Bug on hashivault_approle_role_secret module #474
Description
Please help :)
I found some bug on hashivault_approle_role_secret module
When used approle auth method to login into vault, parameter secret_id used for both: login to vault and generate secret_id
As result i have generated secret_id and secret_id which i used for login with the same value.
- name: Generate secret_id (run only one time)
hashivault_approle_role_secret:
name: "{{ item.0.namespace }}-{{ item.1 }}-approle"
authtype: "approle"
url: "{{ envs.vault_url }}"
role_id: "{{ envs.vault_role_id }}"
secret_id: "{{ envs.vault_role_secret_id }}"
# secret: '{{ lookup("password", "/dev/null length=32 chars=ascii_letters,digits") }}'
verify: false
state: present
register: 'secretid'
loop: "{{ approles | subelements('service') }}"
loop_control:
label: "Secret_id are already generated for role: {{ item.0.namespace }}-{{ item.1 }}-approle"
ignore_errors: yes
failed_when: false
And when i used secret_id with secret parameter, secret was ignored.