Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Plugins: Allow explicitly specifying the builtin version of a plugin #17289

Merged
merged 1 commit into from
Sep 22, 2022
Merged

Plugins: Allow explicitly specifying the builtin version of a plugin #17289

merged 1 commit into from
Sep 22, 2022

Conversation

tomhjp
Copy link
Contributor

@tomhjp tomhjp commented Sep 22, 2022

For example, if you have registered a versioned kubernetes auth plugin, omitting the version when mounting kubernetes auth will always select the versioned plugin, but you can specify the builtin version instead like so:

vault auth enable -plugin-version="v0.14.0+builtin" kubernetes

Also disallows registering any plugins with a builtin identifier in the metadata. I referenced here for the format and terminology of the tag metadata.

@tomhjp tomhjp requested review from swenson, tvoran and a team September 22, 2022 21:25
@tomhjp tomhjp added this to the 1.12 milestone Sep 22, 2022
@tomhjp tomhjp modified the milestones: 1.12, 1.12.0-rc1 Sep 22, 2022
@swenson
Copy link
Contributor

swenson commented Sep 22, 2022

This looks good in general, but when I tested it locally, I don't seem to get the version I requested:

$ vault plugin register -version=v1.2.4 -sha256=$(sha256sum dev-plugins/kv | cut -d' ' -f1) secret kv
$ vault secrets enable -plugin-version=v1.2.4 -path=kv124 kv
$ curl http://127.0.0.1:8200/v1/sys/mounts
...
    "kv124/": {
      "accessor": "kv_a2e94c5b",
      "config": {
        "default_lease_ttl": 0,
        "force_no_cache": false,
        "max_lease_ttl": 0
      },
      "deprecation_status": "supported",
      "description": "",
      "external_entropy_access": false,
      "local": false,
      "options": null,
      "plugin_version": "v1.2.4",
      "running_plugin_version": "v0.13.0+builtin",
      "running_sha256": "",
      "seal_wrap": false,
      "type": "kv",
      "uuid": "0a11311f-2b26-1294-87d0-0c34c6c218ed"
    },
    ...

Looks like the plugin_version is correctly requested, but it's still running the builtin version?

swenson
swenson approved these changes Sep 22, 2022
View reviewed changes
Copy link
Contributor

@swenson swenson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

The kv plugin seems to be special and always selects the builtin, but other plugin types seem fine.

@tomhjp tomhjp merged commit c36330f into main Sep 22, 2022
@tomhjp tomhjp deleted the allow-specifying-builtin-plugin-version branch September 22, 2022 22:15
Merged
@tomhjp tomhjp mentioned this pull request Sep 27, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@swenson swenson swenson approved these changes

@tvoran tvoran Awaiting requested review from tvoran

Assignees
No one assigned
Labels
core/plugin ecosystem/plugin pr/no-changelog
Projects
None yet
Milestone
1.12.0-rc1
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tomhjp @swenson