-
Notifications
You must be signed in to change notification settings - Fork 4.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Policy parsing bug in 0.11.0 #5219
Comments
I also found this when I restarted my docker-based install and it upgraded. Pushed back the tag to 0.10.4 until it's fixed! |
@chrishoffman @jefferai Is the fix available in 0.11.0 image ? Or will be it in 0.11.1 ? We are still getting "Error failed to validate policy templating: unbalanced templating characters" exception when posting base64 encoded ACL policy. {"path":{"secret/":{"capabilities":["read"]}}} |
There will be a 0.11.1 shortly to address this issue. You can also build from master right now to see if it addresses the issue. |
@chrishoffman Thanks for the update. I couldn't find the master tag in the Vault docker hub. |
@gowthamsubbu That's exactly my issue - using docker means we're reliant on a build being produced and pushed to Docker Hub. I'm content to know it's fixed and incoming. Thanks for the update @chrishoffman! |
I meant from source. We don't publish master docker images. |
I have to use HCL format to compose my policy strings instead of json format to bypass this bug in vault 0.11. |
* Add .get("data") on /sys/<route> * remove ["data"] from list_auth_backcends() * remove .get("data") from unwrap() * modify mock_response on test_read_lease * remove .get("data") from read_lease() * Re add ['data'] field on read_lease_response * Add conditional logic * Update new system backend tests for new method bits * Change policy to HCL format to work around Vault v0.11.0 bug See: hashicorp/vault#5219 * Make v0.11.0 test successes required * undo accidentally line removal * Tweak list_policies updates * Tweak key_status update * tweak list_secret_backends update * tweak get_secret_backend_tuning update * tweak list_audit_backends update * tweak audit_hash update * tweak list_auth_backends update
Describe the bug
Policy syntax is not accepted anymore by the latest version.
To Reproduce
Create new policy with this content :
{"path":{"secret/*":{"capabilities":["read"]}}}
Return :
"Error failed to validate policy templating: unbalanced templating characters"
To be accepted I must use this syntax :
{"path":{"secret/*":{"capabilities":["read"]} } }
Expected behavior
Accept valid json regardless of space character like 0.10.4 version
Environment:
vault status
): 0.11.0Additional context
The text was updated successfully, but these errors were encountered: