vault-action: [BUG] ##[error]unable to get local issuer certificate

Describe the bug

The action is no longer connecting to our Vault server.

To Reproduce

  1. Add your build.yaml workflow
  2. Add this step:
- name: Import Secrets from Vault
  id: vault_secrets
  uses: hashicorp/vault-action@master
  with:
    url: ${{ secrets.VAULT_ADDR }}
    method: github
    githubToken: ${{ secrets.VAULT_ACCESS_TOKEN }}
    kv-version: 2
    exportEnv: false
    secrets: |
      mysecret MY_SECRET;

Note: The vault address’s SSL cert is still valid until next year

Expected behavior

It will then show an error: ##[error]unable to get local issuer certificate

Log Output

##[debug]'
##[debug]Loading env
Run RichiCoder1/vault-action@master
  with:
    url: ***
    method: github
    githubToken: ***
    kv-version: 2
    exportEnv: false
    secrets: mysecret MY_SECRET;
  
    tlsSkipVerify: false
::group::Test Get Vault Secrets
Test Get Vault Secrets
  
  
  ##[debug]Retrieving Vault Token from v1/auth/github/login endpoint
  ::endgroup::
##[error]unable to get local issuer certificate
##[debug]Node Action run completed with exit code 1
##[debug]Finishing: Import Secrets from Vault

Additional context

We managed to fix it by sticking to the previous working version: RichiCoder1/vault-action@v1.0.1 or hashicorp/vault-action@v1.0.1 and not using master version

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Reactions: 1
  • Comments: 17 (9 by maintainers)

Most upvoted comments

@tamipangadil Was your original issue resolved with newer commits of vault-action? Looking to close this issue.

+1
jasonodonnell on Aug 13, 2020
Read more comments on GitHub
← vagrant-vmware-desktop: Vagrant vmware provider fails to work with Fusion Tech Preview
vault-action: [BUG] V2.7.0 breaks JSON secrets →