Comments (13)
I could use a pip list, environment you are working in, what command you are running and the output
from ansible-modules-hashivault.
We have used this construct :
hashivault_write:
token: "{{vault_pki_token}}"
url: "{{vault_pki_url}}"
secret: "/{{vault_pki_path}}/issue/{{vault_pki_role}}"
data: "{{vault_pki_issue_}}"
register: vault_pki_issue_result
run_once: yes
and inside vault_pki_issue_result
was data with certificate and key now there is only msg. :(
in data is {"cn": "our-lovely-cn.com"}
from ansible-modules-hashivault.
And the message is?
from ansible-modules-hashivault.
I also need the version of ansible-module-hashivault you are running
from ansible-modules-hashivault.
it may be that leading '/' on your secret name. Is that secret on the mount point /secret or /{{vault_pki_path}}?
from ansible-modules-hashivault.
What gets returned is { "changed": true, "msg": "Secret /devops-pki/issue/config-uksouth-staging written", "rc": 0 }
vault_pki_path
is a path to mounted PKI backed https://www.vaultproject.io/docs/secrets/pki/index.html
from ansible-modules-hashivault.
Tried with latest version from this repo also using hvac 0.2.16
from ansible-modules-hashivault.
btw we actually have forked your repo and made improvements to previous version.
So it looks like this functionality was never in your version https://github.com/generiklimited/ansible-modules-hashivault , sorry!
from ansible-modules-hashivault.
I'm not following on what the problem is with { "changed": true, "msg": "Secret /devops-pki/issue/config-uksouth-staging written", "rc": 0 }
is that the incorrect mount point?
There was a change around 2.9 where if the secret name starts with / it is assumed absolute path meaning you are specifying the mount point. It doesn't assume that the mount point ins /secret anymore. I assume this is what you are seeing.
from ansible-modules-hashivault.
If you have any more PRs, that'd probably make life easier for both of us.
from ansible-modules-hashivault.
Mount point is correct, however, client.write returns data from vault response, and it is required for use with PKI. ( as when you write to pki/issue/role it returns the certificate and key )
I will write the patch it requires for your latest version when I get a spare time.
from ansible-modules-hashivault.
https://pypi.python.org/pypi/ansible-modules-hashivault/2.10.0 new release should have what you want
from ansible-modules-hashivault.
I'm going to close this out, if you have something else, reopen or make a new issue, thanks for the PR!
from ansible-modules-hashivault.
Related Issues (20)
- auth_method missing return value
- auth_method missing diff support HOT 1
- Policy module is missing check and diff
- oidc_auth_method_config & oidc_auth_role missing diff mode
- hashivault_db_secret_engine_config error using vault server 1.12.x and 1.13.x HOT 9
- Re-add wrap_ttl to hashivault_approle_role_secret HOT 1
- configuring allowed_other_sans parameter in hashivault_pki_role broken HOT 2
- hashivault_secret_engine doesn't support seal wrap HOT 5
- Add coverage for 'userfilter' in hashivault_auth_ldap HOT 2
- Dependency on ansible>=5.0.0 HOT 3
- TLS authentication uses removed method
- hashivault_token_renew: call to client.renew_self_token not working anymore
- https://github.com/TerryHowe/ansible-modules-hashivault/pull/467 breaks installs that use pip based hvac HOT 1
- hashivault_k8s_auth_role does not detect changes in policies
- hashivault_identity_entity_alias didn't have custom_metada parameter HOT 3
- Bug on hashivault_approle_role_secret module HOT 1
- Permission denied when creating a policy HOT 3
- Support of hvac create_or_update_acl_policy HOT 7
- Support of hvac JWT auth method and role
- How can I create a static database role HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-modules-hashivault.