mkuzmin
commented
7 years ago Please try to add a slash at the start of the path, like %vault:/vault/path!key%.
Closed kobymeir closed 7 years ago
mkuzmin
commented
7 years ago Please try to add a slash at the start of the path, like %vault:/vault/path!key%.
kobymeir
commented
7 years ago I tried that and every variant i could of thought of (with/without slash), that didn't work.
I tried using vault from the agent using the vault executable and using the approle that is provided to the plugin and that works
Any other ideas on how can i debug it?
Albibek
commented
7 years ago Vault logs show, that path is requested "as is", i.e. with !key suffix. This behaviour is not supported by Vault, of course, !something suffix must be removed before fetching secret.
VladRassokhin
commented
7 years ago The proper format is %vault:/vault/path!/inner/path, note slash after exclamation mark.
Sorry for inconvenience, will update documentation.
VladRassokhin
commented
7 years ago On TeamCity agent side path separated by !/, first part is used to fetch secret from Vault, second to extract data from complex secret, like AWS credentials.
kobymeir
commented
7 years ago I managed to solve it using this syntax:
%vault:/vault/path!/key%
byumov
commented
6 years ago Documentation is still incorrect :( https://blog.jetbrains.com/teamcity/2017/09/vault/
ieugen
commented
3 years ago I get the same error with TeamCity 2020.2 using vault 1.7.1 and approle.
I configured the plugin to connect to Vault and the "Test connection" is showing that the connection is working.
But the parameter isn't working and i see the message:
In the build log
Also in the build parameters i see that the plugins seems to be installed:
TeamCity version: 2017.1.4 (build 47070) TeamCity HashiCorp Vault Support version: 0.1.43
How can i check the logs/debug why it's not working properly?