Problems with EXPRESSION_VALUE when working with Vault parameters. #239
Comments
|
Without a Vault being defined the read-attribute results in: [standalone@0.0.0.0:9993 /] /core-service=management/ldap-connection=ad_ldap_connection:read-attribute(name=search-credential) |
mafriedel
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am trying to add a vault to an ldap_connection.
wildfly::resource { '/core-service=management/ldap-connection=ad_ldap_connection':
content => {
'search-credential' => '${VAULT::jboss-binda::password::1}',
'url' => 'ldaps://ldap.company.com:636',
'search-dn' => "CN=${service_account},OU=Service Accounts,DC=corp,DC=company,DC=com",
},
}
This results in a correct standalone.xml, which works with the Vault properly.
However on subsequent puppet runs it produces this:
Notice: /Stage[main]/Profile::Jboss_base/Wildfly::Resource[/core-service=management/ldap-connection=ad_ldap_connection]/Wildfly_resource[/core-service=management/ldap-connection=ad_ldap_connection]/state: state changed '{"search-credential"=>{"EXPRESSION_VALUE"=>"${VAULT::jboss-binda::password::1}"}}' to '{"search-credential"=>"expression "${VAULT::jboss-binda::password::1}""}'
Note the "EXPRESSION_VALUE".
I think it's coming from the script trying to find the value and getting the word "expression" in the results set.
[standalone@0.0.0.0:9993 /] /core-service=management/ldap-connection=ad_ldap_connection:read-attribute(name=search-credential)
{
"outcome" => "success",
"result" => expression "${VAULT::jboss-binda::password::1}"
}
The text was updated successfully, but these errors were encountered: