From 649741230bbcca7dd332f9e0e87402d8c1019d1a Mon Sep 17 00:00:00 2001 From: Dominik Richter Date: Tue, 19 Sep 2023 22:31:37 -0700 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20fix=20hashi=20vault=20(#1801)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Migrate https://github.com/mondoohq/cnquery/pull/1459 Fixes https://github.com/mondoohq/cnquery/issues/1476 Signed-off-by: Dominik Richter --- providers-sdk/v1/vault/hashivault/hashivault.go | 8 ++++++-- providers-sdk/v1/vault/hashivault/hashivault_test.go | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/providers-sdk/v1/vault/hashivault/hashivault.go b/providers-sdk/v1/vault/hashivault/hashivault.go index 0755703382..8172874612 100644 --- a/providers-sdk/v1/vault/hashivault/hashivault.go +++ b/providers-sdk/v1/vault/hashivault/hashivault.go @@ -11,12 +11,14 @@ import ( "strings" "github.com/hashicorp/vault/api" + "github.com/rs/zerolog/log" "go.mondoo.com/cnquery/providers-sdk/v1/vault" ) var notImplemented = errors.New("not implemented") func New(serverURL string, token string) *Vault { + log.Debug().Bool("token-sec", len(token) > 0).Msgf("Using HashiCorp Vault at %s", serverURL) return &Vault{ Token: token, APIConfig: api.Config{ @@ -65,6 +67,7 @@ func validKey(key string) error { // https://learn.hashicorp.com/tutorials/vault/versioned-kv?in=vault/secrets-management#step-2-write-secrets func (v *Vault) Get(ctx context.Context, id *vault.SecretID) (*vault.Secret, error) { + log.Debug().Str("secret", id.Key).Msg("gather secret from hashicorp-vault") c, err := v.client() if err != nil { return nil, err @@ -86,8 +89,9 @@ func (v *Vault) Get(ctx context.Context, id *vault.SecretID) (*vault.Secret, err } return &vault.Secret{ - Key: id.Key, - Data: secretBytes, + Key: id.Key, + Data: secretBytes, + Encoding: vault.SecretEncoding_encoding_json, }, nil } diff --git a/providers-sdk/v1/vault/hashivault/hashivault_test.go b/providers-sdk/v1/vault/hashivault/hashivault_test.go index f13ddb8071..34843cb475 100644 --- a/providers-sdk/v1/vault/hashivault/hashivault_test.go +++ b/providers-sdk/v1/vault/hashivault/hashivault_test.go @@ -40,7 +40,7 @@ func TestHashiVault(t *testing.T) { require.NoError(t, err) jsonSecret := make(map[string]string) - err = json.Unmarshal([]byte(newCred.Secret), &jsonSecret) + err = json.Unmarshal(newCred.Data, &jsonSecret) require.NoError(t, err) assert.Equal(t, jsonSecret, fields)