izgeri
commented
4 years ago @mkkeffeler I'm sorry for the delayed response on this issue - can you please share which version of the Ansible role you are using? Also, how do you have the role configured in your playbook? The more info you can share (without sharing any credential values, of course), the better we'll be able to help identify the problem you're experiencing - in particular, which role variables do you specify?
Summary
A clear and concise description of what the bug is. Ran this playbook on a RHEL7 Server and get this when we run summon [root@pr-flex001-ic01 summon_test]# summon -p summon-conjur env Error fetching variable GCP_KEY: exit status 1: level=error msg="Failed creating a Conjur client: Environment variables and machine identity files satisfying at least one authentication strategy must be present!\n" For clarity, the secrets.yml file contains the secret in conjur that we tested by logging into conjur UI and accessing. So we know we can access that secret with this host identity.
Additionally when we manually set the CONJUR_AUTHN_API_KEY and CONJUR_AUTHN_LOGIN environment variables, it works. But we can't get it to work without us manually setting these variables, which is not ideal
Steps to Reproduce
Run playbook for onboarding, test logging into conjur and accessing the secret you are asking for in your secrets.yml
Expected Results
retrieve secret
Actual Results (including error logs, if applicable)
failure to retrieve secret
Additional Information
we can't really debug anything as there isn't docs on debugging this or a log file to check whats going on.