inspec/inspec-vault

Unhelpful error when no authn info provided

clintoncwolfe opened this issue · 2 comments

If:

  • the vault plugin is installed
  • and neither VAULT_ADDR nor VAULT_TOKEN is provided
  • and an input has no value (from any provider) but is accessed

then the output is unhelpful:

  ×  control-01: test/fixtures/profiles/profile-01/controls/profile-01.rb:1
     ×  Control Source Code Error test/fixtures/profiles/profile-01/controls/profile-01.rb:1
     no implicit conversion of nil into String

However, if VAULT_ADDR is provided but TOKEN is omitted, the vault gem provides a nice message:

  ×  control-01: test/fixtures/profiles/profile-01/controls/profile-01.rb:1
     ×  Control Source Code Error test/fixtures/profiles/profile-01/controls/profile-01.rb:1
     Missing Vault token! I cannot make requests to Vault without a token. Please
     set a Vault token in the client:

         Vault.token = "42d1dee5-eb6e-102c-8d23-cc3ba875da51"

     or authenticate with Vault using the Vault CLI:

         $ vault auth ...

     or set the environment variable $VAULT_TOKEN to the token value:

         $ export VAULT_TOKEN="..."

     Please refer to the documentation for more examples.

I am also facing same issue, please help me if anyone of them is aware of this
I have written custom script to work with hvault

I provided everything but same result is happening like this error

[2020-10-07T16:55:50-04:00] INFO: Reading Vault secret from secret/data/inspec/rms
Traceback (most recent call last):
34: from /usr/local/bin/inspec:357:in <main>' 33: from /usr/local/bin/inspec:357:in load'
32: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-bin-4.18.85/bin/inspec:11:in <top (required)>' 31: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/base_cli.rb:35:in start'
30: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/thor-0.20.3/lib/thor/base.rb:466:in start' 29: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/thor-0.20.3/lib/thor.rb:387:in dispatch'
28: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/thor-0.20.3/lib/thor/invocation.rb:126:in invoke_command' 27: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/thor-0.20.3/lib/thor/command.rb:27:in run'
26: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/cli.rb:287:in exec' 25: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/cli.rb:287:in each'
24: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/cli.rb:287:in block in exec' 23: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/runner.rb:192:in add_target'
22: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/profile.rb:73:in for_target' 21: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/profile.rb:67:in for_fetcher'
20: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/profile.rb:60:in for_path' 19: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/profile.rb:60:in new'
18: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/profile.rb:134:in initialize' 17: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:311:in block (2 levels) in class:InputRegistry'
16: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:144:in bind_profile_inputs' 15: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:264:in bind_inputs_from_metadata'
14: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:264:in each' 13: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:264:in block in bind_inputs_from_metadata'
12: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:281:in handle_raw_input_from_metadata' 11: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:91:in find_or_register_input'
10: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:98:in poll_plugins_for_update' 9: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:98:in each'
8: from /opt/chef-workstation/embedded/lib/ruby/gems/2.6.0/gems/inspec-core-4.18.85/lib/inspec/input_registry.rb:99:in block in poll_plugins_for_update' 7: from /Users/fg73/.inspec/gems/2.6.0/gems/inspec-vault-0.4.0/lib/inspec-vault/input.rb:67:in fetch'
6: from /Users/fg73/.inspec/gems/2.6.0/gems/vault-0.15.0/lib/vault/client.rb:433:in with_retries' 5: from /Users/fg73/.inspec/gems/2.6.0/gems/inspec-vault-0.4.0/lib/inspec-vault/input.rb:68:in block in fetch'
4: from /Users/fg73/.inspec/gems/2.6.0/gems/vault-0.15.0/lib/vault/api/logical.rb:47:in read' 3: from /Users/fg73/.inspec/gems/2.6.0/gems/vault-0.15.0/lib/vault/client.rb:187:in get'
2: from /Users/fg73/.inspec/gems/2.6.0/gems/vault-0.15.0/lib/vault/client.rb:242:in request' 1: from /Users/fg73/.inspec/gems/2.6.0/gems/vault-0.15.0/lib/vault/client.rb:333:in build_uri'
/Users/fg73/.inspec/gems/2.6.0/gems/vault-0.15.0/lib/vault/client.rb:333:in `join': no implicit conversion of nil into String (TypeError)