Bug: Cannot execute write operations with valid JSON
Closed this issue ยท 5 comments
Thanks for the awesome tool, it is helping a lot in secret management!
We observed the following bug:
secret/
is akv
key/value secret storage in API version 1.- We create a secret:
vault kv put secret/test data=1
. - When using VSH to copy or move the secret, we experience a Go panic:
$ vsh -c "cp secret/test secret/test2"
panic: interface conversion: interface {} is string, not map[string]interface {}
goroutine 1 [running]:
github.com/fishi0x01/vsh/client.transformToKV1Secret(...)
/home/fishi0x01/Workspaces/fishi0x01/vsh/client/util.go:88
github.com/fishi0x01/vsh/client.(*Client).lowLevelWrite(0xc0003fe180, 0xc000130c21, 0xc, 0xc0000a0900, 0x2, 0x0)
/home/fishi0x01/Workspaces/fishi0x01/vsh/client/write.go:16 +0x3a7
github.com/fishi0x01/vsh/client.(*Client).Write(0xc0003fe180, 0xc000130c20, 0xd, 0xc0000a0900, 0x0, 0x0)
/home/fishi0x01/Workspaces/fishi0x01/vsh/client/client.go:113 +0x165
github.com/fishi0x01/vsh/cli.(*CopyCommand).copySecret(0xc0003fe200, 0xc000130c10, 0xc, 0xc000130c20, 0xd, 0xd, 0x2)
/home/fishi0x01/Workspaces/fishi0x01/vsh/cli/cp.go:79 +0xa0
github.com/fishi0x01/vsh/cli.(*CopyCommand).Run(0xc0003fe200, 0x1)
/home/fishi0x01/Workspaces/fishi0x01/vsh/cli/cp.go:60 +0x140
main.executor(0x7ffeefbff857, 0x1b)
/home/fishi0x01/Workspaces/fishi0x01/vsh/main.go:77 +0x178
main.main()
/home/fishi0x01/Workspaces/fishi0x01/vsh/main.go:177 +0x4a2
Other secrets, e.g. as given in the integration tests value=1
, work without issues.
System information:
- vsh v0.7.2
- Vault 1.3.1
Happy to provide further information as needed :)
Hi Tom ๐ ๐
Thx for submission. Looks interesting, because the copy case for KV1 is tested in this suite
From the stacktrace it seems that for some reason secret/test
is perceived as a KV2 secret. vsh
then tries to convert it to KV1, which fails, because it already is KV1. I will try to reproduce that issue in a test.
What's your permission policy on secret/
and secret/test
?
Great! The reproduced error looks familiar.
Thanks a lot for the help and we look forward to a fix! ๐ฅ
Should you need further information, we are more than happy to assist.
@tommartensen Latest master
should work with data
key. Please let me know if you still witness any issues.
@fishi0x01 Thanks a lot for the fast fix! I can confirm that latest master
works with our system.