hashivault_db_secret_engine_config error using vault server 1.12.x and 1.13.x #442
Comments
|
Tests run with latest, so I'm a bit surprised you are seeing this although there were some changes recently in that area I think |
|
I just kicked off the automated functional tests to see if anything shows up. |
|
Yeh, tests completely pass with latest which is 1.13.2 although there might not be test coverage for this. |
|
Hi there, |
|
I'm not sure I'm reading this right, but does |
|
Hi @TerryHowe yes, plugin_version seams mandatory if you can change the code in the module in testing I can test to see if the error goes away. |
|
Hi @TerryHowe, some news on this ? |
rtudo
added a commit
to rtudo/ansible-modules-hashivault
that referenced
this issue
Jun 7, 2023
|
quickly copy pasted to get this working in my local. ps - One can update the same changes in their local ansible modules file and unblock themselves |
|
Hi @TerryHowe thanks i saw the new version 5.1.1 and test it, now works fine thanks for the effort, thanks to you too @rtudo |
ghost
closed this as
StinkyBenji
referenced
this issue
in StinkyBenji/ansible-tekton-demo
Nov 1, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [ansible-modules-hashivault](https://togithub.com/TerryHowe/ansible-modules-hashivault) | `==4.6.3` -> `==5.1.2` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>TerryHowe/ansible-modules-hashivault (ansible-modules-hashivault)</summary> ### [`v5.1.2`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#512-2023-10-11) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/5.1.1...5.1.2) - Update hvac requirement. \[Terry Howe] - Issue [#​451](https://togithub.com/TerryHowe/ansible-modules-hashivault/issues/451) - added user filter parameter to ldap configuration. \[Emory Otott] - Issue [#​450](https://togithub.com/TerryHowe/ansible-modules-hashivault/issues/450) - fixed issue where I was adding unsupported seal_wrap param to kv v2 configuration and tune mount configuration method resulting in failed tests. \[Emory Otott] - Issue [#​450](https://togithub.com/TerryHowe/ansible-modules-hashivault/issues/450) added default value of false for parameter seal_wrap. \[Emory Otott] - [#​450](https://togithub.com/TerryHowe/ansible-modules-hashivault/issues/450) added seal wrap parameter to hashivault secret engine. \[Emory Otott] - Add general parameter timeout. \[Sebi] Default value of 30, as it is in hvac, to prevent inconsistency. - Add timeout as a general parameter. \[Sebi] - Fix output hashivault_approle_role_secret format. \[Aleksey Zhukov] - Token_role: correctly add new values instead of overriding. \[Benjamin Demarteau] - Hashivault_normalize_from_doc: don't swallow exceptions. \[Benjamin Demarteau] - Ssh_role,token_role: don't fail when encountering unknown options. \[Benjamin Demarteau] ### [`v5.1.1`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#511-2023-06-13) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/5.1.0...5.1.1) - Add plugin_version params for the vault api. \[Ankit] [https://github.com/TerryHowe/ansible-modules-hashivault/issues/442](https://togithub.com/TerryHowe/ansible-modules-hashivault/issues/442)s/442 ### [`v5.1.0`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#510-2023-04-18) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/5.0.0...5.1.0) - Refactor policy module. \[Cees Moerkerken] - Add diff, fixes [#​439](https://togithub.com/TerryHowe/ansible-modules-hashivault/issues/439). \[Cees Moerkerken] - Add path to return values. \[Cees Moerkerken] - Fix line length linting. \[Cees Moerkerken] - Only call enable or tune when changed. add comments. \[Cees Moerkerken] - Add result to return values, fixes [#​435](https://togithub.com/TerryHowe/ansible-modules-hashivault/issues/435). \[Cees Moerkerken] - Add diff, fixes [#​436](https://togithub.com/TerryHowe/ansible-modules-hashivault/issues/436). \[Cees Moerkerken] - Replace whitelist_externals with allowlist_externals. \[Cees Moerkerken] - Prevent keyerror on inconsistencies between the current and desired state. \[Cees Moerkerken] - Add diff and enable check mode support. \[Cees Moerkerken] - Warn user when an unknown value is processed by the option normalization. \[Benjamin Demarteau] - Extract option normalisation to module_utils and reverse logic to allow for unknown options. \[Benjamin Demarteau] - Create SECURITY.md. \[Terry Howe] ### [`v5.0.0`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#500-2022-11-08) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/4.7.1...5.0.0) - Remove deprecated modules. \[Terry Howe] - hashivault_approle_role_create - hashivault_approle_role_secret_create - hashivault_approle_role_secret_delete - hashivault_audit_enable - hashivault_auth_enable - hashivault_aws_ec2\_role_create - hashivault_mount_tune - hashivault_policy_delete - hashivault_policy_set - hashivault_policy_set_from_file - hashivault_secret_disable - hashivault_secret_enable - hashivault_userpass_create - hashivault_userpass_delete - Changes for hvac 1.x. \[Terry Howe] - Breaking Changes: - hashivault_approle_role_secret removed wrap_ttl for now - hashivault_generate_root_init otp added - hashivault_token_create removed lease and orphan (use no_parent) - ansible 5 only now ### [`v4.7.1`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#471-2022-11-07) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/4.7.0...4.7.1) - Disable hvac 1.x support for now. \[Terry Howe] - Update configuration. \[Terry Howe] - Add idempotency test to test_ldap_group. \[Matt Harlum] - Fix "enable ldap authentication" in test_ldap_group. \[Matt Harlum] - Fixup idempotency of hashivault_auth_ldap. \[Matt Harlum] - Add self_renew for hashivault_token_renew. \[Terry Howe] - Fix PKI tests from new hvac. \[Terry Howe] ### [`v4.7.0`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#470-2022-06-19) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/4.6.8...4.7.0) - Add a hashivault_ssh_role_list module. \[Szymon Soloch] - Add a hashivault_ssh_role module. \[Szymon Soloch] - Add a hashivault_token_role_list module. \[Szymon Soloch] - Add a hashivault_token_role module. \[Szymon Soloch] - Get better auth method tests. \[Terry Howe] - Fix auth_method idempotency. \[ayav09] - Fix tests. \[Terry Howe] - Fix docs build. \[Terry Howe] - Fix state comparison of lists. \[Jarno Antikainen] ### [`v4.6.8`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#468-2022-02-19) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/4.6.7...4.6.8) - Allow create nonexistent secret when state is update. \[Pavel Ezhov] ### [`v4.6.7`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#467-2022-02-08) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/4.6.6...4.6.7) - Fix db_secret_engine_config idempotency for password policy and non- default mount point. \[ayav09] - Fix hashivault_db_secret_engine_role delete idempotency. \[ayav09] - Readme updates. \[ayav09] - Specify type for states. \[Terry Howe] ### [`v4.6.6`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#466-2022-02-06) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/4.6.5...4.6.6) - Set no_log for a few things. \[Terry Howe] - Pep8 fixes. \[ayav09] - Fix root rotation statements in connection details. \[ayav09] - Remove unneeded lstrip. \[Terry Howe] - Fix hashivault_list URL with lstrip. \[Gregory Fredj] Right now it is using `lstrip('metadata/')` and if the path contains any letter in "metadata" it will be removed. lstrip() isn't the function to use but rather replace and only once. ### [`v4.6.5`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#465-2022-01-11) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/4.6.4...4.6.5) - Return secret version when reading kv v2 secret. \[Albin Kerouanton] - Transform lease TTLs into ints. \[Albin Kerouanton] - Removed static role_type oidc. \[Alex Vermulst] - Advise against strings in hashivault_pki_role params. \[Albin Kerouanton] - Fix docs build. \[Terry Howe] - Argspec\['password_policy'] \[Piotr Grabowski] - Password_policy. \[Piotr Grabowski] - Pass cas value to hvac when kv-v2 backend is used. \[Albin Kerouanton] - Rekey docs clarification. \[Terry Howe] - Work if no token_bound_cidr. \[Terry Howe] - Remove tests for deprecated modules. \[Terry Howe] - Reduce tests to 3.9. \[Terry Howe] - Introduce support for PKI allowed_domains_template. \[Eric Trexel] - Add token_type option to k8s_auth_role. \[ayav09] - Initial github actions workflow. \[ayav09] - Pep8 fixes. \[ayav09] - Replace deprecated hvac userpass methods. \[ayav09] ### [`v4.6.4`](https://togithub.com/TerryHowe/ansible-modules-hashivault/blob/HEAD/CHANGELOG.rst#464-2021-08-26) [Compare Source](https://togithub.com/TerryHowe/ansible-modules-hashivault/compare/4.6.3...4.6.4) - Require Ansible 4. \[Terry Howe] - Add pepy. \[Terry Howe] - Fix pki role not_before_duration. \[ayav09] </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/StinkyBenji/ansible-tekton-demo). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMS41IiwidXBkYXRlZEluVmVyIjoiMzcuMzEuNSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
This issue was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi @TerryHowe I upgrade vault server from
1.9.2up to1.13.2but had to downgrade to1.11.10because hashi_vault module got an error using this ansible module scpecific:hashivault_db_secret_engine_configi'm using:
Collection Version
community.hashi_vault 4.2.0
And locals
/collections/ansible_collections
Collection Version
community.hashi_vault 1.1.3
The ouput error:
In the API doc for 1.12.x and 1.13.x version appears this new Key: plugin_version , in the 1.11.x not exist this new key.
https://developer.hashicorp.com/vault/api-docs/secret/databases
the strange thing is in the document say "optional" not required.
any idea to when implement or update this module ?
thanks in advance
The text was updated successfully, but these errors were encountered: