Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JX boot - running boot twice on a vault cluster overwrites secrets #5103

Closed
2 tasks
warrenbailey opened this issue Aug 16, 2019 · 1 comment
Closed
2 tasks

JX boot - running boot twice on a vault cluster overwrites secrets #5103

warrenbailey opened this issue Aug 16, 2019 · 1 comment
Assignees
@pmuir
Labels
area/boot issues in the `jx boot` command area/fox area/vault kind/bug Issue is a bug priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now.
Milestone
Sprint 12

Comments

@warrenbailey
Copy link

Summary

Switching from local storage to vault storage in a jx boot cluster results in an error and an incorrect value being stored in vault.

Steps to reproduce the behavior

  1. Create a new jx boot cluster with local storage enabled
  2. Update jx-requirements.yaml and change to vault storage
  3. Re-run 'jx boot'

Expected behavior

Secret storage is switched from local storage to vault storage

Actual behavior

'jx boot' fails and an incorrect value ends up in vault

Creating repository warrenbailey-org/environment-wbailey-boot-3-production
Creating Git repository warrenbailey-org/environment-wbailey-boot-3-production
error: failed to create git repository for gitURL https://github.com/warrenbailey-org/environment-wbailey-boot-3-production.git: creating the repository: Failed to create repository warrenbailey-org/environment-wbailey-boot-3-production due to: POST https://api.github.com/orgs/warrenbailey-org/repos: 401 Bad credentials []
error: failed to interpret pipeline file jenkins-x.yml: failed to run '/bin/sh -c jx step verify env' command in directory '.', output: ''

vault kv get secret/wbailey-boot-3/pipelineUser
====== Metadata ======
Key              Value
---              -----
created_time     2019-08-16T09:37:29.19057689Z
deletion_time    n/a
destroyed        false
version          1

==== Data ====
Key      Value
---      -----
token    local:wbailey-boot-3/pipelineUser:token

Jx version

The output of jx version is:

COPY OUTPUT HERE

Jenkins type

  • Serverless Jenkins X Pipelines (Tekton + Prow)
  • Classic Jenkins

Kubernetes cluster

Operating system / Environment
@warrenbailey warrenbailey added area/vault kind/bug Issue is a bug priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. labels Aug 16, 2019
@ccojocar ccojocar added the area/boot issues in the `jx boot` command label Aug 16, 2019
@warrenbailey warrenbailey added priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. and removed priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. labels Aug 16, 2019
@warrenbailey warrenbailey changed the title JX boot - switching from local storage to vault storage fails JX boot - run boot twice on a vault cluster overwrites secrets Aug 16, 2019
@warrenbailey warrenbailey changed the title JX boot - run boot twice on a vault cluster overwrites secrets JX boot - running boot twice on a vault cluster overwrites secrets Aug 16, 2019
@warrenbailey
Copy link
Author

Actually we've just seen this happening on a vault cluster when running jx boot for a second time.

Though the value in vault is of the format

token vault:wbailey-boot-3/pipelineUser:token

@cagiti cagiti mentioned this issue Aug 16, 2019
Closed
2 tasks
pmuir added a commit to pmuir/jx that referenced this issue Aug 16, 2019
@pmuir
fix: reprompt for missing values
469a6b3 
Fixes jenkins-x#5103
Signed-off-by: Pete Muir <pmuir@bleepbleep.org.uk>
@muirp-owner muirp-owner mentioned this issue Aug 16, 2019
Closed
2 tasks
pmuir added a commit to pmuir/jx that referenced this issue Aug 16, 2019
@pmuir
fix: reprompt for missing values
034cd13 
Fixes jenkins-x#5103
Signed-off-by: Pete Muir <pmuir@bleepbleep.org.uk>
pmuir added a commit to pmuir/jx that referenced this issue Aug 16, 2019
@pmuir
fix: reprompt for missing values
8a9b825 
Fixes jenkins-x#5103
Signed-off-by: Pete Muir <pmuir@bleepbleep.org.uk>
@pmuir pmuir added this to the Sprint 12 milestone Aug 20, 2019
daveconde pushed a commit to daveconde/jx that referenced this issue Apr 7, 2020
@pmuir
fix: reprompt for missing values
1003b02 
Fixes jenkins-x#5103
Signed-off-by: Pete Muir <pmuir@bleepbleep.org.uk>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pmuir pmuir

Labels
area/boot issues in the `jx boot` command area/fox area/vault kind/bug Issue is a bug priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now.
Projects
None yet
Milestone
Sprint 12
Development

Successfully merging a pull request may close this issue.

fix: reprompt for missing values pmuir/jx
4 participants
@pmuir @ccojocar @warrenbailey @deanesmith