-
Notifications
You must be signed in to change notification settings - Fork 106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
permission denied error on VaultStaticSecret #729
Comments
I have faced similar issue Reconciler error. Try to disable and re-enable kubernetes auth in vault server and configure and add the role and try again. It worked for me. |
@asttle Thanks for your comment and suggestion, I followed your steps, unfortunately, it did not work for me. I have deployed vault and 2 different server and also on minikube on my mac, I am facing the same issue |
Hi, We are currently facing the same problem. We've tried your solution @asttle, but some week later the problem returns and we have 4 environments facing the same problem. No one from HashiCorp is assigned on this bug. Are there any update on this thread? Have you some information aboout it? Thank you! |
@ahsan-raza Configurations looks fine. Can you try to use a separate serviceAccount instead of using default to bind the vault and kubernetes. @lusien88 Can you please share your configurations, so that i can have a look at it and help. Also refer to the video for setp by step implementation and check where it went wrong |
Hi, same have @lusien88 with have same problem, when this bug are assignated to support Hashicorp team? |
Hello, facing the same issue here. Thanks for support ! |
Hi @ahsan-raza , i had the same error with the same configuration, then I found out that i need to set defaultAuthMethod.allowedNamespaces, then it worked. |
Where do you set this? |
Describe the bug
I am implementing VaultStaticSecret with VSO. VaultDynamicSecret works fine with the same service account and permissions but VaultStaticSecret gives the following error:
To Reproduce
Steps to reproduce the behavior:
vault deployed with below values.yaml override:
VaultAuth.yml
Application deployment:
kubectl describe VaultStaticSecret
output.Expected behavior
VaultStaticSecret should create a kv secret in the namespace and inject in the pod.
Environment
Additional context
I followed this guide to deploy the vault
https://developer.hashicorp.com/vault/tutorials/kubernetes/kubernetes-minikube-tls
Firstly, I assumed its the problem with tls so I deployed vault without tls and still the VSO was not able to create Static Secrets but was able to create dynamic secrets.
The text was updated successfully, but these errors were encountered: