pbchekin
commented
9 months ago Vault namespaces are currently not supported, but it is relatively simple to implement. The only issue is that namespaces are the part of the enterprise API, so we cannot test them in CI, which uses open-source version of Vault. Any help with testing would be greatly appreciated).
We are trying to access the src vault which has our secret in some namespace.
Does this project support access to vault with namespace ? if yes what should be updated in value-sync.yaml
15:02:12 [INFO] Connecting to https://myvault.com/sys/MYNAMESPACE/ 15:02:12 [ERROR] Failed to connect to https://myvault.com/sys/MYNAMESPACE/: Error in vault response: Vault request failed: Response { url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("myvault.com")), port: None, path: "/v1/auth/approle/login", query: None, fragment: None }, status: 403, headers: {"content-type": "application/json", "content-length": "33", "cache-control": "no-store", "date": "Thu, 08 Feb 2024 15:02:12 GMT", "connection": "close", "set-cookie": "ApplicationGatewayAffinityCORS=58539bc320a69a8665248fa5f8bfc6d4; Path=/; SameSite=None; Secure", "set-cookie": "ApplicationGatewayAffinity=58539bc320a69a8665248fa5f8bfc6d4; Path=/", "strict-transport-security": "max-age=31536000 ; includeSubDomains"} }, error message:
{"errors":["permission denied"]} Could not read vault response.Error: VaultResponse("Vault request failed: Response { url: Url { scheme: \"https\", cannot_be_a_base: false, username: \"\", password: None, host: Some(Domain(\"myvault.com\")), port: None, path: \"/v1/auth/approle/login\", query: None, fragment: None }, status: 403, headers: {\"content-type\": \"application/json\", \"content-length\": \"33\", \"cache-control\": \"no-store\", \"date\": \"Thu, 08 Feb 2024 15:02:12 GMT\", \"connection\": \"close\", \"set-cookie\": \"ApplicationGatewayAffinityCORS=58539bc320a69a8665248fa5f8bfc6d4; Path=/; SameSite=None; Secure\", \"set-cookie\": \"ApplicationGatewayAffinity=58539bc320a69a8665248fa5f8bfc6d4; Path=/\", \"strict-transport-security\": \"max-age=31536000 ; includeSubDomains\"} }, error message:{\"errors\":[\"permission denied\"]}\nCould not read vault response.", Response { url: Url { scheme: "https", cannot_be_a_base: false, username: "", password: None, host: Some(Domain("myvault.com")), port: None, path: "/v1/auth/approle/login", query: None, fragment: None }, status: 403, headers: {"content-type": "application/json", "content-length": "33", "cache-control": "no-store", "date": "Thu, 08 Feb 2024 15:02:12 GMT", "connection": "close", "set-cookie": "ApplicationGatewayAffinityCORS=58539bc320a69a8665248fa5f8bfc6d4; Path=/; SameSite=None; Secure", "set-cookie": "ApplicationGatewayAffinity=58539bc320a69a8665248fa5f8bfc6d4; Path=/", "strict-transport-security": "max-age=31536000 ; includeSubDomains"} })