Issue
After upgrading the HashiCorp Vault plugin to a version between 2.3.0 and 3.6.0, trying to use vault credentials will fail with the error:
com.bettercloud.vault.VaultException: Vault responded with HTTP status code: 400
Response body: {"errors":["missing client token"]}
at com.bettercloud.vault.api.Auth.loginByAppRole(Auth.java:524)
at com.datapipe.jenkins.vault.credentials.VaultAppRoleCredential.getToken(VaultAppRoleCredential.java:54)
Caused: com.datapipe.jenkins.vault.exception.VaultPluginException: could not log in into vault
...
Environment
- CloudBees CI (CloudBees Core)
- CloudBees CI (CloudBees Core) on modern cloud platforms - Managed controller
- CloudBees CI (CloudBees Core) on modern cloud platforms - Operations Center
- CloudBees CI (CloudBees Core) on traditional platforms - Client controller
- CloudBees CI (CloudBees Core) on traditional platforms - Operations Center
- CloudBees Jenkins Platform - Client controller
- CloudBees Jenkins Platform - Operations Center
- Jenkins LTS
Resolution
Upgrade the HashiCorp Vault plugin to version 3.6.1 or newer.
The fix to the issue was https://github.com/jenkinsci/hashicorp-vault-plugin/pull/123 which is included in the 3.6.1 release.
Tested product/plugin versions
CloudBees Jenkins Platform 2.263.4.2
References
https://github.com/jenkinsci/hashicorp-vault-plugin/issues/97
0 Comments