Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Errors fetching secrets #20

Open
thecodeassassin opened this issue Feb 23, 2017 · 6 comments
Open

Errors fetching secrets #20

thecodeassassin opened this issue Feb 23, 2017 · 6 comments

Comments

@thecodeassassin
Copy link

Hi all,

I'm getting the following error in the pod logs:

2017-02-23T08:17:14.977806402Z 2017/02/23 08:17:14 json: cannot unmarshal object into Go value of type string

I'm saving my secrets as secret/staging/ENV_NAME. The value being the secret.
@stevesloka
Copy link
Member

Are you getting this on startup? Or when trying to get a secret from vault? Could you provide a bit more context? Thanks!

@thecodeassassin
Copy link
Author

thecodeassassin commented Mar 7, 2017
edited
Loading

Hi @stevesloka ,

My secrets are stored as following:

secret/environment/SECRET_VALUE

the value is the actual secret value. I don't know if this format is unsupported for this tool.

Some logs:


2017-03-07T08:53:05.915456449Z 2017/03/07 08:53:05 Starting Kubernetes Vault Controller...
2017-03-07T08:53:05.936216335Z 2017/03/07 08:53:05 ThirdPartyResource customsecrets.enterprises.upmc.com exists.
2017-03-07T08:53:05.936250042Z 2017/03/07 08:53:05 Kubernetes Vault Controller started successfully.
2017-03-07T08:53:05.939911363Z 2017/03/07 08:53:05 json: cannot unmarshal object into Go value of type string
2017-03-07T08:53:05.939929943Z 2017/03/07 08:53:05 Watching for custom secret events.
2017-03-07T08:53:05.939988359Z 2017/03/07 08:53:05 Starting reconciliation loop.
2017-03-07T08:53:06.042663262Z 2017/03/07 08:53:06 json: cannot unmarshal object into Go value of type string

@stevesloka
Copy link
Member

Hey sorry for the delay getting back to you, been busy with a new baby, so time has been short recently. Let me try and simulate the same, seems like a parsing problem of sorts.

What type of data is stored in the secret?

@thecodeassassin
Copy link
Author

We store strings but also certificates as base64. Maybe that could be causing problems?

We store them as secret value=something. Every secret only has one value. We name them after our env variables. Everything is either a normal passphrase string or a base64 encoded certificate​.

@thecodeassassin
Copy link
Author

@stevesloka any update on this?

@stevesloka
Copy link
Member

Hey @thecodeassassin I just ran through an example and it all seemed to work for me. I put the sample here: https://github.com/upmc-enterprises/kubernetes-secret-manager/blob/master/docs/deployment-guide.md#static-secrets

Can you see maybe if your workflow is different? (Maybe I'm missing a step that you're doing).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thecodeassassin @stevesloka