Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

strict decoding error: unknown field "spec.destination.transformation.templateSpecs" #671

Closed
MaximV93 opened this issue Mar 29, 2024 · 4 comments
Closed

strict decoding error: unknown field "spec.destination.transformation.templateSpecs" #671

MaximV93 opened this issue Mar 29, 2024 · 4 comments
Labels
bug Something isn't working

Comments

@MaximV93
Copy link

MaximV93 commented Mar 29, 2024
edited
Loading

Describe the bug

Yesterdag we removed VSO operator v4.0.0 from Openshift (4.13.34) and reinstalled VSO operator v5.0.2 using the operatorhub. Installation went fine. But when I try to apply a VaultStaticSecret with transformation I get the following error:

k apply -f testVaultStaticSecretTransformation.yml       
                                                                                                   
Error from server (BadRequest): error when creating "testVaultStaticSecretTransformation.yml ": VaultStaticSecret in version "v1beta1" cannot be handled as a VaultStaticSecret: strict decoding error: unknown field "spec.destination.transformation.templateSpecs

testVaultStaticSecretTransformation.yml

apiVersion: secrets.hashicorp.com/v1beta1
kind: VaultStaticSecret
metadata:
  name: vault-kv-test-b64secrets
spec:
  destination:
    create: true
    name: test-secret
    transformation:
      templateSpecs:
        test1:
          text: '{{- get .Secrets "keystore.jceks" | b64dec -}}'
  hmacSecretData: true
  mount: test-secrets/
  path: test/keystore
  refreshAfter: 30s
  type: kv-v2
  vaultAuthRef: vault-auth-test

Expected behavior
I expect the VaultStaticSecret to be created.

Environment

  • Kubernetes version:
    Openshift 4.13.34
  • vault-secrets-operator version:
    V0.5.2
    Additional context

[(https://github.com//pull/437)] Someone else commented the same issue in this pull request. They had an issue with the CRD's but I expect those to be taken care of when installing the operator from the operatorhub?
@MaximV93 MaximV93 added the bug Something isn't working label Mar 29, 2024
@nbragin4
Copy link

nbragin4 commented Apr 1, 2024

try "templates:" instead of "templateSpecs:"

@MaximV93
Copy link
Author

MaximV93 commented Apr 3, 2024
edited
Loading

@nbragin4 I get the same "unknown field" error:

Error from server (BadRequest): error when creating "/path/to/vault-kv-test-b64secrets.yaml": VaultStaticSecret in version "v1beta1" cannot be handled as a VaultStaticSecret: strict decoding error: unknown field "spec.destination.transformation.template"

kind: VaultStaticSecret
metadata:
  name: vault-kv-test-b64secrets
spec:
  destination:
    create: true
    name: test-secret
    transformation:
      template:
        test1:
          text: '{{- get .Secrets "keystore.jceks" | b64dec -}}'
  hmacSecretData: true
  mount: test-secrets/
  path: test/keystore
  refreshAfter: 30s
  type: kv-v2
  vaultAuthRef: vault-auth-test

EDIT: I used "template" instead of templates ... Now it does work! Thank you @nbragin4

@nbragin4
Copy link

nbragin4 commented Apr 3, 2024

replace transformation.template: with transformation.templates:

@MaximV93
Copy link
Author

MaximV93 commented Apr 3, 2024

@nbragin4 Thank you that works!

If anyone else in the future is unsure of which properties are accepted. I've just discovered the following command:
k describe crd vaultstaticsecrets.secrets.hashicorp.com

This lists all accepted properties for VaultStaticSecrets, which I knew this earlier :)

@MaximV93 MaximV93 closed this as completed Apr 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MaximV93 @nbragin4