Running Vault with a prefixed url is not supported!

[jsl-hpe]

It seems like the hashicorp vault integration is quite broken, even following the basic example provided here: https://github.com/getsops/sops?tab=readme-ov-file#26encrypting-using-hashicorp-vault

When running this with SOPS 3.7.3, it seems that all hashicorp vault endpoints are being flagged as using an inappropriate prefixed url.

$ docker run -d -p8200:8200 vault:1.2.0 server -dev -dev-root-token-id=toor
91993dd26b61e8db9e81001ced757ecd3a48560be94ebda32058491dc660dd50
$ docker exec -it 91993dd26b61 /bin/sh
/ # export VAULT_ADDR=http://127.0.0.1:8200
/ # export VAULT_TOKEN=toor
/ # vault secrets enable -path=sops transit
Success! Enabled the transit secrets engine at: sops/
/ # vault write sops/keys/firstkey type=rsa-4096
Success! Data written to: sops/keys/firstkey

Continuing on with the example, we should see SOPS create a new file using this same information:

$ export VAULT_ADDR=http://127.0.0.1:8200
$ export VAULT_TOKEN=toor
$ sops encrypt --hc-vault-transit $VAULT_ADDR/v1/sops/keys/firstkey vault_example.yml
running Vault with a prefixed url is not supported! (Format has to be like https://vault.example.com:8200/v1/transit/keys/keyName)

Indeed, even using the exact URI provided in the error response results in the same thing:

$ sops encrypt --hc-vault-transit https://vault.example.com:8200/v1/transit/keys/keyName vault_example.yml
running Vault with a prefixed url is not supported! (Format has to be like https://vault.example.com:8200/v1/transit/keys/keyName)

[jsl-hpe]

This appears to be resolved in the latest version (sops 3.9.1).