We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
# cat /etc/vault-autopilot/issuers.yaml kind: Issuer spec: name: root secretsEngineRef: pki certificate: type: internal commonName: localhost options: issuingCertificates: - "vault.vault.svc.cluster.local:8200/v1/pki/ca" crlDistributionPoints: - "vault.vault.svc.cluster.local:8200/v1/pki/crl"
# cat /etc/vault-autopilot/pkiroles.yaml kind: PKIRole spec: name: root role: issuerRef: pki/root allowedDomains: - localhost allowSubdomains: true
# cat /etc/vault-autopilot/secretsengines.yaml kind: SecretsEngine spec: path: pki engine: type: pki
$ vault-autopilot --debug apply -f /etc/vault-autopilot/**.yaml # run this command at least twice to see the following result DEBUG:asyncio:Using selector: EpollSelector DEBUG:vault_autopilot.parser:parsing files DEBUG:vault_autopilot._cli.commands.apply:streaming manifest '/etc/vault-autopilot/issuers.yaml' DEBUG:vault_autopilot.parser:parsed ManifestObject(root=IssuerApplyDTO(kind='Issuer', spec={'name': 'root', 'secrets_engine_ref': 'pki', 'certificate': {'common_name': 'localhost', 'type': 'internal'}, 'options': {'issuing_certificates': ('vault.vault.svc.cluster.local:8200/v1/pki/ca',), 'crl_distribution_points': ('vault.vault.svc.cluster.local:8200/v1/pki/crl',)}})) DEBUG:vault_autopilot._cli.commands.apply:streaming manifest '/etc/vault-autopilot/secretsengines.yaml' DEBUG:vault_autopilot.parser:parsed ManifestObject(root=SecretsEngineApplyDTO(kind='SecretsEngine', spec={'path': 'pki', 'engine': {'type': 'pki'}})) DEBUG:vault_autopilot._cli.commands.apply:streaming manifest '/etc/vault-autopilot/pkiroles.yaml' DEBUG:vault_autopilot.parser:parsed ManifestObject(root=PKIRoleApplyDTO(kind='PKIRole', spec={'name': 'root', 'role': {'issuer_ref': 'pki/root', 'allowed_domains': ['localhost'], 'allow_subdomains': True}})) DEBUG:vault_autopilot._cli.commands.apply:found 3 manifest(s) matching pattern '/etc/vault-autopilot/**.yaml' DEBUG:vault_autopilot.parser:parsed files successfully DEBUG:vault_autopilot.storage:the secrets engine 'hqdncw.github.io/vault-autopilot/user-data' is already created DEBUG:vault_autopilot.processor.abstract:[IssuerApplyProcessor] add node SecretsEngineFallbackNode(absolute_path='pki') DEBUG:vault_autopilot.processor.abstract:[PKIRoleApplyProcessor] add node IssuerFallbackNode(absolute_path='pki/root') DEBUG:vault_autopilot.processor.secrets_engine:applying finished 'pki' DEBUG:vault_autopilot.processor.abstract:creating task for flushing node IssuerNode(node_hash=1694023832515850743, absolute_path='pki/root') DEBUG:vault_autopilot.service.abstract:[IssuerService] diff: {'type_changes': {"root['spec']['options']['issuingCertificates']": {'old_type': <class 'list'>, 'new_type': <class 'tuple'>, 'old_value': ['vault.vault.svc.cluster.local:8200/v1/pki/ca'], 'new_value': ('vault.vault.svc.cluster.local:8200/v1/pki/ca',)}, "root['spec']['options']['crlDistributionPoints']": {'old_type': <class 'list'>, 'new_type': <class 'tuple'>, 'old_value': ['vault.vault.svc.cluster.local:8200/v1/pki/crl'], 'new_value': ('vault.vault.svc.cluster.local:8200/v1/pki/crl',)}}} DEBUG:vault_autopilot.processor.issuer:applying finished 'pki/root' DEBUG:vault_autopilot.processor.abstract:creating task for flushing node PKIRoleNode(absolute_path='pki/root', payload=PKIRoleApplyDTO(kind='PKIRole', spec={'name': 'root', 'role': {'issuer_ref': 'pki/root', 'allowed_domains': ['localhost'], 'allow_subdomains': True}})) DEBUG:vault_autopilot.service.abstract:[PKIRoleService] diff: {'type_changes': {"root['spec']['role']['allowed_domains']": {'old_type': <class 'list'>, 'new_type': <class 'ruamel.yaml.comments.CommentedSeq'>, 'old_value': ['localhost'], 'new_value': ['localhost']}}} DEBUG:vault_autopilot.processor.pki_role:applying finished 'pki/root' DEBUG:vault_autopilot.processor.abstract:[PKIRoleApplyProcessor] flushing pending downstreams for upstream -6092045368410116636 DEBUG:vault_autopilot.processor.abstract:[PKIRoleApplyProcessor] no pending downstreams were found for node -6092045368410116636, flushing aborted DEBUG:vault_autopilot.processor.abstract:[IssuerApplyProcessor] flushing pending downstreams for upstream 1694023832515850743 DEBUG:vault_autopilot.processor.abstract:[IssuerApplyProcessor] no pending downstreams were found for node 1694023832515850743, flushing aborted [+] Applying manifests (0.0243 seconds) FINISHED => Updating Issuer 'pki/root'... done => Verifying integrity of SecretsEngine 'pki'... done => Updating PKIRole 'pki/root'... done Thanks for choosing Vault Autopilot!
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Manifests
Output
The text was updated successfully, but these errors were encountered: