Plugin not compatible with hashicorp docker images because of alpine
Elyytscha opened this issue · 0 comments
Elyytscha commented
TL;DR
install plugin as described in a k8s or containerized deployment:
{"level":"error","msg":"error configuring vault: error configuring secret engines for vault: error adding secrets engines: error mounting gen into vault: Error making API request.\n\nURL: POST https://vault.core-vault:8200/v1/sys/mounts/
gen\nCode: 400. Errors:\n\n* invalid backend version: 2 errors occurred:\n\t* Unrecognized remote plugin message: \nThis usually means\n the plugin was not compiled for this architecture,\n the plugin is missing dynamic-link libraries
necessary to run,\n the plugin is not executable by this process due to file permissions, or\n the plugin failed to negotiate the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n Path: /vault/plugins/vault-secr
ets-gen\n Mode: -rwxr-xr-x\n Owner: 100 [vault] (current: 100 [vault])\n Group: 1000 [vault] (current: 1000 [vault])\n ELF architecture: EM_X86_64 (current architecture: amd64)\n\n\t* Unrecognized remote plugin message: \nThis usuall
y means\n the plugin was not compiled for this architecture,\n the plugin is missing dynamic-link libraries necessary to run,\n the plugin is not executable by this process due to file permissions, or\n the plugin failed to negotiate
the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n Path: /vault/plugins/vault-secrets-gen\n Mode: -rwxr-xr-x\n Owner: 100 [vault] (current: 100 [vault])\n Group: 1000 [vault] (current: 1000 [vault])\n ELF
architecture: EM_X86_64 (current architecture: amd64)\n\n\n","time":"2023-07-31T11:59:37Z"}
/lib/ld-musl-x86_64.so.1: /vault/plugins/vault-secrets-gen: Not a valid dynamic program
as hashicorp fully opt ins into alpine, please release a fully static linked build which works within alpine
Expected behavior
No response
Observed behavior
No response
Vault CLI (or API) output
{"level":"error","msg":"error configuring vault: error configuring secret engines for vault: error adding secrets engines: error mounting gen into vault: Error making API request.\n\nURL: POST https://vault.core-vault:8200/v1/sys/mounts/
gen\nCode: 400. Errors:\n\n* invalid backend version: 2 errors occurred:\n\t* Unrecognized remote plugin message: \nThis usually means\n the plugin was not compiled for this architecture,\n the plugin is missing dynamic-link libraries
necessary to run,\n the plugin is not executable by this process due to file permissions, or\n the plugin failed to negotiate the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n Path: /vault/plugins/vault-secr
ets-gen\n Mode: -rwxr-xr-x\n Owner: 100 [vault] (current: 100 [vault])\n Group: 1000 [vault] (current: 1000 [vault])\n ELF architecture: EM_X86_64 (current architecture: amd64)\n\n\t* Unrecognized remote plugin message: \nThis usuall
y means\n the plugin was not compiled for this architecture,\n the plugin is missing dynamic-link libraries necessary to run,\n the plugin is not executable by this process due to file permissions, or\n the plugin failed to negotiate
the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n Path: /vault/plugins/vault-secrets-gen\n Mode: -rwxr-xr-x\n Owner: 100 [vault] (current: 100 [vault])\n Group: 1000 [vault] (current: 1000 [vault])\n ELF
architecture: EM_X86_64 (current architecture: amd64)\n\n\n","time":"2023-07-31T11:59:37Z"}
Vault server logs
{"level":"error","msg":"error configuring vault: error configuring secret engines for vault: error adding secrets engines: error mounting gen into vault: Error making API request.\n\nURL: POST https://vault.core-vault:8200/v1/sys/mounts/
gen\nCode: 400. Errors:\n\n* invalid backend version: 2 errors occurred:\n\t* Unrecognized remote plugin message: \nThis usually means\n the plugin was not compiled for this architecture,\n the plugin is missing dynamic-link libraries
necessary to run,\n the plugin is not executable by this process due to file permissions, or\n the plugin failed to negotiate the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n Path: /vault/plugins/vault-secr
ets-gen\n Mode: -rwxr-xr-x\n Owner: 100 [vault] (current: 100 [vault])\n Group: 1000 [vault] (current: 1000 [vault])\n ELF architecture: EM_X86_64 (current architecture: amd64)\n\n\t* Unrecognized remote plugin message: \nThis usuall
y means\n the plugin was not compiled for this architecture,\n the plugin is missing dynamic-link libraries necessary to run,\n the plugin is not executable by this process due to file permissions, or\n the plugin failed to negotiate
the initial go-plugin protocol handshake\n\nAdditional notes about plugin:\n Path: /vault/plugins/vault-secrets-gen\n Mode: -rwxr-xr-x\n Owner: 100 [vault] (current: 100 [vault])\n Group: 1000 [vault] (current: 1000 [vault])\n ELF
architecture: EM_X86_64 (current architecture: amd64)\n\n\n","time":"2023-07-31T11:59:37Z"}
Additional information
No response