Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: Cannot execute write operations with valid JSON #62

Closed
tommartensen opened this issue Jan 25, 2021 · 5 comments · Fixed by #63
Closed

Bug: Cannot execute write operations with valid JSON #62

tommartensen opened this issue Jan 25, 2021 · 5 comments · Fixed by #63
Assignees
@fishi0x01
Labels
bug Something isn't working

Comments

@tommartensen
Copy link

tommartensen commented Jan 25, 2021
edited
Loading

Thanks for the awesome tool, it is helping a lot in secret management!

We observed the following bug:

  1. secret/ is a kv key/value secret storage in API version 1.
  2. We create a secret: vault kv put secret/test data=1.
  3. When using VSH to copy or move the secret, we experience a Go panic:
$ vsh -c "cp secret/test secret/test2"
panic: interface conversion: interface {} is string, not map[string]interface {}

goroutine 1 [running]:
github.com/fishi0x01/vsh/client.transformToKV1Secret(...)
	/home/fishi0x01/Workspaces/fishi0x01/vsh/client/util.go:88
github.com/fishi0x01/vsh/client.(*Client).lowLevelWrite(0xc0003fe180, 0xc000130c21, 0xc, 0xc0000a0900, 0x2, 0x0)
	/home/fishi0x01/Workspaces/fishi0x01/vsh/client/write.go:16 +0x3a7
github.com/fishi0x01/vsh/client.(*Client).Write(0xc0003fe180, 0xc000130c20, 0xd, 0xc0000a0900, 0x0, 0x0)
	/home/fishi0x01/Workspaces/fishi0x01/vsh/client/client.go:113 +0x165
github.com/fishi0x01/vsh/cli.(*CopyCommand).copySecret(0xc0003fe200, 0xc000130c10, 0xc, 0xc000130c20, 0xd, 0xd, 0x2)
	/home/fishi0x01/Workspaces/fishi0x01/vsh/cli/cp.go:79 +0xa0
github.com/fishi0x01/vsh/cli.(*CopyCommand).Run(0xc0003fe200, 0x1)
	/home/fishi0x01/Workspaces/fishi0x01/vsh/cli/cp.go:60 +0x140
main.executor(0x7ffeefbff857, 0x1b)
	/home/fishi0x01/Workspaces/fishi0x01/vsh/main.go:77 +0x178
main.main()
	/home/fishi0x01/Workspaces/fishi0x01/vsh/main.go:177 +0x4a2

Other secrets, e.g. as given in the integration tests value=1, work without issues.

System information:

  • vsh v0.7.2
  • Vault 1.3.1

Happy to provide further information as needed :)
@tommartensen tommartensen changed the title Bug: Cannot execute write operations with valid JSON Bug: Cannot execute write operations with valid JSON Jan 25, 2021
@fishi0x01
Copy link
Owner

Hi Tom 😄 👋

Thx for submission. Looks interesting, because the copy case for KV1 is tested in this suite

From the stacktrace it seems that for some reason secret/test is perceived as a KV2 secret. vsh then tries to convert it to KV1, which fails, because it already is KV1. I will try to reproduce that issue in a test.
What's your permission policy on secret/ and secret/test?

@fishi0x01 fishi0x01 mentioned this issue Jan 26, 2021
Merged
@fishi0x01
Copy link
Owner

Was able to reproduce the behavior in a test. (#63)

@fishi0x01 fishi0x01 added the bug Something isn't working label Jan 26, 2021
@fishi0x01 fishi0x01 self-assigned this Jan 26, 2021
@tommartensen
Copy link
Author

Great! The reproduced error looks familiar.
Thanks a lot for the help and we look forward to a fix! 🥇
Should you need further information, we are more than happy to assist.

@fishi0x01
Copy link
Owner

@tommartensen Latest master should work with data key. Please let me know if you still witness any issues.

@tommartensen
Copy link
Author

@fishi0x01 Thanks a lot for the fast fix! I can confirm that latest master works with our system.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fishi0x01 fishi0x01

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix bug with non 'value' key fishi0x01/vsh
2 participants
@tommartensen @fishi0x01