Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-65439

No suitable binding handler for VaultAppRoleCredential.

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Fixed but Unreleased (View Workflow)
    • Priority: Major
    • Resolution: Not A Defect
    • Labels:
      None
    • Environment:
      K8S 1.18
      Jenkins: 2.277.2
      credentials-binding-plugin: 1.2.4
      Vault Harshicorp: 2.37.0
    • Similar Issues:

      Description

      We wantr to use roleid/secretid stored as credentials in Jenkins/Vault plugin as that will issue a Vault token that pipeline can then use to access Vault. Provisioned appId in Vault for the Jenkins Pipeline and then generated secretid. Next, populated roleID/SecretIDs as Jenkins-> Credentials->VaultRoleId (path kept default approle).

      Excerpt from the pipeline

      stage('Integration tests') {
      steps {
      withCredentials([[$class: 'VaultTokenCredentialBinding', credentialsId: "${env.VAULT_CREDENTIALS}", vaultAddr: "${env.VAULT_ADDR}", vaultNamespace: "serviceevents-dev1-kv/"]])

      { sh 'echo TOKEN=$VAULT_TOKEN' sh 'echo ADDR=$VAULT_ADDR' }

       

      Error thrown:

      No suitable binding handler could be found for type com.datapipe.jenkins.vault.credentials.VaultAppRoleCredential. Supported types are StandardUsernamePasswordCredentials,FileCredentials,StringCredentials,DockerServerCredentials,SSHUserPrivateKey.

      Any ideas? Suggestions on how to further troubleshoot or work it around? Thanks

        Attachments

          Activity

          Hide
          peppe1977 Pedro Salomao added a comment -

          It turns out that we mistakenly called credentials and saved to a env variable that was then passed to withCredentials and that caused the problem herein reported. Solution was just to have env.variable pointing to jenkins/credentials/vault-appid created. All good.

          VAULT_CREDENTIALS=credentials('Label/id used in Jenkins/Credentials/Vault-AppId') - WRONG
          VAULT_CREDENTIALS='Label/id used in Jenkins/Credentials/Vault-AppId' - CORRECT

          stage('Integration tests') {
          steps {
          withCredentials([[$class: 'VaultTokenCredentialBinding', credentialsId: "${env.VAULT_CREDENTIALS}", vaultAddr: "${env.VAULT_ADDR}",

          Show
          peppe1977 Pedro Salomao added a comment - It turns out that we mistakenly called credentials and saved to a env variable that was then passed to withCredentials and that caused the problem herein reported. Solution was just to have env.variable pointing to jenkins/credentials/vault-appid created. All good. VAULT_CREDENTIALS=credentials('Label/id used in Jenkins/Credentials/Vault-AppId') - WRONG VAULT_CREDENTIALS='Label/id used in Jenkins/Credentials/Vault-AppId' - CORRECT stage('Integration tests') { steps { withCredentials([[$class: 'VaultTokenCredentialBinding', credentialsId: "${env.VAULT_CREDENTIALS}", vaultAddr: "${env.VAULT_ADDR}",

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            peppe1977 Pedro Salomao
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: