Comments (11)
wknapik
commented on July 28, 2024
Seems to be an issue with hvac. Reported it here hvac/hvac#183.
from ansible-modules-hashivault.
laurentribot
commented on July 28, 2024
The hvac issue is closed with adding support to k/v v2 api.
Unfortunately, without autodection of the bakend version
Perhaps hashivault modules should implement a new parameter to set the api version to use
@TerryHowe
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
Yes. Docs https://hvac.readthedocs.io/en/latest/usage/secrets_engines/kv_v2.html
from ansible-modules-hashivault.
drewmullen
commented on July 28, 2024
FYI - you can prepend your secret option in your play with data and it works fine. example:
- name: terry howe vault read
hashivault_read:
secret: data/test
reads a secret at secret/test (kv2) just fine
from ansible-modules-hashivault.
drewmullen
commented on July 28, 2024
I'm picking this issue up for hashivault_write, @TerryHowe whats the purpose of this function?
NVM, this wasnt as hard as i thought. PR inc
ansible-modules-hashivault/ansible/modules/hashivault/hashivault_write.py
Lines 86 to 104 in e3cb5f8
also, how do you feel about me setting the version as an option and default it to version 2? defaulting to 1 as thats the majority of tests in functional/
from ansible-modules-hashivault.
ventris
commented on July 28, 2024
I can see that support for kv v2 engine is now supported but I cant get it to work, is there any examples or documentation regarding this anywhere?
from ansible-modules-hashivault.
drewmullen
commented on July 28, 2024
Check that pr, there's an example there
from ansible-modules-hashivault.
ventris
commented on July 28, 2024
In that example namespace is specfied which is something that only the pro version offers.
I get the error with copied example, both on read and write. Is the namespace part needed for the kv2 stuff to work?
Task:
- name: write to kv2
hashivault_write:
secret: kv2/test
data:
password: mypass
version: 2
TASK [write to kv2] *****************************************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Error InvalidPath(no handler for route 'secret/data/kv2/test') writing secret/kv2/test", "rc": 1}
from ansible-modules-hashivault.
drewmullen
commented on July 28, 2024
Looks like an issue on the vault side. Did you upgrade the mount to v2?
I'm off this week but if you're still having trouble next week I can help
*The namespace is optional for any task using this set of modules
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
This issue should probably be closed.
from ansible-modules-hashivault.
TerryHowe
commented on July 28, 2024
If there is anything else to this or problems I think a new issue would be best.
from ansible-modules-hashivault.
Related Issues (20)
- hashivault_init not work with seal type transit HOT 2
- hashivault_secret_engine should support diff and check
- Possible hvac breaking change HOT 1
- whitelist_externals is deprecated in tox
- auth_method missing return value
- auth_method missing diff support HOT 1
- Policy module is missing check and diff
- oidc_auth_method_config & oidc_auth_role missing diff mode
- hashivault_db_secret_engine_config error using vault server 1.12.x and 1.13.x HOT 9
- Re-add wrap_ttl to hashivault_approle_role_secret HOT 1
- configuring allowed_other_sans parameter in hashivault_pki_role broken HOT 2
- hashivault_secret_engine doesn't support seal wrap HOT 5
- Add coverage for 'userfilter' in hashivault_auth_ldap HOT 2
- Dependency on ansible>=5.0.0 HOT 3
- TLS authentication uses removed method
- hashivault_token_renew: call to client.renew_self_token not working anymore
- https://github.com/TerryHowe/ansible-modules-hashivault/pull/467 breaks installs that use pip based hvac HOT 1
- hashivault_k8s_auth_role does not detect changes in policies
- hashivault_identity_entity_alias didn't have custom_metada parameter HOT 3
- Bug on hashivault_approle_role_secret module HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-modules-hashivault.