Stack Overflow
Stack Overflow

Questions tagged [vault]

VAULT QUESTIONS MUST BE DEVELOPER-RELATED. Vault is an open-source platform designed to store secrets securely, Questions about configuring vault should be asked on https://serverfault.com. Not to be confused with [ansible-vault].

300 questions
1
vote
1 answer

is it possible to not override Docker Entrypoint while passing COMMAND in k8s pod defination

Trying to export vault secrets as an environment variable to k8s pod using vault injector. Following vault documentation https://developer.hashicorp.com/vault/docs/platform/k8s/injector/examples#environment-variable-example as mention in example,…
Meet101
  • 711
  • 4
  • 18
  • 35
1
vote
1 answer

Kubernetes pod export environment variables from command

I am trying to export environment to an Openshift pod via command. Currently I am able to leverage the command argument to run shell scripts (echo hi as example): containers: command: ['sh', '-c', 'echo hi &&…
Dodd-learning
  • 98
  • 7
1
vote
0 answers

Use keypass vault into jenkinsfile

I have keypass vault credentials where I have stored the different credentials. I need to integrate it into my jenkinsfile where I can use the credentials for performing different acitons. Can anybody help with some link or steps how can I…
Kushagra Srivastava
  • 11
  • 1
1
vote
1 answer

Hashicorp Vault - Curl fails permission denied - Can't delete a Secret - Created policy with delete capability and token using policy

vault --version: Vault v1.9.2 I have a policy file created, with few capabilities, especially delete: # cat ~/.my_policy.hcl path "secret/*" { capabilities = ["create", "read", "update", "list", "delete"] } Created new policy using this file and…
AKS
  • 16,482
  • 43
  • 166
  • 258
1
vote
1 answer

Wrapping a one time command that returns sensitive json

I'm having trouble coming up with a sensible solution to my issue. I'm attempting to automate the creation of a ROSA cluster using my companies standard automation tool. There is no provider for ROSA, so I'm essentially wrapping the actions using a…
Steve Stevens
  • 355
  • 4
  • 15
1
vote
0 answers

Secrets are not read from the vault after migrating to Spring Boot 3 - Getting an error

We are in process of migrating spring boot 3 from 2.7.7(We did an incremental upgrade from 2.6.8 to 2.7.7 and then to 3.0.0). We have almost got our application working except for the secrets are not read from the vault after migrating to Spring…
Arun
  • 11
  • 3
1
vote
1 answer

Unable to init in Vault Raft

Installed vault in a new machine, and gave it the following config: cluster_addr = "cor-infravault101.test.ag3:8201" api_addr = "cor-infravault101.test.ag3:8200" disable_mlock = true listener "tcp" { address = "0.0.0.0:8200" …
Gautam Somani
  • 456
  • 1
  • 4
  • 18
1
vote
1 answer

Mount secrets volumes with CSI driver and vault provider in kubernetes when the pod has a toleration and affinity

I have a kubernetes cluster with two node groups in AWS. One for Spot instances and the other for on demand instances. I have installed Vault and CSI driver to manage the secrets. When I create this deployment everything works fine, the pods are…
Mateo Arboleda
  • 31
  • 5
1
vote
0 answers

How to explicitly parse username and password in docker.withRegistry() method of the dockerhub plugin used in a Jenkins Declarative pipeline

I'm trying to push a Docker image from Jenkins to DockerHub using a declarative pipeline. The DockerHub's credentials are stored in Vault. And, I wish to use the Docker plugin in my pipeline's syntax. My following tries were successful: If I store…
matak8s
  • 497
  • 4
  • 7
1
vote
1 answer

GitLab CI can't access Vault

GitLab Community Edition 14.2.7 curl -s -k -X GET https://gitlab.domain.com/-/jwks {"keys":[{"kty":"RSA","kid":"xUeI9jobL................194Xg0gj5DSct8O__KR6I8RoTTBACp1lRYSlBO4w","use":"sig","alg":"RS256"}]} In Vault: Created a secret: vault kv put…
Maksim
  • 197
  • 2
  • 12
1
vote
1 answer

Hashicorp Vault Server With Azure Storage Blob

I am trying to setup the hashicorp Vault server in a Azure VM to connect to a storage blob. I tried uploading files from the VM and listings the blob using the CLI from the VM and was succesful. However, when I try to run my vault server I am…
user1304271
  • 23
  • 2
1
vote
0 answers

Spring Boot Application Fails to Authenticate with MongoDB After Vault Generates Dynamic Credentials from MongoDB

I'm using Spring Cloud Vault to communicate with HCP Vault. Part of the process, Vault asks from MongoDB to generate dynamic credentials for my service. The application starts successfully, but when I send request to the backend, it fails to…
eyal tamsot
  • 11
  • 3
1
vote
1 answer

Is there a way to get a kubernetes CRD schema with a kubectl command?

A way to get the schema using as an example secretproviderclasses.secrets-store.csi.x-k8s.io i would use the command kubectl describe crd secretproviderclasses.secrets-store.csi.x-k8s.io and get as a result: Name: …
paltaa
  • 2,985
  • 13
  • 28
1
vote
1 answer

hashicorp vault k8s - agent container won't initialize

I have tried to follow Hashicorp Vault's guide on injecting secrets into an application pod: https://learn.hashicorp.com/tutorials/vault/kubernetes-sidecar#inject-secrets-into-the-pod The problem is, that I simply cannot get the vault-agent…
WillGates
  • 65
  • 1
  • 8
1
vote
0 answers

Failed to generate list of vault tokens

Looking for a solution to the problem to identify the vault root tokens, I found the following documentation https://www.greenreedtech.com/identifying-active-hashicorp-vault-root-tokens/ The script related in this link worked in a vault instance…
ansefloca
  • 11
  • 2
1 2 3
19 20