Fix bug where provider_config only used strings #960
Conversation
ghost
added
the
|
Hey @jasonodonnell, just tested this and it works! The oidc backend gets created correctly, I can use it to log in to Vault. I am not sure about @tvoran 's comments, but thank you for the quick work :) Let me know if you need anything tested (or double/triple tested). |
|
Any chance of merging this ? |
|
Just ran into this bug, any chance this gets merged soon? |
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
|
Hooray! |
|
When fixing this bug I introduced an upgrade error. We're looking into solutions internally but this bug was disclosed here #1112 and a small workaround provided if this is blocking you. Sorry for the inconvenience! |
This reverts commit 56fa28d.
* Fix bug where provider_config only used strings * Simplify sort, add hash comment * Fix circle config * Add hashing function * Update test * Revert hash func * Update * Skip JWT tests * Update vault/resource_jwt_auth_backend_test.go Co-authored-by: Theron Voran <tvoran@users.noreply.github.com> * Add env to configure service account location Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
…" (hashicorp#1114) This reverts commit 56fa28d.
|
@davidmontoyago Hello there. I am currently experiencing this exact issue with provider v2 and I tried to update to latest v2 version with no avail. From what I can understand above, the fix for this was reverted ? Is there a version where this issue is fixed as it is currently severely affecting our deployment ? Thanks! |
|
Hi @gpapakyriakopoulos, neither v2 nor v3 contains this fix. I believe we reverted this fix since caused some issues with preexisting Terraform deployments. We will take another look at this issue in the future, but we wouldn't really be able to commit to an exact date for a fix at present. Please note that v2 is no longer being maintained. It's best to upgrade to v3 when you have a chance. Please see the version 3 upgrade guide for more details. Thanks, Ben |
A bug was recently introduced with the new
provider_configparameter because theTypeMapwas casting everything to a string. This parameter can have mixed types, like when configuring GSuite.This updates the
provider_configto support all knownprovider_configsettings.Currently the tests pass but when testing gsuite, the backend actually tries to open and verify the JSON service account file. Since we're using a remote docker host which we don't have access to, its currently not possible to check this without auth engine changes or switching to a machine executor. I'll circle back to this next week and wrap up the testing changes.
Fixes #957.