sethvargo/vault-secrets-gen

Plugin not compatible with hashicorp docker images because of alpine

Elyytscha opened this issue · 0 comments

TL;DR

install plugin as described in a k8s or containerized deployment:

{"level":"error","msg":"error configuring vault: error configuring secret engines for vault: error adding secrets engines: error mounting gen into vault: Error making API request.\n\nURL: POST https://vault.core-vault:8200/v1/sys/mounts/
gen\nCode: 400. Errors:\n\n* invalid backend version: 2 errors occurred:\n\t* Unrecognized remote plugin message: \nThis usually means\n  the plugin was not compiled for this architecture,\n  the plugin is missing dynamic-link libraries 
necessary to run,\n  the plugin is not executable by this process due to file permissions, or\n  the plugin failed to negotiate the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n  Path: /vault/plugins/vault-secr
ets-gen\n  Mode: -rwxr-xr-x\n  Owner: 100 [vault] (current: 100 [vault])\n  Group: 1000 [vault] (current: 1000 [vault])\n  ELF architecture: EM_X86_64 (current architecture: amd64)\n\n\t* Unrecognized remote plugin message: \nThis usuall
y means\n  the plugin was not compiled for this architecture,\n  the plugin is missing dynamic-link libraries necessary to run,\n  the plugin is not executable by this process due to file permissions, or\n  the plugin failed to negotiate
 the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n  Path: /vault/plugins/vault-secrets-gen\n  Mode: -rwxr-xr-x\n  Owner: 100 [vault] (current: 100 [vault])\n  Group: 1000 [vault] (current: 1000 [vault])\n  ELF 
architecture: EM_X86_64 (current architecture: amd64)\n\n\n","time":"2023-07-31T11:59:37Z"}
/lib/ld-musl-x86_64.so.1: /vault/plugins/vault-secrets-gen: Not a valid dynamic program

as hashicorp fully opt ins into alpine, please release a fully static linked build which works within alpine

Expected behavior

No response

Observed behavior

No response

Vault CLI (or API) output

{"level":"error","msg":"error configuring vault: error configuring secret engines for vault: error adding secrets engines: error mounting gen into vault: Error making API request.\n\nURL: POST https://vault.core-vault:8200/v1/sys/mounts/
gen\nCode: 400. Errors:\n\n* invalid backend version: 2 errors occurred:\n\t* Unrecognized remote plugin message: \nThis usually means\n  the plugin was not compiled for this architecture,\n  the plugin is missing dynamic-link libraries 
necessary to run,\n  the plugin is not executable by this process due to file permissions, or\n  the plugin failed to negotiate the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n  Path: /vault/plugins/vault-secr
ets-gen\n  Mode: -rwxr-xr-x\n  Owner: 100 [vault] (current: 100 [vault])\n  Group: 1000 [vault] (current: 1000 [vault])\n  ELF architecture: EM_X86_64 (current architecture: amd64)\n\n\t* Unrecognized remote plugin message: \nThis usuall
y means\n  the plugin was not compiled for this architecture,\n  the plugin is missing dynamic-link libraries necessary to run,\n  the plugin is not executable by this process due to file permissions, or\n  the plugin failed to negotiate
 the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n  Path: /vault/plugins/vault-secrets-gen\n  Mode: -rwxr-xr-x\n  Owner: 100 [vault] (current: 100 [vault])\n  Group: 1000 [vault] (current: 1000 [vault])\n  ELF 
architecture: EM_X86_64 (current architecture: amd64)\n\n\n","time":"2023-07-31T11:59:37Z"}

Vault server logs

{"level":"error","msg":"error configuring vault: error configuring secret engines for vault: error adding secrets engines: error mounting gen into vault: Error making API request.\n\nURL: POST https://vault.core-vault:8200/v1/sys/mounts/
gen\nCode: 400. Errors:\n\n* invalid backend version: 2 errors occurred:\n\t* Unrecognized remote plugin message: \nThis usually means\n  the plugin was not compiled for this architecture,\n  the plugin is missing dynamic-link libraries 
necessary to run,\n  the plugin is not executable by this process due to file permissions, or\n  the plugin failed to negotiate the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n  Path: /vault/plugins/vault-secr
ets-gen\n  Mode: -rwxr-xr-x\n  Owner: 100 [vault] (current: 100 [vault])\n  Group: 1000 [vault] (current: 1000 [vault])\n  ELF architecture: EM_X86_64 (current architecture: amd64)\n\n\t* Unrecognized remote plugin message: \nThis usuall
y means\n  the plugin was not compiled for this architecture,\n  the plugin is missing dynamic-link libraries necessary to run,\n  the plugin is not executable by this process due to file permissions, or\n  the plugin failed to negotiate
 the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n  Path: /vault/plugins/vault-secrets-gen\n  Mode: -rwxr-xr-x\n  Owner: 100 [vault] (current: 100 [vault])\n  Group: 1000 [vault] (current: 1000 [vault])\n  ELF 
architecture: EM_X86_64 (current architecture: amd64)\n\n\n","time":"2023-07-31T11:59:37Z"}

Additional information

No response