search

ansible-collections / community.hashi_vault

Ansible collection for managing and working with HashiCorp Vault.
https://docs.ansible.com/ansible/devel/collections/community/hashi_vault/index.html
GNU General Public License v3.0
80 stars 59 forks source link

Update `vault_token_create` orphan support to use new `hvac` method #301

Closed briantist closed 1 year ago

briantist commented 1 year ago
SUMMARY

The method in hvac that can be used to create orphan tokens through the /create-orphan endpoint is deprecated for removal in v1, but had no replacement.

With https://github.com/hvac/hvac/pull/869 a replacement is being introduced for the 1.0.0 release.

We'll need to update vault_token_create to use this new method.

We will prefer this one, but also fall back to the old one, so that we keep compatibility with older versions of hvac for a bit.

The best-effort fallback to the method that requires root can be removed without deprecation; it was put in place as a potential fallback in case hvac 1.0.0 was released with no replacement, so with a replacement now there's no need to use it.

ISSUE TYPE
COMPONENT NAME

vault_token_create

briantist commented 1 year ago

Now that hvac 1.0.0 is out the integration tests are broken until this issue is resolved.