Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix transit constants for "generate_data_key" #632

Merged
merged 3 commits into from Sep 28, 2020
Merged

Fix transit constants for "generate_data_key" #632

merged 3 commits into from Sep 28, 2020

Conversation

Angeall
Copy link
Contributor

@Angeall Angeall commented Sep 14, 2020

For transit "generate_data_key" function, the official documentation and your own documentation only mentions "plaintext" and "wrapped" as valid value for the key type.
The problem is that "ciphertext" seems to replace "wrapped" in your constant.
Moreover, "ciphertext" is not valid and results in the following traceback :

Traceback (most recent call last):
  File "[...]", line 91, in runcode
    exec(code, self.locals)
  File "<input>", line 4, in <module>
  File "[...]/hvac/api/secrets_engines/transit.py", line 504, in generate_data_key
    json=params,
  File "[...]/hvac/adapters.py", line 107, in post
    return self.request('post', url, **kwargs)
  File "[...]/hvac/adapters.py", line 342, in request
    response = super(JSONAdapter, self).request(*args, **kwargs)
  File "[...]/hvac/adapters.py", line 309, in request
    errors=errors
  File "[...]/hvac/utils.py", line 37, in raise_for_error
    raise exceptions.InvalidRequest(message, errors=errors, method=method, url=url)
hvac.exceptions.InvalidRequest: Invalid path, must be 'plaintext' or 'wrapped', on post https://[...]

@Angeall
Update transit constants
cb06b2c 
Official documentation (https://www.vaultproject.io/api-docs/secret/transit#generate-data-key) and your own documentation (https://hvac.readthedocs.io/en/stable/usage/secrets_engines/transit.html#generate-data-key) only mentions "plaintext" and "wrapped" as valid value, while "ciphertext" was written here. Moreover, "ciphertext" is not valid and results in the following traceback : 

Traceback (most recent call last):
  File "[...]", line 91, in runcode
    exec(code, self.locals)
  File "<input>", line 4, in <module>
  File "[...]/hvac/api/secrets_engines/transit.py", line 504, in generate_data_key
    json=params,
  File "[...]/hvac/adapters.py", line 107, in post
    return self.request('post', url, **kwargs)
  File "[...]/hvac/adapters.py", line 342, in request
    response = super(JSONAdapter, self).request(*args, **kwargs)
  File "[...]/hvac/adapters.py", line 309, in request
    errors=errors
  File "[...]/hvac/utils.py", line 37, in raise_for_error
    raise exceptions.InvalidRequest(message, errors=errors, method=method, url=url)
hvac.exceptions.InvalidRequest: Invalid path, must be 'plaintext' or 'wrapped', on post https://[...]
@Angeall Angeall requested a review from a team as a code owner September 14, 2020 16:07
@Angeall Angeall changed the title Update transit constants for "generate_data_key" Fix transit constants for "generate_data_key" Sep 14, 2020
jeffwecan
jeffwecan approved these changes Sep 21, 2020
View reviewed changes
Copy link
Member

@jeffwecan jeffwecan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@jeffwecan jeffwecan added bug transit Transit secrets engine labels Sep 21, 2020
@jeffwecan jeffwecan merged commit a8650bd into hvac:develop Sep 28, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeffwecan jeffwecan jeffwecan approved these changes

Assignees
No one assigned
Labels
bug transit Transit secrets engine
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Angeall @jeffwecan