You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
I am implementing VaultStaticSecret with VSO. VaultDynamicSecret works fine with the same service account and permissions but VaultStaticSecret gives the following error:
URL: GET https://vault.vault.svc.cluster.local:8200/v1/kv-v2/data/ns/appname
Code: 403. Errors:
* 1 error occurred:
* permission denied
{"type": "Warning", "object": {"kind":"VaultStaticSecret","namespace":"ns","name":"vault-static-secret-appname","uid":"0d8fe0f4-5172-4897-9995-314b5e52e040","apiVersion":"secrets.hashicorp.com/v1beta1","resourceVersion":"1758957"}, "reason": "VaultClientError"}
2024-05-07T18:33:41Z DEBUG events Failed to read Vault secret: Error making API request.
To Reproduce
Steps to reproduce the behavior:
Deploy VSO with the following yaml file with the following VSO custom resources.
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Warning VaultClientError 74s (x25 over 2m52s) VaultStaticSecret Failed to read Vault secret: Error making API request.
URL: GET https://vault.vault.svc.cluster.local:8200/v1/kv-v2/data/ns/appname
Code: 403. Errors:
* 1 error occurred:
* permission denied
Expected behavior
VaultStaticSecret should create a kv secret in the namespace and inject in the pod.
Firstly, I assumed its the problem with tls so I deployed vault without tls and still the VSO was not able to create Static Secrets but was able to create dynamic secrets.
The text was updated successfully, but these errors were encountered:
I have faced similar issue Reconciler error. Try to disable and re-enable kubernetes auth in vault server and configure and add the role and try again.
@asttle Thanks for your comment and suggestion, I followed your steps, unfortunately, it did not work for me. I have deployed vault and 2 different server and also on minikube on my mac, I am facing the same issue
Describe the bug
I am implementing VaultStaticSecret with VSO. VaultDynamicSecret works fine with the same service account and permissions but VaultStaticSecret gives the following error:
To Reproduce
Steps to reproduce the behavior:
vault deployed with below values.yaml override:
VaultAuth.yml
Application deployment:
kubectl describe VaultStaticSecret
output.Expected behavior
VaultStaticSecret should create a kv secret in the namespace and inject in the pod.
Environment
Additional context
I followed this guide to deploy the vault
https://developer.hashicorp.com/vault/tutorials/kubernetes/kubernetes-minikube-tls
Firstly, I assumed its the problem with tls so I deployed vault without tls and still the VSO was not able to create Static Secrets but was able to create dynamic secrets.
The text was updated successfully, but these errors were encountered: