-
Notifications
You must be signed in to change notification settings - Fork 4.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
database static roles and credential rotation bug #7222
Comments
Can you please provide your server logs? Usually you will get the EOF when there is a panic or some other error in the server logs. |
I have exactly the same problem.
The first refresh works fine. But the second stuck with TTL 0s.
I'm trying to refresh manually:
Server logs:
I use docker image : Vault 1.2.1 I hope it can help you... |
I spent a little bit of time looking at this. It looks like pathRotateRoleCredentialsUpdate calls popFromRotationQueueByKey expecting to get either a non-nil item or err, but it's actually possible to get back nil item and nil err. This happens when credRotationQueue.PopByKey doesn't find a queued item with the given name. I think the fix would be to make popFromRotationQueueByKey return queue.ErrEmpty if nothing is found, but I'm not familiar enough with the code to be confident of that. |
Server log is provided~ :) |
Describe the bug
when rotation_period is expired
run "vault write -f" & "vault delete" have error.
To Reproduce
Steps to reproduce the behavior:
Server syslog
Environment:
Vault Server Version (retrieve with vault status): 1.2.0
Vault CLI Version (retrieve with vault version): 1.2.0
Server Operating System/Architecture: ubuntu 16.04.6 x86_64
The text was updated successfully, but these errors were encountered: