awx icon indicating copy to clipboard operation
awx copied to clipboard
verified publisher icon ansible

CyberArk Conjur Secret Lookup - Versioning Does Not Work

Open infamousjoeg opened this issue 3 years ago • 3 comments

Please confirm the following

  • [X] I agree to follow this project's code of conduct.
  • [X] I have checked the current issues for duplicates.
  • [X] I understand that AWX is open source software provided for free and that I might not receive a timely response.

Bug Summary

When providing a version number on the "Metadata" section of the CyberArk Conjur Secret Lookup External Secret Management System pane when defining a secret to retrieve on a credential, the secret value associated with the version number is not returned during execution of the job. Regardless of the version number given, only the latest secret value is ever returned.

AWX version

Ansible Automation Platform Controller 4.1.1

Select the relevant components

  • [ ] UI
  • [ ] API
  • [ ] Docs
  • [ ] Collection
  • [ ] CLI
  • [X] Other

Installation method

N/A

Modifications

no

Ansible version

ansible [core 2.12.2]

Operating system

Red Hat Enterprise Linux release 8.6 (Ootpa)

Web browser

No response

Steps to reproduce

  1. Configure CyberArk Conjur Secret Lookup.
  2. Configure Credential to use External Secret Management System.
  3. On Metadata, provide a version number not equal to null or 1.
  4. Run a job to execute a playbook that has debug.msg print the value to STDOUT.

Expected results

The value returned should change based on the version being requested by the External Secret Management System metadata.

Actual results

The latest version of the secret is always returned and versioning is ignored.

Additional information

image

infamousjoeg avatar Sep 07 '22 18:09 infamousjoeg

Hello, Based on the version you have provided it sounds like you are using Controller, rather than AWX. We would recommend that you reach out to Red Hat support.

djyasin avatar Sep 14 '22 15:09 djyasin

@djyasin,

You are correct, however this issue also persists in AWX. I just happened to do my testing using Ansible Automation Platform. Shall I modify the issue for AWX or open a new issue for it?

infamousjoeg avatar Sep 14 '22 16:09 infamousjoeg

I should also note that I am not a customer of Red Hat, but a partner as I'm employed by CyberArk. I'm happy to assist any way I can with resolving this issue.

infamousjoeg avatar Sep 14 '22 16:09 infamousjoeg

https://github.com/ansible/awx/pull/13071

shanemcd avatar Oct 18 '22 20:10 shanemcd

This was merged on 11/2022.

infamousjoeg avatar Feb 01 '23 13:02 infamousjoeg