goldfish
goldfish copied to clipboard
Published
20 hours ago •
Caiyeon
Caiyeon
Bug: vault kv store version2 errror/panic seems that it is not supported
Bug report:
Vault version: 0.10.1
Goldfish version: 0.9.0
Operating system: CentOS7
Steps to reproduce: Follow production deployment guide
Expected behaviour: Working instance of goldfish
Actual behaviour: Error when executing the following step
vault write secret/goldfish DefaultSecretPath="secret/" UserTransitKey="usertransit" BulletinPath="secret/bulletins/"
because secret/ path has been converted from version1 to version2 kv store
Also I worked around this by changing the command to
vault kv put secret/goldfish DefaultSecretPath="secret/" UserTransitKey="usertransit" BulletinPath="secret/bulletins/"
But I got a error panic when I tried to add wrapped token at the first login
{"time":"2018-04-29T08:33:34.094166162Z","level":"-","prefix":"echo","file":"asm_amd64.s","line":"510","message":"[\x1b[31mPANIC RECOVER\x1b[0m] runtime error: invalid memory address or nil pointer dereference goroutine 50 [running]:\ngithub.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware.RecoverWithConfig.func1.1.1(0x2384f40, 0x1000, 0xc4203c0000, 0x2e574a0, 0xc4201b4ee0)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware/recover.go:75 +0x12a\npanic(0x15952a0, 0x2e9dda0)\n\tC:/Go/src/runtime/panic.go:491 +0x283\ngithub.com/caiyeon/goldfish/vault.VerifyTokenRights(0xc42048f2c0, 0x24, 0x12, 0xc420398fc0, 0xc420047f80, 0x0)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vault/vault.go:261 +0x1ef\ngithub.com/caiyeon/goldfish/vault.Bootstrap(0xc42048f0e0, 0x24, 0xc4203b8a80, 0x0)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vault/vault.go:164 +0x1a0\ngithub.com/caiyeon/goldfish/handlers.Bootstrap.func1(0x2e574a0, 0xc4201b4ee0, 0x17d6283, 0xd)\n\tF:/gopath/src/github.com/caiyeon/goldfish/handlers/handlers.go:101 +0x292\ngithub.com/caiyeon/goldfish/vendor/github.com/labstack/echo.(*Echo).add.func1(0x2e574a0, 0xc4201b4ee0, 0xd, 0x1804304)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vendor/github.com/labstack/echo/echo.go:467 +0x87\ngithub.com/caiyeon/goldfish/server.StartListener.func1.1(0x2e574a0, 0xc4201b4ee0, 0x17ca214, 0x4)\n\tF:/gopath/src/github.com/caiyeon/goldfish/server/server.go:54 +0xa4\ngithub.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware.GzipWithConfig.func1.1(0x2e574a0, 0xc4201b4ee0, 0x0, 0x0)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware/compress.go:92 +0x17f\ngithub.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware.BodyLimitWithConfig.func1.1(0x2e574a0, 0xc4201b4ee0, 0x0, 0x0)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware/body_limit.go:87 +0x19f\ngithub.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware.RecoverWithConfig.func1.1(0x2e574a0, 0xc4201b4ee0, 0x0, 0x0)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware/recover.go:82 +0xe1\ngithub.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware.LoggerWithConfig.func2.1(0x2e574a0, 0xc4201b4ee0, 0x0, 0x0)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vendor/github.com/labstack/echo/middleware/logger.go:111 +0x121\ngithub.com/caiyeon/goldfish/vendor/github.com/labstack/echo.(*Echo).ServeHTTP.func1(0x2e574a0, 0xc4201b4ee0, 0xc420054538, 0x17b2e20)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vendor/github.com/labstack/echo/echo.go:558 +0x108\ngithub.com/caiyeon/goldfish/vendor/github.com/labstack/echo.(*Echo).ServeHTTP(0xc4200544e0, 0x2e49c60, 0xc420396a80, 0xc4201c2000)\n\tF:/gopath/src/github.com/caiyeon/goldfish/vendor/github.com/labstack/echo/echo.go:567 +0x228\nnet/http.serverHandler.ServeHTTP(0xc420060c30, 0x2e49c60, 0xc420396a80, 0xc4201c2000)\n\tC:/Go/src/net/http/server.go:2619 +0xb4\nnet/http.(*conn).serve(0xc4201c55e0, 0x2e4aae0, 0xc4201b6400)\n\tC:/Go/src/net/http/server.go:1801 +0x71d\ncreated by net/http.(*Server).Serve\n\tC:/Go/src/net/http/server.go:2720 +0x288\n\ngoroutine 1 [chan receive]:\nmain.main()\n\tF:/gopath/src/github.com/caiyeon/goldfish/server.go:106 +0x4fa\n\ngoroutine 5 [syscall]:\nos/signal.signal_recv(0x0)\n\tC:/Go/src/runtime/sigqueue.go:131 +0xa6\nos/signal.loop()\n\tC:/Go/src/os/signal/signal_unix.go:22 +0x22\ncreated by os/signal.init.0\n\tC:/Go/src/os/signal/signal_unix.go:28 +0x41\n\ngoroutine 8 [chan receive]:\ngithub.com/caiyeon/goldfish/vault.init.0.func1()\n\tF:/gopath/src/github.com/caiyeon/goldfish/vault/vault.go:34 +0x59\ncreated by github.com/caiyeon/goldfish/vault.init.0\n\tF:/gopath/src/github.com/caiyeon/goldfish/vault/vault.go:33 +0x35\n\ngoroutine 9 [IO wait]:\ninternal/poll.runtime_pollWait(0x7f56de65df70, 0x72, 0xffffffffffffffff)\n\tC:/Go/src/runtime/netpoll.go:173 +0x57\ninternal/poll.(*pollDesc).wait(0xc4200ea298, 0x72, 0xc4203cf900, 0x0, 0x0)\n\tC:/Go/src/internal/poll/fd_poll_runtime.go:85 +0xae\ninternal/poll.(*pollDesc).waitRead(0xc4200ea298, 0xffffffffffffff00, 0x0, 0x0)\n\tC:/Go/src/internal/poll/fd_poll_runtime.go:90 +0x3d\ninternal/poll.(*FD).Accept(0xc4200ea280, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)\n\tC:/Go/src/internal/poll/fd_unix.go:334 +0x1e2\nnet.(*netFD).accept(0xc420\n"}
Hi there. This bug seems to be caused by vault's new API in their v0.10.1 release. There's many ways to fix this, but I am on vacation at the moment and will not be able to fix this anytime soon. I likely will not be able to dedicate time to investigate until July at the earliest.
On the bright side, v0.10.1 has the open sourced official UI, which should satisfy most use cases for the time being.
Cheers
@Caiyeon are there any plans for kv v2 to be supported? Or is it best to consider this project no longer in active development?
