Comments (13)
TerryHowe
commented on July 28, 2024
I could use a pip list, environment you are working in, what command you are running and the output
from ansible-modules-hashivault.
seeder
commented on July 28, 2024
We have used this construct :
hashivault_write:
token: "{{vault_pki_token}}"
url: "{{vault_pki_url}}"
secret: "/{{vault_pki_path}}/issue/{{vault_pki_role}}"
data: "{{vault_pki_issue_}}"
register: vault_pki_issue_result
run_once: yes
and inside vault_pki_issue_result was data with certificate and key now there is only msg. :(
in data is {"cn": "our-lovely-cn.com"}
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
And the message is?
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
I also need the version of ansible-module-hashivault you are running
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
it may be that leading '/' on your secret name. Is that secret on the mount point /secret or /{{vault_pki_path}}?
from ansible-modules-hashivault.
seeder
commented on July 28, 2024
What gets returned is { "changed": true, "msg": "Secret /devops-pki/issue/config-uksouth-staging written", "rc": 0 }
vault_pki_path is a path to mounted PKI backed https://www.vaultproject.io/docs/secrets/pki/index.html
from ansible-modules-hashivault.
seeder
commented on July 28, 2024
Tried with latest version from this repo also using hvac 0.2.16
from ansible-modules-hashivault.
seeder
commented on July 28, 2024
btw we actually have forked your repo and made improvements to previous version.
So it looks like this functionality was never in your version https://github.com/generiklimited/ansible-modules-hashivault , sorry!
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
I'm not following on what the problem is with { "changed": true, "msg": "Secret /devops-pki/issue/config-uksouth-staging written", "rc": 0 } is that the incorrect mount point?
There was a change around 2.9 where if the secret name starts with / it is assumed absolute path meaning you are specifying the mount point. It doesn't assume that the mount point ins /secret anymore. I assume this is what you are seeing.
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
If you have any more PRs, that'd probably make life easier for both of us.
from ansible-modules-hashivault.
seeder
commented on July 28, 2024
Mount point is correct, however, client.write returns data from vault response, and it is required for use with PKI. ( as when you write to pki/issue/role it returns the certificate and key )
I will write the patch it requires for your latest version when I get a spare time.
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
https://pypi.python.org/pypi/ansible-modules-hashivault/2.10.0 new release should have what you want
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
I'm going to close this out, if you have something else, reopen or make a new issue, thanks for the PR!
from ansible-modules-hashivault.
Related Issues (20)
- auth_method missing return value
- auth_method missing diff support HOT 1
- Policy module is missing check and diff
- oidc_auth_method_config & oidc_auth_role missing diff mode
- hashivault_db_secret_engine_config error using vault server 1.12.x and 1.13.x HOT 9
- Re-add wrap_ttl to hashivault_approle_role_secret HOT 1
- configuring allowed_other_sans parameter in hashivault_pki_role broken HOT 2
- hashivault_secret_engine doesn't support seal wrap HOT 5
- Add coverage for 'userfilter' in hashivault_auth_ldap HOT 2
- Dependency on ansible>=5.0.0 HOT 3
- TLS authentication uses removed method
- hashivault_token_renew: call to client.renew_self_token not working anymore
- https://github.com/TerryHowe/ansible-modules-hashivault/pull/467 breaks installs that use pip based hvac HOT 1
- hashivault_k8s_auth_role does not detect changes in policies
- hashivault_identity_entity_alias didn't have custom_metada parameter HOT 3
- Bug on hashivault_approle_role_secret module HOT 1
- Permission denied when creating a policy HOT 3
- Support of hvac create_or_update_acl_policy HOT 7
- Support of hvac JWT auth method and role
- How can I create a static database role HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-modules-hashivault.