Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VAULT-5094: Deal with identity_policies Set to nil in Secret Data Field #20636

Merged
merged 2 commits into from May 19, 2023
Merged

VAULT-5094: Deal with identity_policies Set to nil in Secret Data Field #20636

merged 2 commits into from May 19, 2023

Conversation

marcboudreau
Copy link
Contributor

When the vault login command is executed and a valid token that has associated Identity Policies in Namespaces other than the current namespace, an error is reported. This is due to the fact that the Vault CLI could not process the response from the Vault server for the Token Lookup request. Specifically, the identity_policies key in the response is set to nil. The Vault CLI code uses code (that has been fixed in this PR) that expects that either the identity_policies key to be absent in the response or present and set to either a string slice or a slice of values that can be casted to the string type.

This minor fix allows that code to deal with the identity_policies key being set to nil in the same manner as if it was absent.

VioletHynes
VioletHynes approved these changes May 18, 2023
View reviewed changes
Copy link
Contributor

@VioletHynes VioletHynes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great! Thanks for the extensive testing.

api/secret_test.go
t.Errorf("err was not nil, got %v", err)
}

// Verify that s.Data["policies"] are properly processed
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like this way of structuring bits of a test! Makes things a lot easier to understand at a glance. I might steal this :)

@maxb maxb mentioned this pull request May 19, 2023
Merged
@marcboudreau marcboudreau merged commit 382d318 into main May 19, 2023
89 checks passed
@marcboudreau marcboudreau deleted the marcboudreau/VAULT-5094/fix-error-when-identity-policies-are-nil branch May 19, 2023 13:51
@marcboudreau marcboudreau added backport/1.11.x backport/1.13.x Backport changes to `release/1.13.x` labels May 19, 2023
This was referenced May 19, 2023
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@VioletHynes VioletHynes VioletHynes approved these changes

Assignees
No one assigned
Labels
backport/1.13.x Backport changes to `release/1.13.x` pr/no-milestone
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@marcboudreau @VioletHynes