Daytona fails to read secrets if there are subpaths
arminm opened this issue · comments
Daytona fails to ignore subpaths when it's reading through the secrets in a specified path using VAULT_SECRETS_FOO=secrets/foo.
Assume a path secrets/foo that has a subpath bar/:
% vault list secrets/foo
Keys
----
bar/
foo1
foo2
% vault list secrets/foo/bar
Keys
----
bar1
bar2
This will cause Daytona to fail with:
DAYTONA - 2020/03/24 22:50:11 Starting v1.1.0...
DAYTONA - 2020/03/24 22:50:11 Attempting to automatically infer some k8s configuration data
DAYTONA - 2020/03/24 22:50:11 Checking for an existing, valid vault token
DAYTONA - 2020/03/24 22:50:11 No token found in VAULT_TOKEN env, checking path
DAYTONA - 2020/03/24 22:50:11 Found an existing token at /home/vault/.vault-token
DAYTONA - 2020/03/24 22:50:11 Starting secret fetch
DAYTONA - 2020/03/24 22:50:11 Starting iteration on secrets/foo
DAYTONA - 2020/03/24 22:50:11 Vault listed a secret 'bar', but got not-found trying to read it at 'secrets/foo/bar'; very strange
I would like to suggest fixing this by ignoring/printing a warning if Daytona encounters a subpath instead of a key/value pair in the path it's iterating on.