Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add entire object lookup, allow skipping SSL verify when auth_method is used #32182

Merged
merged 2 commits into from
Oct 26, 2017
Merged

Add entire object lookup, allow skipping SSL verify when auth_method is used #32182

merged 2 commits into from
Oct 26, 2017

Conversation

igor-pinchuk
Copy link
Contributor

Add ability to lookup entire objects in HashiCorp Vault.
When used with auth_method allow skipping SSL verify.

SUMMARY

Allows hashi_vault retrieve entire object from HashiCorp Vault
When auth_method is specified there was no way to disable SSL key verification.

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

hashi_vault

ANSIBLE VERSION
ansible 2.5.0 (devel a9942353fe) last updated 2017/10/07 10:31:06 (GMT -400)
  config file = /ansible/app-name-here/ansible.cfg
  configured module search path = [u'/home/ubuntu/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /opt/ansible-devel/lib/ansible
  executable location = /opt/ansible-devel/bin/ansible
  python version = 2.7.12 (default, Nov 19 2016, 06:48:10) [GCC 5.4.0 20160609]
ADDITIONAL INFORMATION

For my project it was essential to be able to get entire object (all key=value records) from HC Vault and this feature was not working as expected. I also could not disable SSL key verification when hashi_vault was used with auth_method
Another small bug fix is that now auth_method=token does not return error.

@igor-pinchuk
Update hashi_vault.py
fc4d659 
Add ability to lookup entire objects in HashiCorp Vault.
When used with auth_method allow skipping SSL verify.
@ansibot ansibot added affects_2.5 This issue/PR affects Ansible v2.5 bugfix_pull_request needs_triage Needs a first human triage before being processed. new_contributor This PR is the first contribution by a new community member. plugins/lookup support:core This issue/PR relates to code supported by the Ansible Engineering Team. needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. labels Oct 26, 2017
@samdoran
Return all elements in a more robust way
0729f5a 
If a trailing ':' is set or not, always return all secrets from a path. This was a bug mostly fixed by this PR.

Update examples.
@samdoran
Copy link
Contributor

rebuild_merge

@samdoran samdoran removed the needs_triage Needs a first human triage before being processed. label Oct 26, 2017
@ansibot ansibot removed the needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR. label Oct 26, 2017
@ansibot ansibot merged commit 6a6ea66 into ansible:devel Oct 26, 2017
@samdoran samdoran added this to TODO: Next release in 2.4.x Blocker List Oct 26, 2017
@samdoran samdoran moved this from TODO: Next release to Done in 2.4.2 in 2.4.x Blocker List Oct 26, 2017
@igor-pinchuk igor-pinchuk deleted the patch-1 branch November 23, 2017 17:29
@ansibot ansibot added bug This issue/PR relates to a bug. and removed bugfix_pull_request labels Mar 6, 2018
@ansible ansible locked and limited conversation to collaborators Apr 26, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
affects_2.5 This issue/PR affects Ansible v2.5 bug This issue/PR relates to a bug. new_contributor This PR is the first contribution by a new community member. plugins/lookup support:core This issue/PR relates to code supported by the Ansible Engineering Team.
Projects
No open projects
2.4.x Blocker List
Done in 2.4.2
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@igor-pinchuk @samdoran @ansibot