After updating Quarkus to a new minor version (3.2.x -> 3.9.x), the quarkus-vault extension had a major bump -> 4.0.0.
After the update, our acceptance tests failed. The logs say that authentication to Vault fails as it is using a wrong approle mount path (it is using the default approle).
Logs
```txt
2024-04-18 09:33:52.527+0000 ERROR tId=976cf8af57b393e7b67990a2e8537da7 pId= sId=67b16da87277dc79 s=true [io.vipaso.identityApp.IdentityAppError$Companion] (vert.x-eventloop-thread-1) VaultClientException{operationName='VAULT [AUTH (approle)] Login', requestPath='http://vault.vault:8200/v1/auth/approle/login', status=400, body='{"errors":["invalid role ID"]}'}
at io.quarkus.vault.client.http.VaultHttpClient.throwVaultException(VaultHttpClient.java:80)
at io.quarkus.vault.client.http.VaultHttpClient.lambda$buildResponse$0(VaultHttpClient.java:33)
at java.base@21.0.2/java.util.concurrent.CompletableFuture.uniApplyNow(CompletableFuture.java:684)
at java.base@21.0.2/java.util.concurrent.CompletableFuture.uniApplyStage(CompletableFuture.java:662)
at java.base@21.0.2/java.util.concurrent.CompletableFuture.thenApply(CompletableFuture.java:2200)
at java.base@21.0.2/java.util.concurrent.CompletableFuture$MinimalStage.thenApply(CompletableFuture.java:2948)
at io.quarkus.vault.client.http.VaultHttpClient.buildResponse(VaultHttpClient.java:29)
at io.quarkus.vault.client.http.vertx.VertxVaultHttpClient.buildResponse(VertxVaultHttpClient.java:70)
at io.quarkus.vault.client.http.vertx.VertxVaultHttpClient.lambda$execute$0(VertxVaultHttpClient.java:33)
at java.base@21.0.2/java.util.concurrent.CompletableFuture$UniCompose.tryFire(CompletableFuture.java:1150)
at java.base@21.0.2/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:510)
at java.base@21.0.2/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2179)
at io.vertx.core.Future.lambda$toCompletionStage$3(Future.java:581)
at io.vertx.core.impl.future.FutureImpl$4.onSuccess(FutureImpl.java:176)
at io.vertx.core.impl.future.FutureBase.emitSuccess(FutureBase.java:66)
at io.vertx.core.impl.future.FutureImpl.tryComplete(FutureImpl.java:259)
at io.vertx.core.impl.future.PromiseImpl.onSuccess(PromiseImpl.java:49)
at io.vertx.core.impl.future.PromiseImpl.handle(PromiseImpl.java:41)
at io.vertx.core.impl.future.PromiseImpl.handle(PromiseImpl.java:23)
at io.vertx.ext.web.client.impl.HttpContext.handleDispatchResponse(HttpContext.java:397)
at io.vertx.ext.web.client.impl.HttpContext.execute(HttpContext.java:384)
at io.vertx.ext.web.client.impl.HttpContext.next(HttpContext.java:362)
at io.vertx.ext.web.client.impl.HttpContext.fire(HttpContext.java:329)
at io.vertx.ext.web.client.impl.HttpContext.dispatchResponse(HttpContext.java:291)
at io.vertx.ext.web.client.impl.HttpContext.lambda$null$7(HttpContext.java:507)
at io.vertx.core.impl.ContextInternal.dispatch(ContextInternal.java:279)
at io.vertx.core.impl.ContextInternal.dispatch(ContextInternal.java:261)
at io.vertx.core.impl.ContextInternal.lambda$runOnContext$0(ContextInternal.java:59)
at io.netty.util.concurrent.AbstractEventExecutor.runTask(AbstractEventExecutor.java:173)
at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:166)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:470)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:566)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base@21.0.2/java.lang.Thread.runWith(Thread.java:1596)
at java.base@21.0.2/java.lang.Thread.run(Thread.java:1583)
at org.graalvm.nativeimage.builder/com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine(PlatformThreads.java:833)
at org.graalvm.nativeimage.builder/com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine(PosixPlatformThreads.java:211)
```
Looking at the configuration documentation of the quarkus-vault extension it seems that the configuration did not change with the 4.0.0 bump.
We are using the env var QUARKUS_VAULT_AUTHENTICATION_APP_ROLE_AUTH_MOUNT_PATH to specify a custom approle mount path, which seems to be ignored now.
