From e6b637f3febf99af5e13ca2b785f59b9e859d554 Mon Sep 17 00:00:00 2001
From: Lewis Marshall <lewis@technoplusit.co.uk>
Date: Wed, 23 Mar 2016 18:05:58 +0000
Subject: [PATCH] Will save created secrets using the basepath of the vault
 secret

---
 README.md          | 2 +-
 vault.go           | 3 ++-
 vault_resource.go  | 2 --
 vault_resources.go | 9 ++++-----
 4 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index ef5a648..e790c19 100644
--- a/README.md
+++ b/README.md
@@ -46,7 +46,7 @@ spec:
           - -output=/etc/secrets
           - -cn=pki:project1/certs/example.com:common_name=commons.example.com,revoke=true,update=2h
           - -cn=secret:secret/db/prod/username:file=.credentials
-          - -cn=secret:secret/db/prod/password
+          - -cn=secret:secret/db/prod/password:create=true,file=.credentials
           - -cn=aws:aws/creds/s3_backup_policy:file=.s3_creds
         volumeMounts:
           - name: secrets
diff --git a/vault.go b/vault.go
index 7f04726..5361bf2 100644
--- a/vault.go
+++ b/vault.go
@@ -28,6 +28,7 @@ import (
 	"github.com/golang/glog"
 	"github.com/hashicorp/vault/api"
 	"strings"
+	"path/filepath"
 )
 
 const (
@@ -369,7 +370,7 @@ func (r VaultService) get(rn *watchedResource) (err error) {
 		// We must generate the secret if we have the create flag
 		if rn.resource.create && secret == nil && err == nil {
 			glog.V(3).Infof("Create param specified, creating resource: %s", rn.resource.path)
-			params["value"] = NewPassword(int(rn.resource.size))
+			params[filepath.Base(rn.resource.path)] = NewPassword(int(rn.resource.size))
 			secret, err = r.client.Logical().Write(fmt.Sprintf(rn.resource.path), params)
 			glog.V(3).Infof("Secret created: %s", rn.resource.path)
 			if err == nil {
diff --git a/vault_resource.go b/vault_resource.go
index f09e648..c2ea368 100644
--- a/vault_resource.go
+++ b/vault_resource.go
@@ -41,8 +41,6 @@ const (
 	optionExec = "exec"
 	// optionCreate creates a secret if it doesn't exist
 	optionCreate = "create"
-	// optionSize sets the initial size of a password secret
-	optionSize = "size"
 	// defaultSize sets the default size of a generic secret
 	defaultSize = 20
 )
diff --git a/vault_resources.go b/vault_resources.go
index 5ee96df..3723606 100644
--- a/vault_resources.go
+++ b/vault_resources.go
@@ -21,6 +21,7 @@ import (
 	"strconv"
 	"strings"
 	"time"
+	"path/filepath"
 )
 
 // VaultResources is a collection of type resource
@@ -105,12 +106,10 @@ func (r *VaultResources) Set(value string) error {
 					return fmt.Errorf("the create option is only supported for 'cn=secret' at this time")
 				}
 				rn.create = choice
-			case optionSize:
-				size, err := strconv.ParseInt(value, 10, 16)
-				if err != nil {
-					return fmt.Errorf("the size option: %s is invalid, should be an integer", value)
+				if rn.filename == nil && choice {
+					// Use the path basename
+					rn.filename = filepath.Base(rn.path)
 				}
-				rn.size = size
 			case optionExec:
 				rn.execPath = value
 			case optionFilename: