Vault-cli env should reliably crash if it cannot access a value

Question

Vault-cli env should reliably crash if it cannot access a value

ewjoachim opened this issue 4 years ago · 5 comments

If vault-cli env is directed to use a path and it doesn't work (path doesn't exist or is forbidden or contains a template that crashes), it should crash
If vault-cli env is directed to use a path and one of the subpaths doesn't work, I guess it should crash too, but I'm less sure.

Answer 1 · 2020-10-09T16:54:44.000Z

vault-cli get-all should be aligned: display as much as possible in stdout but exit 1 if at least one value didn't work, and explain what didn't work in stderr.

Answer 2 · 2020-10-22T07:57:36.000Z

It could be great to let the user choose (with the help of an option) whether he wants vault-cli env to crash or not when vault-cli failed to load secrets (whatever the reason, bad path, hashicorp vault instance down, invalid token or cert, and so on).

Answer 3 · 2020-10-22T08:22:36.000Z

I'm ok with that, I think I'd prefer if by default it crashes consistently.

Answer 4 · 2020-10-22T09:38:55.000Z

If vault-cli env is directed to use a path and one of the subpaths doesn't work, I guess it should crash too, but I'm less sure.

I've added an error message but no crash

Answer 5 · 2020-11-06T13:17:46.000Z

@tlehoux Released in 1.5.1 :) You can either use vault env & crash if the secrets cannot be fetched, or vault env --force to launch your program anyway :)