After updating Quarkus to a new minor version (
3.2.x
->3.9.x
), thequarkus-vault
extension had a major bump ->4.0.0
.After the update, our acceptance tests failed. The logs say that authentication to Vault fails as it is using a wrong approle mount path (it is using the default
approle
).Logs
```txt 2024-04-18 09:33:52.527+0000 ERROR tId=976cf8af57b393e7b67990a2e8537da7 pId= sId=67b16da87277dc79 s=true [io.vipaso.identityApp.IdentityAppError$Companion] (vert.x-eventloop-thread-1) VaultClientException{operationName='VAULT [AUTH (approle)] Login', requestPath='http://vault.vault:8200/v1/auth/approle/login', status=400, body='{"errors":["invalid role ID"]}'} at io.quarkus.vault.client.http.VaultHttpClient.throwVaultException(VaultHttpClient.java:80) at io.quarkus.vault.client.http.VaultHttpClient.lambda$buildResponse$0(VaultHttpClient.java:33) at java.base@21.0.2/java.util.concurrent.CompletableFuture.uniApplyNow(CompletableFuture.java:684) at java.base@21.0.2/java.util.concurrent.CompletableFuture.uniApplyStage(CompletableFuture.java:662) at java.base@21.0.2/java.util.concurrent.CompletableFuture.thenApply(CompletableFuture.java:2200) at java.base@21.0.2/java.util.concurrent.CompletableFuture$MinimalStage.thenApply(CompletableFuture.java:2948) at io.quarkus.vault.client.http.VaultHttpClient.buildResponse(VaultHttpClient.java:29) at io.quarkus.vault.client.http.vertx.VertxVaultHttpClient.buildResponse(VertxVaultHttpClient.java:70) at io.quarkus.vault.client.http.vertx.VertxVaultHttpClient.lambda$execute$0(VertxVaultHttpClient.java:33) at java.base@21.0.2/java.util.concurrent.CompletableFuture$UniCompose.tryFire(CompletableFuture.java:1150) at java.base@21.0.2/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:510) at java.base@21.0.2/java.util.concurrent.CompletableFuture.complete(CompletableFuture.java:2179) at io.vertx.core.Future.lambda$toCompletionStage$3(Future.java:581) at io.vertx.core.impl.future.FutureImpl$4.onSuccess(FutureImpl.java:176) at io.vertx.core.impl.future.FutureBase.emitSuccess(FutureBase.java:66) at io.vertx.core.impl.future.FutureImpl.tryComplete(FutureImpl.java:259) at io.vertx.core.impl.future.PromiseImpl.onSuccess(PromiseImpl.java:49) at io.vertx.core.impl.future.PromiseImpl.handle(PromiseImpl.java:41) at io.vertx.core.impl.future.PromiseImpl.handle(PromiseImpl.java:23) at io.vertx.ext.web.client.impl.HttpContext.handleDispatchResponse(HttpContext.java:397) at io.vertx.ext.web.client.impl.HttpContext.execute(HttpContext.java:384) at io.vertx.ext.web.client.impl.HttpContext.next(HttpContext.java:362) at io.vertx.ext.web.client.impl.HttpContext.fire(HttpContext.java:329) at io.vertx.ext.web.client.impl.HttpContext.dispatchResponse(HttpContext.java:291) at io.vertx.ext.web.client.impl.HttpContext.lambda$null$7(HttpContext.java:507) at io.vertx.core.impl.ContextInternal.dispatch(ContextInternal.java:279) at io.vertx.core.impl.ContextInternal.dispatch(ContextInternal.java:261) at io.vertx.core.impl.ContextInternal.lambda$runOnContext$0(ContextInternal.java:59) at io.netty.util.concurrent.AbstractEventExecutor.runTask(AbstractEventExecutor.java:173) at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:166) at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:470) at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:566) at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997) at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) at java.base@21.0.2/java.lang.Thread.runWith(Thread.java:1596) at java.base@21.0.2/java.lang.Thread.run(Thread.java:1583) at org.graalvm.nativeimage.builder/com.oracle.svm.core.thread.PlatformThreads.threadStartRoutine(PlatformThreads.java:833) at org.graalvm.nativeimage.builder/com.oracle.svm.core.posix.thread.PosixPlatformThreads.pthreadStartRoutine(PosixPlatformThreads.java:211) ```Looking at the configuration documentation of the quarkus-vault extension it seems that the configuration did not change with the 4.0.0 bump.
We are using the env var
QUARKUS_VAULT_AUTHENTICATION_APP_ROLE_AUTH_MOUNT_PATH
to specify a custom approle mount path, which seems to be ignored now.