search

hashicorp / vault-plugin-database-couchbase

Mozilla Public License 2.0
6 stars 5 forks source link

Incompatible API version with plugin. Plugin version: 5, Client versions: [3 4] #15

Closed rbuder closed 3 years ago

rbuder commented 3 years ago

Hello,

When following the instructions to build and install the plugin, during initialization I hit the following error:

vagrant@ubuntu1804:~/vault$ vault write database/config/insecure-couchbase plugin_name="couchbase-database-plugin" hosts="localhost" username="Administrator" password="password" bucket_name="travel-sample" allowed_roles="insecure-couchbase-admin-role,insecure-couchbase-*-bucket-role,static-account"
Error writing data to database/config/insecure-couchbase: Error making API request.

URL: PUT http://127.0.0.1:8200/v1/database/config/insecure-couchbase
Code: 400. Errors:

* error creating database object: Incompatible API version with plugin. Plugin version: 5, Client versions: [3 4]

Steps to reproduce Run the latest version of vault:

vagrant@ubuntu1804:~/vault-plugin-database-couchbase$ vault status
Key             Value
---             -----
Seal Type       shamir
Initialized     true
Sealed          false
Total Shares    5
Threshold       3
Version         1.5.5
Cluster Name    vault-cluster-517257d5
Cluster ID      e54372e4-fbd8-354c-cdcb-8ee8dca30915
HA Enabled      false

Build the current version of the plugin:

vagrant@ubuntu1804:~/vault-plugin-database-couchbase$ git checkout v0.2.1
Note: checking out 'v0.2.1'.

You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.

If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:

  git checkout -b <new-branch-name>

HEAD is now at b161a60 Removing tls argument from Serve call (#13) (#14)
vagrant@ubuntu1804:~/vault-plugin-database-couchbase$ git branch
* (HEAD detached at v0.2.1)
  master

Install the plugin (DB engine already enabled):

vagrant@ubuntu1804:~/vault$ SHA256=$(shasum -a 256 plugins/couchbase-database-plugin | cut -d' ' -f1)
vagrant@ubuntu1804:~/vault$ vault write sys/plugins/catalog/database/couchbase-database-plugin sha256=$SHA256         command=couchbase-database-plugin
Success! Data written to: sys/plugins/catalog/database/couchbase-database-plugin

Initialize the plugin.

vagrant@ubuntu1804:~/vault$ vault write database/config/insecure-couchbase plugin_name="couchbase-database-plugin" hosts="localhost" username="Administrator" password="password" bucket_name="travel-sample" allowed_roles="insecure-couchbase-admin-role,insecure-couchbase-*-bucket-role,static-account"
Error writing data to database/config/insecure-couchbase: Error making API request.

URL: PUT http://127.0.0.1:8200/v1/database/config/insecure-couchbase
Code: 400. Errors:

* error creating database object: Incompatible API version with plugin. Plugin version: 5, Client versions: [3 4]

I've tested this on the following two environments with the same results:

vagrant@ubuntu1804:~/vault$ go version
go version go1.15.3 linux/amd64
vagrant@ubuntu1804:~/vault$ uname -a
Linux ubuntu1804.localdomain 4.15.0-121-generic #123-Ubuntu SMP Mon Oct 5 16:16:40 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
bash-3.2$ go version
go version go1.15.3 darwin/amd64
bash-3.2$ uname -a
Darwin Ronalds-MacBook-Pro.local 19.6.0 Darwin Kernel Version 19.6.0: Mon Aug 31 22:12:52 PDT 2020; root:xnu-6153.141.2~1/RELEASE_X86_64 x86_64

I may be missing something glaringly obvious, please advise. Thanks for the great work and best regards.

rbuder commented 3 years ago

Some more digging seems to point to these changes.

https://github.com/hashicorp/vault-plugin-database-couchbase/pull/10

So for the time being I'll look at v0.1.0.

tomhjp commented 3 years ago

Hi @rbuder, thanks for your interest in the plugin, and for opening this issue. Looks like you've found the (correct) solution, but I can provide a bit of additional context.

As part of the Vault 1.6 release, we've been updating and simplifying the database plugin interface. You can find a preview of the updated documentation and background here. The new version is version 5, and because database plugins are normally consumed as the version bundled into the main Vault binary, we decided not to do the work to provide backwards compatibility. #10 migrated this plugin to v5, so the v0.1.0 tag is indeed the last version of this particular plugin that is compatible with Vault 1.5.x releases. New versions of Vault going forwards (1.6+) will support both old and new plugin interfaces until a deprecation date not yet set.

With 1.6 being the first Vault version that this plugin will be bundled with, couchbase is in a slightly different position to the rest of the plugins, and my apologies that we didn't make this clear in the installation instructions; I'll add a note to the readme.

rbuder commented 3 years ago

Thanks @tomhjp, much appreciated!