Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Raja Nadar
    @rajanadar
    ---- folks, there was a personal emergency that kept me out cold. i'm back now. let me know any open issues ---
    Raja Nadar
    @rajanadar
    Folks, we have some really active community members that have answered questions in the past in GH issues. For the benefit of wider community, the recommendation moving forward is to ask your questions on Stack Overflow, with the vault-sharp tag... Please go ahead and ask questions there. https://stackoverflow.com/questions/tagged/vault-sharp
    Raja Nadar
    @rajanadar

    hello folks, happy to announce the release of VaultSharp 1.4.0 today. It has all the Auth backends and Secret Engines supported by Vault 1.4.0. Cheers!
    Mohammad Azhar Ali
    @azhar144
    @rajanadar I am using VaultSharp NuGet package with .NET frameworks 4.8 and .Net Core 3.1 it's working perfect with .Net Core 3.1 but with .Net Framework 4.8 it's not able to resolve. I am getting this error "Could not load file or assembly VaultSharp, version =1.4.0.5, culture =neutral, PublicKeyToken = cb3d4aad92b0eded"
    Raja Nadar
    @rajanadar
    Thanks Mohammed. Can you please open a github issue? I'll have a look at it this weekend.
    Mohammad Azhar Ali
    @azhar144
    Thanks for the response, It worked fine when I copied two dlls in the bin folder newtonsoftjson.dll and vaultsharp.dll
    Raja Nadar
    @rajanadar
    Glad to hear. Cool
    MarkKyes
    @MarkKyes
    Hello all, appreciate the library, when making a call to get dynamic auth creds, the call works, can see it being created but the requestid, data is coming back null. any thoughts about how this might be happening?
    Raja Nadar
    @rajanadar
    Hi Mark, can you please create a github issue with VaultSharp version, vault api version and sample code snippet along with the exception or response you are seeing?
    Óskar
    @Skarinn
    Hi... Has anyone integrated VaultSharp in dotnet core using kubernetes ServiceAccount Tokens for Vault authentication?
    If so... Any do's and dont's ?
    copperorange
    @copperorange
    @Skarinn there is nothing special to do here. Just make sure you have an easy way to track errors in case any issues asrise to help debug configuration and secrets path.
    Raja Nadar
    @rajanadar
    thanks @copperorange
    chinswain
    @chinswain
    When I initialise a new vault via CLI it doesn't give me the base64 key as it does when initialising from the website, anyone know how to generate\retrieve it?
    vault operator init -key-shares=1 -key-threshold=1
    Only the Unseal Key(s) and Initial Root Token are returned.
    chinswain
    @chinswain
    Is it possible to init via VaultSharp instead of the CLI?
    Raja Nadar
    @rajanadar
    Yes. VaultSharp supports most system backend operations as well. You can initialize vault using VaultSharp as follows.
    var masterCredentials = await _unauthenticatedVaultClient.V1.System.InitAsync(initOptions);
    @chinswain let me know if any issues.
    chinswain
    @chinswain
    Is it possible to unseal vault via VaultSharp or is it expected that this has been done prior to accessing?
    chinswain
    @chinswain
    Also, is there a method to create a new secret engine? I can't see anything in the examples. I'm currently interfacing with the exe directly: .\vault.exe secrets enable -version=1 kv
    Raja Nadar
    @rajanadar
    @chinswain technically, you can unseal using VaultSharp. This admin operation is supported. However, from a design perspective, end applications normally don't unseal vault. The vault setup, unsealing, mounting backends, writing secrets, creating access control policies etc.
    Are all administrative operations expected to be done ahead of time by the security team or a privileged person.
    As an end application, you use VaultSharp to read secrets.
    However, VaultSharp is built to be used in both end application and admin flows, so it supports a lot of admin operations as well.
    What new secret engine do you want to mount? The kv ones are normally enabled by default. Let me know as a github issue if you need an api support that doesn't exist today

    Mike Lewis
    @gingermike
    Hi there - I'm trying to use the CustomAuthMethodInfo class in order to perform a custom auth hook required in our internal org
    However, when I return a CustomAuthMethodInfo from the delegate required in the constructor, I cannot set the ReturnLoginAuthInfo property as it's marked as internal set and not created for me the default constructor
    is this a bug or am I using the class wrong?
    Raja Nadar
    @rajanadar
    Hi Mike, let me check and get back to you in a day.
    Raja Nadar
    @rajanadar
    hey Mike, it is a bug. i created a gh issue to track and close within the week. rajanadar/VaultSharp#182
    Please use the TokenAuthInfo method to unblock for now.
    Mike Lewis
    @gingermike
    Great, thanks Raja :+1:
    Raja Nadar
    @rajanadar
    hi @gingermike , i have published a new NuGet of VaultSharp whereby you can set your own AuthInfo. Please let me know if any issues. https://www.nuget.org/packages/VaultSharp/1.6.2.1
    Imene Boussour
    @ImeneBoussour
    Hi, when using curl to connect to Vault we use --proxy "host:port" and -crt "path" for the server certificate (.crt), using vaultSharp I was able to set Proxy settings in PostProcessHttpClientHandlerAction but not sure how to define the server certificate manually? knowing we are using LDAP auth. I want to translate the -crt path command to vb using vaultsharp.
    9 replies
    Artem Avanesov
    @artem-avanesov
    Hi everyone

    I want to get rid of "appsettings.json" and store application configs in the HashiCorp Vault, it would be nice if this library could "inject" new application configs on the fly without reloading an application.

    I imaging it to work like Redis pub/sub, when some data changes, all subscribed parties are notified.

    Can this library do this?

    Is it possible to subscribe to changes in HashiCorp Vault?
    Raja Nadar
    @rajanadar
    Hi Artem, pub/sub or auto detection of secret change in vault, has never been an envisioned purpose of vault sharp from day 1. Rationale being that,
    1. The library is intended as a simple http client of the api. Strong typing, take care of on the wire details.
    1. Vault itself doesn't support pub sub natively. This means, any library trying to do this, will be polling vault constantly for changes, to simulate pub sub, which does not address the root problem.
    3
    1. Pub sub, redis, polling, failures, etc. bring in critical infra dependencies like redis clients, storage, performance issues, bugs around polling failing, notifications failing etc. VaultSharp was not intended for this. You are free to write a wrapper library that can make use of VaultSharp. Every aspect of pub sub and auto loading is additive to VaultSharp

    Tony Morris
    @afmorris

    :wave: this library is awesome.

    Any plans to support the Terraform Cloud Secret Backend? I went searching through issues, but didn't notice anything. If there's no plan, I assume you accept PRs

    Tony Morris
    @afmorris
    i'll open up a GH Issue to start
    Raja Nadar
    @rajanadar
    Thanks @afmorris for using the library. It'll be available this weekend.