Closed
Description
Describe the bug
The Argo CD Vault Plugin no longer seems to work properly with AWS Secrets Manager in the recently-released v1.18.0.
Secret interpolation that was previously working without issue in version v1.17.0 is now returning the following error:
Error: Replace: could not replace all placeholders in Template:
not found, ResolveEndpointV2
To Reproduce
- Create a sample secret in AWS Secrets Manager
- Reference this secret in a sample file
- Use
argocd-vault-pluginv1.17.0to interpolate the secret - Use
argocd-vault-pluginv1.18.0to interpolate the secret
Expected behavior
The v1.18.0 version should not break existing AWS Secrets Manager functionality.
Screenshots/Verbose output
Sensitive information has been redacted in the following output (*****), but this is the sample I ran comparing plugin versions.
sample-secret.yaml:
---
apiVersion: v1
kind: Secret
metadata:
name: sample-secret
namespace: default
type: Opaque
data:
secretByName: <path:2024-06-03-sample-secret#hello>
secretByPath: <path:arn:aws:secretsmanager:*****:*****:secret:2024-06-03-sample-secret-I3pN6O#hello>Running with v1.17.0 works fine:
./argocd-vault-plugin_1.17.0_darwin_arm64 versionargocd-vault-plugin v1.17.0 (b393c7afa63a43197c084a99959a78d0d26e5e74) BuildDate: 2023-11-12T02:03:06Z
./argocd-vault-plugin_1.17.0_darwin_arm64 generate sample-secret.yaml \
--config-path avp.yaml \
--verbose-sensitive-outputapiVersion: v1
data:
secretByName: world
secretByPath: world
kind: Secret
metadata:
name: sample-secret
namespace: default
type: OpaqueBut running with v1.18.0 fails:
./argocd-vault-plugin_1.18.0_darwin_arm64 versionargocd-vault-plugin v1.18.0 (3986b0794cd5f217add8691a32f9276ba6b79767) BuildDate: 2024-05-28T12:57:52Z
./argocd-vault-plugin_1.18.0_darwin_arm64 generate sample-secret.yaml \
--config-path avp.yaml \
--verbose-sensitive-outputError: Replace: could not replace all placeholders in Template:
not found, ResolveEndpointV2
not found, ResolveEndpointV2
Metadata
Metadata
Assignees
Labels
No labels