Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add a vault_kv2_destroy module #446

Open
Kloppi313 opened this issue Aug 2, 2024 · 4 comments · May be fixed by #450
Open

add a vault_kv2_destroy module #446

Kloppi313 opened this issue Aug 2, 2024 · 4 comments · May be fixed by #450
Assignees
@briantist
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@Kloppi313
Copy link

SUMMARY

It is not possible to destroy something in vault.
I think a boolean switch would be great:

Adding something like the parameter destroy: True/False with standard false would do the trick.

The context is the wish to destroy an entire secret with all versions while decomissining a host with its saved secrets.

ISSUE TYPE
  • Feature Idea
COMPONENT NAME

vault_kv2_delete

ADDITIONAL INFORMATION
- name: Delete all of the secret/mysecret secret.
  community.hashi_vault.vault_kv2_delete:
    url: https://vault:8201
    path: secret/metadata/mysecret
    auth_method: userpass
    username: user
    password: '{{ passwd }}'
    destroy: True
  register: result
@briantist briantist added enhancement New feature or request help wanted Extra attention is needed labels Aug 2, 2024
@briantist
Copy link
Collaborator

Hi @Kloppi313 , destroy was discussed a little bit in the PR for vault_kv2_delete

I think I'd rather see this as its own module, vault_kv2_destroy. The reason is mainly that it is a different functionality from deletes, so it should be separate, and it will be easier to test each module on its own that way.

It's currently waiting for a contributor to implement it though.

@Kloppi313
Copy link
Author

Hi @briantist,

so would you prefer renaming this issue?
Wouldn't it be a good start to duplicate vault_kv2_delete module and changing everything to destroy for a naive start?

@briantist briantist changed the title vault_kv2_delete: Add posibility to destroy add a vault_kv2_destroy module Aug 6, 2024
@briantist
Copy link
Collaborator

Sure, I've renamed this issue. Starting from vault_kv2_delete is fine, we don't have a "template" so I usually start with some existing content when creating a new one anyway. If you'd like to take this on please feel free to submit a PR!

@Kloppi313 Kloppi313 mentioned this issue Aug 16, 2024
Open
@Kloppi313
Copy link
Author

I created a PR, but it is not what I firstly had in mind -> removing a complete endpoint, not only to destroy versions. But hey, it is a new feature.

@briantist briantist self-assigned this Aug 16, 2024
@briantist briantist added help wanted Extra attention is needed and removed help wanted Extra attention is needed labels Aug 16, 2024
Kloppi313 added a commit to Kloppi313/community.hashi_vault that referenced this issue Aug 19, 2024
@Kloppi313
New Module - kv2 delete of all information to a secret
fb9c55a 
This module is intended to delete data when decomissioning a server. Idea was discussed at ansible-collections#446
@Kloppi313 Kloppi313 linked a pull request Aug 19, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@briantist briantist

Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

New Module - kv2 delete of all information to a secret Kloppi313/community.hashi_vault
2 participants
@briantist @Kloppi313