openstack-charmers / charm-interface-vault-kv Goto Github PK
View Code? Open in Web Editor NEWVault interface for simple KV secrets management
License: Other
charm-interface-vault-kv's Issues
Hook error if two apps with same name are related via CMR
I think there's a conflict in the key the interface layer is choosing to identify the secrets backend for the requester. If you have one app related and working, then via CMR relate another app with the same name, the second one goes to working but with has the secrets from the first app and the first app subsequently breaks with:
Traceback (most recent call last):
File "/var/lib/juju/agents/unit-vk-test-0/.venv/lib/python3.8/site-packages/charms/reactive/__init__.py", line 73, in main
hookenv._run_atstart()
File "/var/lib/juju/agents/unit-vk-test-0/.venv/lib/python3.8/site-packages/charmhelpers/core/hookenv.py", line 1334, in _run_atstart
callback(*args, **kwargs)
File "/var/lib/juju/agents/unit-vk-test-0/charm/reactive/vault_kv.py", line 48, in manage_app_kv_flags
app_kv = vault_kv.VaultAppKV()
File "lib/charms/layer/vault_kv.py", line 30, in __call__
cls._singleton_instance = super().__call__(*args, **kwargs)
File "lib/charms/layer/vault_kv.py", line 117, in __init__
super().__init__()
File "lib/charms/layer/vault_kv.py", line 38, in __init__
response = self._client.read(self._path)
File "lib/charms/layer/vault_kv.py", line 54, in _client
client.auth_approle(self._config['role_id'], self._config['secret_id'])
File "/var/lib/juju/agents/unit-vk-test-0/.venv/lib/python3.8/site-packages/hvac/v1/__init__.py", line 1523, in auth_approle
return self.login('/v1/auth/{0}/login'.format(mount_point), json=params, use_token=use_token)
File "/var/lib/juju/agents/unit-vk-test-0/.venv/lib/python3.8/site-packages/hvac/v1/__init__.py", line 1276, in login
return self._adapter.login(
File "/var/lib/juju/agents/unit-vk-test-0/.venv/lib/python3.8/site-packages/hvac/adapters.py", line 178, in login
response = self.post(url, **kwargs)
File "/var/lib/juju/agents/unit-vk-test-0/.venv/lib/python3.8/site-packages/hvac/adapters.py", line 107, in post
return self.request('post', url, **kwargs)
File "/var/lib/juju/agents/unit-vk-test-0/.venv/lib/python3.8/site-packages/hvac/adapters.py", line 342, in request
response = super(JSONAdapter, self).request(*args, **kwargs)
File "/var/lib/juju/agents/unit-vk-test-0/.venv/lib/python3.8/site-packages/hvac/adapters.py", line 304, in request
utils.raise_for_error(
File "/var/lib/juju/agents/unit-vk-test-0/.venv/lib/python3.8/site-packages/hvac/utils.py", line 47, in raise_for_error
raise exceptions.InternalServerError(message, errors=errors, method=method, url=url)
hvac.exceptions.InternalServerError: failed to verify subset relationship between CIDR blocks on the role ["10.146.199.80/32"] and CIDR blocks on the secret ID ["10.146.199.221/32"]: <nil>, on post http://10.146.199.125:8200/v1/auth/approle/loginTypeError: must be str, not set on call to VaultKVRequires.endpoint_address()
There appears to be a typo in the requires part of this interface:
2018-10-16 13:30:14 ERROR juju-log secrets-storage:11: Hook error:
Traceback (most recent call last):
File "/var/lib/juju/agents/unit-barbican-vault-0/.venv/lib/python3.6/site-packages/charms/reactive/__init__.py", line 73, in main
bus.dispatch(restricted=restricted_mode)
File "/var/lib/juju/agents/unit-barbican-vault-0/.venv/lib/python3.6/site-packages/charms/reactive/bus.py", line 390, in dispatch
_invoke(other_handlers)
File "/var/lib/juju/agents/unit-barbican-vault-0/.venv/lib/python3.6/site-packages/charms/reactive/bus.py", line 359, in _invoke
handler.invoke()
File "/var/lib/juju/agents/unit-barbican-vault-0/.venv/lib/python3.6/site-packages/charms/reactive/bus.py", line 181, in invoke
self._action(*args)
File "/var/lib/juju/agents/unit-barbican-vault-0/charm/reactive/barbican_vault_handlers.py", line 38, in ssc
secrets_storage.request_secret_backend('charm-barbican-vault')
File "/var/lib/juju/agents/unit-barbican-vault-0/charm/hooks/relations/vault-kv/requires.py", line 59, in request_secret_backend
relation.to_publish['access_address'] = self.endpoint_address
File "/var/lib/juju/agents/unit-barbican-vault-0/charm/hooks/relations/vault-kv/requires.py", line 45, in endpoint_address
self.expand_name({'endpoint_name'})
File "/var/lib/juju/agents/unit-barbican-vault-0/.venv/lib/python3.6/site-packages/charms/reactive/endpoints.py", line 190, in expand_name
flag = 'endpoint.{endpoint_name}.' + flag
TypeError: must be str, not set
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.