Error: No extension vaults registered when adding secret

[fatherofinvention]

Describe the Bug

Hey @Badgerati . Maybe it's late and I'm just missing something, or maybe this is a bug. I am trying to use Pode's secret functions but am hitting an error. I've installed Microsoft.PowerShell.SecretManagement and Microsoft.PowerShell.SecretStore and they are imported. I ran Register-PodeSecretVault -Name 'MyVault' -ModuleName 'Microsoft.PowerShell.SecretStore' to register the vault, and which ostensibly worked without error, but when I run Get-PodeSecretVault -Name 'MyVault' I see a number of things that make me question if it succeeded and is fully ready to use but I'm not sure, maybe it is OK that these values are false:

When I run Test-PodeSecretVault -Name 'MyVault' it says 'True' so it seems like it should be ready to go, but then when I run `Set-PodeSecret -Key 'path/to/key' -Vault 'MyVault' -InputObject 'test' I get this:

So in spite of registering and testing the Vault, and in the docs seeing this I'm confused 🤷‍♂️. Have I done something wrong or missed a step?

Thank you!

[Badgerati]

I wouldn't worry too much about Unlock.Enabled and AutoImported, those are just properties Pode sets to know if the module needs unlocking or if it was automatically imported.

From what you've said it looks like it should be working, as you're correct, Pode will create/register the vault for you 🤔 Do you have a fuller script I could look at, and I'll test on my side to see what happens.

Thanks

[fatherofinvention]

For sure, it's just a few lines.

In server.ps1:

Import-Module -Name Microsoft.PowerShell.SecretManagement -Scope Global
Import-Module -Name Microsoft.PowerShell.SecretStore -Scope Global

And I start Pode via Start-PodeServer -FilePath '/main.ps1' -Threads 1 which has:

Register-PodeSecretVault -Name 'MyVault' -ModuleName 'Microsoft.PowerShell.SecretStore'
Set-PodeSecret -Key 'db/masterKey' -Vault 'MyVault' -InputObject 'test123!'
$secret:MyVault.'db/masterKey'

(still not sure the correct way to access secrets so that could be wrong, since I haven't been able to successfully store them yet) :)

I am running PowerShell 7.3.9 on Ubuntu:
Distributor ID: Ubuntu
Description: Ubuntu 22.04.3 LTS
Release: 22.04
Codename: jammy

[Badgerati]

The "Vault not found" is something I need to look into, but for the way to create/access secrets you're looking at a combo of creating a secret and then mounting a secret.

In your case, you'll want to create the secret in a vault first (Set-PodeSecret), and then mount it into Pode afterwards (Mount-PodeSecret) for use as a specific "SecretName". After that, you can use $secret:SecretName:

Set-PodeSecret -Key 'db/masterKey' -Vault 'MyVault' -InputObject 'test123!'
Mount-PodeSecret -Name 'SomeSecretName' -Vault 'MyVault' -Key 'db/masterKey'
$secret:SomeSecretName

[Badgerati]

I've added in some better default parameter handling when using SecretStore, but the crux of the issue was that a Password for the vault needed to be supplied, and then unlocked periodically.

I've put together some documentation on how to use SecretStore, but ultimately the -UnlockSecret parameter is required and will be properly handled when the commit above is released:

Register-PodeSecretVault -Name 'MyVault' -ModuleName 'Microsoft.PowerShell.SecretStore' -UnlockSecret 'My$ecret!'

Setting, Mounting, and using $secret: all remain unchanged.

[fatherofinvention]

Thanks @Badgerati !