search

rajanadar / VaultSharp

A comprehensive cross-platform .NET Library for HashiCorp's Vault, a secret management tool
http://rajanadar.github.io/VaultSharp
Apache License 2.0
493 stars 134 forks source link

Read deleted KV secret #343

Closed Zetanova closed 2 months ago

Zetanova commented 9 months ago

Describe the bug It is not possible to read the last KV secret if it is soft deleted or destroyed. The returned json data is null and deserialization fails.

VaultSharp Version 1.13.01

Vault Version 1.12.7

Does this work with Vault CLI? Yes

Sample Code Snippet

var secret = await vault.V1.Secrets.KeyValue.V2.ReadSecretAsync<MySecret>(secretPath, mountPoint: "mymount")

Exception Details/Stack Trace/Error Message

VaultSharp.Core.VaultApiException: {"request_id":"a17a2573-2ee5-a6c4-f9f4-b6e5277c3e46","lease_id":"","renewable":false,"lease_duration":0,"data":{"data":null,"metadata":{"created_time":"2024-01-20T18:22:51.137073758Z","custom_metadata":null,"deletion_time":"","destroyed":true,"version":2}},"wrap_info":null,"warnings":null,"auth":null}

Any additional info secret.Data.Data should be marked and handled as Nullable

rajanadar commented 2 months ago

hi @Zetanova

This is currently not possible in C# across all .net versions. Nullable constraints (where T : class?) is only available from language version 8.0.

For the moment, please try with a nullable type on your side (maybe MyObject?) or dictionary as a short term solution. Once VaultSharp goes to 8.0 language version as the minimum, this can be added.