Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Wrong condition in Vault installation process #1745

Closed
rpudlowski93 opened this issue Oct 7, 2020 · 1 comment
Closed

[BUG] Wrong condition in Vault installation process #1745

rpudlowski93 opened this issue Oct 7, 2020 · 1 comment
Assignees
@ar3ndt
Labels
area/development area/vault type/bug
Milestone
S20201008

Comments

@rpudlowski93
Copy link
Contributor

Describe the bug
There is a wrong condition in this PR: #1731. Flag: k8s_as_cloud_service is defined always so right now we always skip vault installation on master node.

- name: Install and configure Hashicorp Vault if enabled and no cloud service is used
  when:
    - specification.vault_enabled
    - k8s_as_cloud_service is not defined
    - not k8s_as_cloud_service

To Reproduce
Deploy Your cluster with enabled vault:

---
kind: configuration/vault
title: Vault Config
name: default
provider: aws
specification:
  vault_enabled: true

Expected behavior
Install vault on master node when vault is enabled

It is necessary to change the condition in vault role to the following:

- name: Install and configure Hashicorp Vault if enabled and no cloud service is used
  when:
    - specification.vault_enabled
    - k8s_as_cloud_service is defined
    - not k8s_as_cloud_service

OS (please complete the following information):

  • RedHat/Ubuntu

Cloud Environment (please complete the following information):

  • Azure/AWS

Additional context
Add any other context about the problem here.
@ar3ndt ar3ndt self-assigned this Oct 7, 2020
@ar3ndt ar3ndt added this to the S20201008 milestone Oct 7, 2020
@rpudlowski93 rpudlowski93 mentioned this issue Oct 7, 2020
Closed
@rpudlowski93 rpudlowski93 assigned ghost and unassigned ghost Oct 7, 2020
@rpudlowski93
Copy link
Contributor Author

rpudlowski93 commented Oct 7, 2020
edited
Loading

Tested - works fine.
I install the vault on kubernetes master when the flag k8s_as_cloud_service is false without any errors.
Vault works fine and I tested it using the following scenario: link

After vault login on master node:

Success! You are now authenticated. The token information displayed below
is already stored in the token helper. You do NOT need to run "vault login"
again. Future Vault requests will automatically use this token.

@mkyc mkyc closed this as completed Oct 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ar3ndt ar3ndt

Labels
area/development area/vault type/bug
Projects
None yet
Milestone
S20201008
Development

No branches or pull requests
3 participants
@ar3ndt @mkyc @rpudlowski93