paste -s -d ' ' -)
+  local cur
+  local prev
+
+  if [ $COMP_CWORD -gt 0 ]; then
+    cur=${COMP_WORDS[COMP_CWORD]}
+    prev=${COMP_WORDS[COMP_CWORD-1]}
   fi
 
-  local cur=${COMP_WORDS[COMP_CWORD]}
   local line=${COMP_LINE}
 
-  if [ "$(echo $line | wc -w)" -le 2 ]; then
+  if [[ $prev =~ ^(policies|policy-write|policy-delete) ]]; then
+    local policies=$(vault policies 2> /dev/null)
+    COMPREPLY=($(compgen -W "$policies" -- $cur))
+  elif [ "$(echo $line | wc -w)" -le 2 ]; then
     if [[ "$line" =~ ^vault\ (read|write|delete|list)\ $ ]]; then
-      COMPREPLY=($(compgen -W "$VAULT_ROOTPATH" -- ''))
+      COMPREPLY=($(compgen -W "$(_vault_mounts)" -- ''))
     else
       COMPREPLY=($(compgen -W "$VAULT_COMMANDS" -- $cur))
     fi
   elif [[ "$line" =~ ^vault\ (read|write|delete|list)\ (.*)$ ]]; then
     path=${BASH_REMATCH[2]}
     if [[ "$path" =~ ^([^ ]+)/([^ /]*)$ ]]; then
-      list=$(vault list ${BASH_REMATCH[1]} | tail -n +2)
+      list=$(vault list -format=yaml ${BASH_REMATCH[1]} 2> /dev/null | awk '{ print $2 }')
       COMPREPLY=($(compgen -W "$list" -P "${BASH_REMATCH[1]}/" -- ${BASH_REMATCH[2]}))
     else
-      COMPREPLY=($(compgen -W "$VAULT_ROOTPATH" -- $path))
+      COMPREPLY=($(compgen -W "$(_vault_mounts)" -- $path))
     fi
   fi
 }