vault-ruby: vault-ruby cannot write secrets to vault server, version >=0.10.0
Writing a secret with the CLI:
root@bootstrap-ubuntu-1604:~# vault version
Vault v0.10.0 ('5dd7f25f5c4b541f2da62d70075b6f82771a650d')
root@bootstrap-ubuntu-1604:~# vault kv put secret/bacon "delicions=true,cooktime=11"
Key Value
--- -----
created_time 2018-08-07T20:42:02.333492408Z
deletion_time n/a
destroyed false
version 1
Writing a secret with vault-ruby:
[1] pry(main)> require 'vault'
[2] pry(main)> client = Vault::Client.new(address: 'http://127.0.0.1:8200', token: File.read('/root/.vault-token'))
[3] pry(main)> client.logical.write("secret/bacon", delicious: true, cooktime: "11")
Vault::HTTPClientError: The Vault server at `http://127.0.0.1:8200' responded with a 404.
Any additional information the server supplied is shown below:
* {"request_id":"7e8e4d50-4972-2129-4dc4-4e0c7ef37db9","lease_id":"","renewable":false,"lease_duration":0,"data":null,"wrap_info":null,"warnings":["Invalid path for a versioned K/V secrets engine. See the API docs for the appropriate API endpoints to use. If using the Vault CLI, use 'vault kv put' for this operation."],"auth":null}
The last version of vault that still works is 0.9.6.
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Comments: 19 (6 by maintainers)
I had this issue as well. The api expects it to be
{ "data": { "foo": "bar", "zip": "zap" } }So I just added my secrets like this
client.logical.write("secret/data/bacon", data : { delicious: true, cooktime: "11"})can someone merge or comment on what needs to change ?
possible fix https://github.com/hashicorp/vault-ruby/pull/188
@noma4i The point was very much that the gem is broken against KV version 2 (which is still API v1).