Upgrade Plugin using same storage backend

Question

Upgrade Plugin using same storage backend

manjeet-thadani opened this issue 6 years ago · 3 comments

How can we upgrade an existing custom vault plugin such that storage backend data remains intact and can be used with the new upgraded plugin?

Answer 1 · 2019-01-04T01:00:19.000Z

If you update an existing plugin catalog registration with the new SHA256 and (if necessary) executable name, it will be used when the Vault server is restarted, or directly with: https://www.vaultproject.io/api/system/plugins-reload-backend.html

Answer 2 · 2019-01-04T01:17:06.000Z

You shouldn't disable the existing plugin and instead follow @kalafut's steps above

Answer 3 · 2019-06-20T00:06:02.000Z

Hi! I'm having the same problem but unfortunately, I'm struggling in getting the proposed solution to work. Is there anything I'm doing wrong based on the commands below?

# Upon creation, plugin is mounted as following
vault secrets enable -path=myplugin -plugin-name=myplugin plugin

# Upon updating the plugin, I execute these commands
vault write sys/plugins/catalog/secret/myplugin sha_256=$HASH command=myplugin.$VERSION
vault write /sys/plugins/reload/backend plugin=myplugin