Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The plugin is not marked as a secret plugin when registered with a version #28936

Open
morganBlanloeil opened this issue Nov 18, 2024 · 1 comment
Open

The plugin is not marked as a secret plugin when registered with a version #28936

morganBlanloeil opened this issue Nov 18, 2024 · 1 comment
Labels
core Issues and Pull-Requests specific to Vault Core reproduced This issue has been reproduced by a Vault engineer ticketed

Comments

@morganBlanloeil
Copy link

Describe the bug
When we register a custom plugin, this plugin is not marked as secret plugin when we use vault API. This blocks the use of other endpoints like /sys/plugins/catalog/secret

To Reproduce
Steps to reproduce the behavior:

  1. Ensure you configure plugin_repository
  2. Run vault plugin register sha256=<sample-sha-256> -command=<plugin-name> version=1.0.1 secret <plugin-name>
  3. See error with curl -H 'X-Vault-Token: <my-token>' --request LIST https://127.0.0.1:8200/v1/sys/plugins/catalog/secret our plugin doest not appear

Expected behavior

Plugin should be marked as secret plugin. To Bypass we need to register plugin first without version !

Environment:

  • Vault Server Version 1.18

Thanks!
@stevendpclark stevendpclark added core Issues and Pull-Requests specific to Vault Core reproduced This issue has been reproduced by a Vault engineer labels Nov 18, 2024
@stevendpclark
Copy link
Contributor

Thanks @morganBlanloeil for filing the issue. I've confirmed what you are seeing. A few extra notes on the issue.

  1. The registered plugin is usable through a vault secrets enable ... command.
  2. The registered plugin does appear in the detailed section of the GET http://127.0.0.1:8200/v1/sys/plugins/catalog request but it does not show up within the data.secret section of the response
    a. This is why the registered plugin does appear in the output of vault plugin list secret

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
core Issues and Pull-Requests specific to Vault Core reproduced This issue has been reproduced by a Vault engineer ticketed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stevendpclark @morganBlanloeil