We can create, delete, see status, but when it comes to list imported keys we just get 502 bad gateway. This is on the KES API.
Expected behavior
We should get the key(s).
Alternative:
We can use Vault pod to get those keys listed, that way it works:
/ # vault kv get kv/my-minio/some-key-name-8
========= Data =========
Key Value
--- -----
some-key-name-8 {"version":"v1","bytes":"1Xrfm4XjvL7MIdv9/H48uso5G0qZBNRJcy5iBqzQhG4=","created_at":"2023-03-14T23:42:00.729167884Z","created_by":"0395d273b16e28073c8004fc195d2411928e80e1d6aea65a50fe36094169c2c4"}
Additional context
What version of Go are you using (go version)?: 1.18 as the go.mod in this repo.
What operating system and processor architecture are you using (go env)?:
Linux kes-tenant-pool-0-0 5.15.49-linuxkit #1 SMP PREEMPT Tue Sep 13 07:51:32 UTC 2022 aarch64 aarch64 aarch64 GNU/Linux
Anything else that is important?: Yes, please take a look at this wiki: https://github.com/cniackz/public/wiki/How-to-import-key-in-KES, the important part is that we can perform many actions in the API except listing, and we are using latest KES Version available: 2023-02-15T14-54-37Z but this same issue can be reproduced in older versions like v0.22.3 or even v0.17.x; so maybe not new issue or maybe config issue but can't find the solution:
Additional info:
MinIO pods are down, so installed Ubuntu pod for communication
Have all certs in this location below that comes from our secrets in k8s and can communicate via curl
root@ubuntu:~/four-files# cd /root/four-files
root@ubuntu:~/four-files# ls
client.crt client.key private.key public.crt
Bug describtion
We can create, delete, see status, but when it comes to list imported keys we just get 502 bad gateway. This is on the KES API.
Expected behavior
We should get the key(s).
Alternative:
We can use Vault pod to get those keys listed, that way it works:
Additional context
What version of Go are you using (
go version
)?: 1.18 as the go.mod in this repo.What operating system and processor architecture are you using (
go env
)?:Additional info:
MinIO pods are down, so installed Ubuntu pod for communication
Have all certs in this location below that comes from our secrets in k8s and can communicate via curl