Comments (1)
Hi @erikgb welcome to the new collection!
Oof that's unfortunate. This is another area where JWT seems to have non-standard behavior compared to other auth methods in hvac. I've opened an issue for this one too: hvac/hvac#655
I think you're right about the fix being easy.
For testing, I hope it wouldn't be too difficult, as it's just a matter of doing the same thing as now but mounting the auth method in a path that's not the default when we set it up.
I've been thinking about this recently as the IAM method was also lacking mount_path
support (oversight on my end, not an HVAC issue ; see #7 ), and there was no test for that either.
So one way to do this is to duplicate the config of every auth method, one with default mount point and one with a custom, and then run each set of auth method tests against both. It would be thorough but it would basically double testing time.
A more naive test might be to mount every auth method on a non-default path and always use the mount_point
parameter in tests. I am slightly worried we would miss some edge case where this plugin doesn't work correctly with the default mount, due to oversight on our part, unexpected behavior from hvac, or other.
I'll think a little on how to implement tests for this and the general issue of mount_point issues.
Thanks for reporting!
from community.hashi_vault.
Related Issues (20)
- Documentation about `auth_method` 'none' hashi_vault
- Update CI to include 2.16
- Add ability to delete an entire secret kv2 secret (delete metadata, not a secret version) HOT 2
- ERROR! couldn't resolve module/action 'community.hashi_vault'.
- USER_SITE path not included with lookups if the directory didn't exist when starting the playbook HOT 1
- Support hcp vault secrets
- Lookup failures
- CA verification does not work at all with hvac 2.0 on FreeBSD HOT 13
- No tilde expansion of token_path when configured in ansible.cfg HOT 1
- Setting options that don't exist in configuration fails now
- Allow token auto renew when playbook is executing
- Database Secrets Engine: Connection Management and Role Management from Ansible HOT 10
- Negative version numbers for accessing previous versions of a secret HOT 2
- Add the option to set the cert_auth_public/private_key parameter using variables HOT 3
- community.hashi_vault module not interpolate {{inventory_dir|basename}} HOT 2
- Update github release workflow
- vault_kv2_get lookup plugin variables interpolation HOT 4
- CI is failing sometimes(?) trying to use docker compose
- Where is url in with_community.hashi_vault.vault_read? HOT 1
- VAULT_ADDR regression HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from community.hashi_vault.