Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Vault Agent Template executing multiple commands using sh -c does not work with v1.7.0 #11305

Open
other-ryan opened this issue Apr 7, 2021 · 3 comments
Labels
bug Used to indicate a potential bug ecosystem

Comments

@other-ryan
Copy link

Describe the bug
When adding a command to vault agent template configs, the quotes are being removed from the command. This causes errors when executing multiple commands using sh -c. This is exactly the same issue reported here:
hashicorp/consul-template#1456

To Reproduce
Steps to reproduce the behavior:
Use the following template configuration in vault's config file:

"template": [
    {
      "command": "/bin/sh -c 'ls /home'",
      "error_on_missing_key": true,
      "source": "/etc/vault.d/templates/service_agent.tmpl"
      "destination": "/etc/service/conf.d/service.conf",
    },
]

Expected behavior
After rendering the template, vault should execute the command as:

/bin/sh -c 'ls /home'

This was working in Vault v1.6.3

Actual behavior
After rendering the template, vault appears to be removing quotes and runs the command as:

/bin/sh -c ls /home

This is effectively the same as running the command as:

/bin/sh -c ls

Additional context
This same issue appears to be reported for consul-template here: hashicorp/consul-template#1456

@mattgialelis
Copy link

Raised a similar issue here
hashicorp/vault-k8s#246

@vishalnayak vishalnayak added bug Used to indicate a potential bug ecosystem labels Jun 3, 2021
@elnoxgdl
Copy link

elnoxgdl commented Jun 4, 2021

Hi all! Consul Team fixed the issue for their next version, will this be included in the next vault release?

hashicorp/consul-template#1477

@microadam
Copy link

Fixed in #11838 by the looks of things, which according to changelog, is in latest RC

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Used to indicate a potential bug ecosystem
Projects
None yet
Development

No branches or pull requests

5 participants