arnecls
commented
3 months ago I can reproduce the same error as seen on 1.15 on 1.13.11, too.
Open arnecls opened 3 months ago
arnecls
commented
3 months ago I can reproduce the same error as seen on 1.15 on 1.13.11, too.
arnecls
commented
3 months ago Bumping the github.com/hashicorp/vault/api dependency to v1.14.0 seems to fix it.
I did increase a couple of other versions, too.
Upgrading to github.com/hashicorp/vault/sdk to v0.12.0 lead to an error, that's why I kept it at v0.11.1.
I compiled the binary with GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -ldflags="-s -w".
The go.mod file now looks like this
require (
github.com/bradleyfalzon/ghinstallation v1.1.1
github.com/hashicorp/go-hclog v1.6.3
github.com/hashicorp/vault/api v1.14.0
github.com/hashicorp/vault/sdk v0.11.1
github.com/prometheus/client_golang v1.19.1
github.com/prometheus/common v0.53.0
gotest.tools v2.2.0+incompatible
)
icep87
commented
3 months ago @arnecls I'm getting the same error when installing it on Vault version 1.16.2. What Vault version are you running?
arnecls
commented
3 months ago I've been using 2.0.0 with vault 1.12 - that works. I've tried using 2.0.0 with vault 1.13.11 - that already does not work. I've tried 2.1.0 with vault 1.13, 1.15 and 1.16 - they all don't work.
I've created a PR with a fixed version. I think the vault/api package has a breaking change between 1.12 and 1.13. It might also be a linker flag, but that would not explain why version 2.0.0 is working with 1.12 but not 1.13.
sover02
commented
2 months ago I'm getting some inconsistencies with where this is working and where it is not. On my local dockerized instance, I'm not having any trouble enabling the engine in Vault version 1.16.2 (aarch64).
However, in my cloud deployment on x86_64, I see the above-mentioned issue. The architecture also affect the outcome for this bug?
➜ vault-local-dev ✗ vault secrets enable -path=github -plugin-name=vault-plugin-secrets-github plugin
Success! Enabled the vault-plugin-secrets-github secrets engineLocally deployed Vault Server (docker)
root@d3c24ef94650:/# arch
aarch64
root@d3c24ef94650:/# vault version
Vault v1.16.2 (c6e4c2d4dc3b0d57791881b087c026e2f75a87cb), built 2024-04-22T16:25:54Z
root@d3c24ef94650:/# vault status
Key Value
--- -----
Seal Type shamir
Initialized true
Sealed false
Total Shares 1
Threshold 1
Version 1.16.2
Build Date 2024-04-22T16:25:54Z
Storage Type inmem
Cluster Name vault-cluster-85fd8c95
Cluster ID 0a7febeb-1581-d95d-6284-1742fd76f874
HA Enabled falseLocal vault client (from Homebrew)
➜ vault-local-dev ✗ arch
arm64
➜ vault-local-dev ✗ vault version
Vault v1.14.4 ('ccdd48d1f7b95fc99fd11d67fc1c687576b338de+CHANGES'), built 2023-09-22T21:29:05Z
We recently started updating our vault 1.12 (on debian 11) installation to a more recent version (on debian 12) and found this plugin to not be working anymore.
The error happens when running
Vault 1.15 is complaining about a mismatched struct type
Vault 1.16 is complaining about an unrecognized remote plugin message:
Going through the list of suggested issues
EM_X86_64can be considered the same asamd64, so noldd yields
not a dynamic executableso I guess this is fine.The plugin has the same permission like another plugin that is working fine. The error output also suggests that there is no issue here.
I cannot check this, but the error from vault 1.15 might suggest that this is the actual issue.
I did not check older versions of vault yet, but I see that this plugin is compiled against vault API 1.12.11 which is also the version that we previously used and was also working.