You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Applying templates which use HCP Vault Secrets throws an error even though these are set in the env key in Chezmoi's config on first apply when combined as chezmoi init arrrgi --apply --branch=feature/setup-scripts
HCP Vault Secrets templating works fine when init and apply are performed as separate steps, ie.
Run chezmoi init arrrgi --apply --verbose and provide Vault Secrets HCP_CLIENT_ID, HCP_CLIENT_SECRET, Organization and Project values via the promptStringOnce functions in .chezmoi.yaml.tmpl
Expected behavior
The repo is cloned, the prompted values are stored in Chezmoi config, the template fetches secrets to replace templated values.
Output of command with the --verbose flag
$ chezmoi init arrrgi --apply --branch=feature/setup-scripts --verbosediff --git a/.config/git b/.config/gitnew file mode 40755index 0000000000000000000000000000000000000000..e69de29bb2d1d6434b8b29ae775ad8c2e48c5391--- /dev/null+++ b/.config/gitdiff --git a/.config/git/config b/.config/git/confignew file mode 100644index 0000000000000000000000000000000000000000..8ea2b9c02ac3ac94ba005a77489f2a2bae7bedbe--- /dev/null+++ b/.config/git/config@@ -0,0 +1,2 @@+[include]+ path = ~/.config/git/standardchezmoi: template: dot_config/git/standard.tmpl:4:18: executing "dot_config/git/standard.tmpl" at <hcpVaultSecret "sshSigningKeyPersonal">: error calling hcpVaultSecret: /home/<redacted>/.local/bin/vlt secrets get --plaintext --app-name chezmoi --project <redacted> --organization <redacted> sshSigningKeyPersonal: exit status 1You are not currently logged in. Please try using the vlt login command to get started
Output of chezmoi doctor
$ chezmoi doctorRESULT CHECK MESSAGEok version v2.42.0, commit 694977b904e888ba285aa0fd44617d1d59d89bc7, built at 2023-11-26T18:41:00Z, built by goreleaserok latest-version v2.42.0ok os-arch linux/amd64 (Ubuntu 22.04.3 LTS (Jammy Jellyfish))ok uname Linux PF1QJ252 5.15.133.1-microsoft-standard-WSL2 #1 SMP Thu Oct 5 21:02:42 UTC 2023 x86_64 x86_64 x86_64 GNU/Linuxok go-version go1.21.4 (gc)ok executable ~/.local/bin/chezmoiok upgrade-method replace-executableok config-file ~/.config/chezmoi/chezmoi.yaml, last modified 2023-11-28T22:59:31+10:00ok source-dir ~/.local/share/chezmoi is a git working tree (clean)ok suspicious-entries no suspicious entriesok working-tree ~/.local/share/chezmoi is a git working tree (clean)ok dest-dir ~ is a directoryok umask 022ok cd-command found /bin/bashok cd-args /bin/bashinfo diff-command not setok edit-command found /usr/bin/viok edit-args /usr/bin/viok git-command found /usr/bin/git, version 2.34.1ok merge-command found /usr/bin/vimdiffok shell-command found /bin/bashok shell-args /bin/bashinfo age-command age not found in $PATHok gpg-command found /usr/bin/gpg, version 2.2.27info pinentry-command not setinfo 1password-command op not found in $PATHinfo bitwarden-command bw not found in $PATHinfo bitwarden-secrets-command bws not found in $PATHinfo dashlane-command dcli not found in $PATHinfo doppler-command doppler not found in $PATHinfo gopass-command gopass not found in $PATHinfo keepassxc-command keepassxc-cli not found in $PATHinfo keepassxc-db not setinfo keeper-command keeper not found in $PATHinfo lastpass-command lpass not found in $PATHinfo pass-command pass not found in $PATHinfo passhole-command ph not found in $PATHinfo rbw-command rbw not found in $PATHinfo vault-command vault not found in $PATHok vlt-command found ~/.local/bin/vlt, version 1.0.0info secret-command not set
Additional context
The resulting ~/.config/chezmoi/chezmoi.yaml file contains:
The text was updated successfully, but these errors were encountered:
arrrgi
changed the title
HCP Vault Secrets integration no longer recognizing service principal environment variables
HCP Vault Secrets integration not recognizing service principal environment variables
Nov 28, 2023
Thanks for reporting this. The issue was that chezmoi init --apply was not setting the environment variables defined in the config file after re-reading the config file. #3372 should fix this. Would you be able to test it?
Describe the bug
Applying templates which use HCP Vault Secrets throws an error even though these are set in the env key in Chezmoi's config on first apply when combined as
chezmoi init arrrgi --apply --branch=feature/setup-scripts
HCP Vault Secrets templating works fine when init and apply are performed as separate steps, ie.
To reproduce
Run
chezmoi init arrrgi --apply --verbose
and provide Vault Secrets HCP_CLIENT_ID, HCP_CLIENT_SECRET, Organization and Project values via thepromptStringOnce
functions in .chezmoi.yaml.tmplExpected behavior
The repo is cloned, the prompted values are stored in Chezmoi config, the template fetches secrets to replace templated values.
Output of command with the
--verbose
flagOutput of
chezmoi doctor
Additional context
The resulting ~/.config/chezmoi/chezmoi.yaml file contains:
The text was updated successfully, but these errors were encountered: