m4dcoder
commented
5 years ago It looks like the decrypt parameter is not correctly formatted in the st2kv function. I tested both system and user scoped key value pairs. Here's the workflow I use to test and the results.
version: '2.0'
examples.mistral-yaql-st2kv:
input:
- key_name
- decrypt
output:
value: <% $.value %>
tasks:
task1:
action: core.local
input:
cmd: "echo <% st2kv($.key_name, decrypt => $.decrypt) %>"
publish:
value: <% task(task1).result.stdout %>Result
ubuntu@cadmus:~/st2$ st2 key set foobar foobar -s system -e
+------------------+--------------------------------------------------------------+
| Property | Value |
+------------------+--------------------------------------------------------------+
| name | foobar |
| value | 30303030306D09F7D737468A5185C2DCF37B76E4EC6CBAC29E189FEF56E4 |
| | 3604165BB57EA3CCC15CFEAE9BFDA429564B2F66DD7A94D6D2F2AF |
| scope | st2kv.system |
| expire_timestamp | |
+------------------+--------------------------------------------------------------+
ubuntu@cadmus:~/st2$ st2 key set fubar fubar -s user -e
+------------------+--------------------------------------------------------------+
| Property | Value |
+------------------+--------------------------------------------------------------+
| name | fubar |
| value | 303030303065DBC87CEE9F662561779200548335C3C4290B06B042917DD6 |
| | 32CF79E1D26E961412F0CCCD88DC9AF964C76EBDFCA07D883D42D4 |
| scope | st2kv.user |
| expire_timestamp | |
+------------------+--------------------------------------------------------------+
ubuntu@cadmus:~/st2$ st2 run examples.mistral-yaql-st2kv key_name="system.foobar" decrypt=True
.
id: 5bff01d00a08a40e27dd2f35
action.ref: examples.mistral-yaql-st2kv
parameters:
decrypt: true
key_name: system.foobar
status: succeeded
result_task: task1
result:
failed: false
return_code: 0
stderr: ''
stdout: foobar
succeeded: true
start_timestamp: Wed, 28 Nov 2018 21:00:00 UTC
end_timestamp: Wed, 28 Nov 2018 21:00:01 UTC
+--------------------------+------------------------+-------+------------+-----------------+
| id | status | task | action | start_timestamp |
+--------------------------+------------------------+-------+------------+-----------------+
| 5bff01d00a08a40e27dd2f38 | succeeded (1s elapsed) | task1 | core.local | Wed, 28 Nov |
| | | | | 2018 21:00:00 |
| | | | | UTC |
+--------------------------+------------------------+-------+------------+-----------------+
ubuntu@cadmus:~/st2$ st2 run examples.mistral-yaql-st2kv key_name="fubar" decrypt=True
.
id: 5bff01db0a08a40e27dd2f3a
action.ref: examples.mistral-yaql-st2kv
parameters:
decrypt: true
key_name: fubar
status: succeeded
result_task: task1
result:
failed: false
return_code: 0
stderr: ''
stdout: fubar
succeeded: true
start_timestamp: Wed, 28 Nov 2018 21:00:11 UTC
end_timestamp: Wed, 28 Nov 2018 21:00:13 UTC
+--------------------------+------------------------+-------+------------+-----------------+
| id | status | task | action | start_timestamp |
+--------------------------+------------------------+-------+------------+-----------------+
| 5bff01dc0a08a40e27dd2f3d | succeeded (0s elapsed) | task1 | core.local | Wed, 28 Nov |
| | | | | 2018 21:00:12 |
| | | | | UTC |
+--------------------------+------------------------+-------+------------+-----------------+
SUMMARY
Not able to fetch Decrypted value of key stored in the datastore through command
<% st2kv('testkey',decrypt=true) %>inside a mistral-v2 workflow. It is giving back the encrypted value of the key. According to the documentation : https://docs.stackstorm.com/mistral_yaql.html , as it says in note i did the same.ISSUE TYPE
STACKSTORM VERSION
st2 2.9.1, on Python 2.7.5
OS / ENVIRONMENT / INSTALL METHOD
CentOS 7
STEPS TO REPRODUCE
EXPECTED RESULTS
testval
ACTUAL RESULTS
30303030302A93583622D1B1145E678F02CF014691DD6DC1FAC7CE6D1C8597F3AA29ED52305ABA1C1B42E569123A7220FD50B37B12B430E893