API changes in vault 0.10.0 causes test to fail.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
castellan |
Fix Committed
|
Undecided
|
Moisés Guimarães de Medeiros | ||
python-castellan (Ubuntu) |
Fix Released
|
Medium
|
James Page |
Bug Description
Since Vault 0.10.0 the K/V engine is versioned by default and returns the following warning:
Invalid path for a versioned K/V secrets engine. See the API docs for the appropriate API endpoints to use. If using the Vault CLI, use 'vault kv put' for this operation.
The warning can be seen at:
$ curl \
--header "X-Vault-Token: $VAULT_TOKEN" \
--request POST \
--data '{"value": "bar"}' \
http://
### Formatted JSON Data returned by curl
{
"request_
"lease_id":"",
"renewable"
"lease_
"data":null,
"wrap_info":null,
"warnings":[
"Invalid path for a versioned K/V secrets engine. See the API docs for the appropriate API endpoints to use. If using the Vault CLI, use 'vault kv put' for this operation."
],
"auth":null
}
---
The VaultKeyManager
The required fixes are in the url (add 'data/' after secret/) and the request data is now {"data":{...}} instead of just {...}.
$ curl \
--header "X-Vault-Token: $VAULT_TOKEN" \
--request POST \
--data '{"data":{"value": "bar"}}' \
http://
### Formatted JSON Data returned by curl
{
"request_
"lease_id":"",
"renewable"
"lease_
"data":{
"created_
"deletion_
"destroyed"
"version":1
},
"wrap_info":null,
"warnings":null,
"auth":null
}
The equivalent fixes are also required in VaultKeyManager
Changed in castellan: | |
status: | New → Confirmed |
Changed in castellan: | |
assignee: | nobody → Moisés Guimarães de Medeiros (moguimar) |
Changed in castellan: | |
status: | Confirmed → Fix Committed |
Changed in python-castellan (Ubuntu): | |
status: | New → Triaged |
assignee: | nobody → James Page (james-page) |
importance: | Undecided → Medium |
Changed in python-castellan (Ubuntu): | |
status: | Triaged → In Progress |
VaultKeyManager .delete( ) and VaultKeyManager .list() also needs fixing.