panic with Vault kv-v2 secret engine
apowers opened this issue · 2 comments
apowers commented
When attempting to read a key from Vault using the kv-v2 secret engine, envconsul panics with map[string]interface {}, not string
Envconsul version
$>envconsul -v
envconsul v0.7.3 (daa2947)
Configuration
vault {
address = "https://vault.local.domain"
token = "<redacted>"
ssl {
enabled = true
verify = false
}
}
secret {
no_prefix = true
}
Command
envconsul -config config.hcl -log-level debug -secret secrets/data/test env
Debug output
2018/05/29 17:24:02.832503 [DEBUG] (runner) setting secrets_data_test_data=map["database__password": "<redacted>"]from vault.read(secrets/data/test)
panic: interface conversion: interface {} is map[string]interface {}, not string
goroutine 6 [running]:
main.(*Runner).appendSecrets(0xc4201361c0, 0xc42021e600, 0xc420153d70, 0x7fb1e0, 0xc42005ba40, 0xc420044901, 0x46e30b)
/go/src/github.com/hashicorp/envconsul/runner.go:466 +0x988
main.(*Runner).Run(0xc4201361c0, 0x0, 0x0, 0x0)
/go/src/github.com/hashicorp/envconsul/runner.go:252 +0x25f
main.(*Runner).Start(0xc4201361c0)
/go/src/github.com/hashicorp/envconsul/runner.go:168 +0x555
created by main.(*CLI).Run
/go/src/github.com/hashicorp/envconsul/cli.go:119 +0x499
Expected behavior
Should set environment data.
Actual behavior
Panic
envconsul -config config.hcl -log-level debug -secret secrets/test env
results in "no secret exists at secrets/test"
Data can be read using curl.
curl --header "X-Vault-Token: <redacted>" --request GET --data @payload.json --insecure https://vault.local.domain/v1/secrets/data/test
Steps to reproduce
- Create a secret engine using kv-v2
- Create some data
- Attempt to read the data with envconsul
- GH-1234
- ...
mkradha commented
Is there an update on this?
We have enabled versioned backend. I am getting map[string]interface {}, not string
error when using envconsul.