Comments (11)
Seems to be an issue with hvac. Reported it here hvac/hvac#183.
from ansible-modules-hashivault.
The hvac issue is closed with adding support to k/v v2 api.
Unfortunately, without autodection of the bakend version
Perhaps hashivault modules should implement a new parameter to set the api version to use
@TerryHowe
from ansible-modules-hashivault.
Yes. Docs https://hvac.readthedocs.io/en/latest/usage/secrets_engines/kv_v2.html
from ansible-modules-hashivault.
FYI - you can prepend your secret
option in your play with data
and it works fine. example:
- name: terry howe vault read
hashivault_read:
secret: data/test
reads a secret at secret/test (kv2) just fine
from ansible-modules-hashivault.
I'm picking this issue up for hashivault_write, @TerryHowe whats the purpose of this function?
NVM, this wasnt as hard as i thought. PR inc
ansible-modules-hashivault/ansible/modules/hashivault/hashivault_write.py
Lines 86 to 104 in e3cb5f8
also, how do you feel about me setting the version as an option and default it to version 2? defaulting to 1 as thats the majority of tests in functional/
from ansible-modules-hashivault.
I can see that support for kv v2 engine is now supported but I cant get it to work, is there any examples or documentation regarding this anywhere?
from ansible-modules-hashivault.
Check that pr, there's an example there
from ansible-modules-hashivault.
In that example namespace is specfied which is something that only the pro version offers.
I get the error with copied example, both on read and write. Is the namespace part needed for the kv2 stuff to work?
Task:
- name: write to kv2
hashivault_write:
secret: kv2/test
data:
password: mypass
version: 2
TASK [write to kv2] *****************************************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Error InvalidPath(no handler for route 'secret/data/kv2/test') writing secret/kv2/test", "rc": 1}
from ansible-modules-hashivault.
Looks like an issue on the vault side. Did you upgrade the mount to v2?
I'm off this week but if you're still having trouble next week I can help
*The namespace is optional for any task using this set of modules
from ansible-modules-hashivault.
This issue should probably be closed.
from ansible-modules-hashivault.
If there is anything else to this or problems I think a new issue would be best.
from ansible-modules-hashivault.
Related Issues (20)
- hashivault_init not work with seal type transit HOT 2
- hashivault_secret_engine should support diff and check
- Possible hvac breaking change HOT 1
- whitelist_externals is deprecated in tox
- auth_method missing return value
- auth_method missing diff support HOT 1
- Policy module is missing check and diff
- oidc_auth_method_config & oidc_auth_role missing diff mode
- hashivault_db_secret_engine_config error using vault server 1.12.x and 1.13.x HOT 9
- Re-add wrap_ttl to hashivault_approle_role_secret HOT 1
- configuring allowed_other_sans parameter in hashivault_pki_role broken HOT 2
- hashivault_secret_engine doesn't support seal wrap HOT 5
- Add coverage for 'userfilter' in hashivault_auth_ldap HOT 2
- Dependency on ansible>=5.0.0 HOT 3
- TLS authentication uses removed method
- hashivault_token_renew: call to client.renew_self_token not working anymore
- https://github.com/TerryHowe/ansible-modules-hashivault/pull/467 breaks installs that use pip based hvac HOT 1
- hashivault_k8s_auth_role does not detect changes in policies
- hashivault_identity_entity_alias didn't have custom_metada parameter HOT 3
- Bug on hashivault_approle_role_secret module HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ansible-modules-hashivault.