avast / marathon-vault-plugin Goto Github PK
View Code? Open in Web Editor NEWMarathon plugin which injects Vault secrets via environment variables
License: MIT License
marathon-vault-plugin's Issues
Can't specify SSL cert
Hi Avast,
In marathon-vault-plugin/src/main/scala/com/avast/marathon/plugin/vault/VaultPlugin.scala:31 you set a Vault config, but you do not allow for users to optionally set an SSL cert. Since we run Vault entirely in SSL mode, our secret fetching fails with:
[2017-12-28 20:28:49,020] ERROR Secret docker_pass in /holding/application/test2 application cannot be read from Vault (source: secret/shared/docker_pass@docker_pass) (com.avast.marathon.plugin.vault.VaultPlugin:marathon-akka.actor.default-dispatcher-25)
com.bettercloud.vault.VaultException: com.bettercloud.vault.rest.RestException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
In https://github.com/BetterCloud/vault-java-driver, it specifies how to build a SSL config that the Vault Driver can use.
support of file-based secrets
Hi,
Are there plans to support file-based secrets for marathon? From what I experience - it is not working right now
Release should contain dependency JARs
Tweak the release process so that the artifact downloadable from GitHub release page contains all the required dependencies.
Test against multiple Marathon version
Exception when starting marathon
I tried run this plugin with Marathon 1.6 and 1.7, but with no luck. Any idea?
[2019-06-10` 22:12:19,570] INFO Started TaskTrackerUpdateStepsProcessorImpl with steps:
* continueOnError(notifyHealthCheckManager)
* continueOnError(notifyRateLimiter)
* continueOnError(notifyLaunchQueue)
* continueOnError(postTaskStatusEvent)
* continueOnError(scaleApp) (mesosphere.marathon.core.task.tracker.impl.InstanceTrackerUpdateStepProcessorImpl:JMX exporting thread)
[2019-06-10 22:12:19,622] ERROR Terminating due to uncaught exception in thread JMX exporting thread:1 (mesosphere.marathon.MarathonApp:JMX exporting thread)
com.google.inject.CreationException: Unable to create injector, see the following errors:
1) Error injecting constructor, com.fasterxml.jackson.core.JsonParseException: Unexpected character ('/' (code 47)): maybe a (non-standard) comment? (not recognized as one since Feature 'ALLOW_COMMENTS' not enabled for parser)
at [Source: [B@288ca5f0; line: 12, column: 31]
at mesosphere.marathon.core.CoreModuleImpl.<init>(CoreModuleImpl.scala:51)
while locating mesosphere.marathon.core.CoreModuleImpl
at mesosphere.marathon.core.CoreGuiceModule.configure(CoreGuiceModule.scala:191)
while locating mesosphere.marathon.core.CoreModule
for the 1st parameter of mesosphere.marathon.core.CoreGuiceModule.taskTracker(CoreGuiceModule.scala:59)
at mesosphere.marathon.core.CoreGuiceModule.taskTracker(CoreGuiceModule.scala:59)
while locating mesosphere.marathon.core.task.tracker.InstanceTracker
for the 2nd parameter of mesosphere.marathon.core.task.update.impl.TaskStatusUpdateProcessorImpl.<init>(TaskStatusUpdateProcessorImpl.scala:26)
while locating mesosphere.marathon.core.task.update.impl.TaskStatusUpdateProcessorImpl
at mesosphere.marathon.core.CoreGuiceModule.configure(CoreGuiceModule.scala:194)
while locating mesosphere.marathon.core.task.update.TaskStatusUpdateProcessor annotated with @com.google.inject.name.Named(value=ThrottlingTaskStatusUpdateProcessor)
Caused by: com.fasterxml.jackson.core.JsonParseException: Unexpected character ('/' (code 47)): maybe a (non-standard) comment? (not recognized as one since Feature 'ALLOW_COMMENTS' not enabled for parser)
at [Source: [B@288ca5f0; line: 12, column: 31]
at com.fasterxml.jackson.core.JsonParser._constructError(JsonParser.java:1702)
at com.fasterxml.jackson.core.base.ParserMinimalBase._reportError(ParserMinimalBase.java:558)
...
Caused by: akka.actor.InvalidActorNameException: actor name [instanceTracker] is not unique!
at akka.actor.dungeon.ChildrenContainer$NormalChildrenContainer.reserve(ChildrenContainer.scala:129)
at akka.actor.dungeon.Children.reserveChild(Children.scala:134)
at akka.actor.dungeon.Children.reserveChild$(Children.scala:132)
at akka.actor.ActorCell.reserveChild(ActorCell.scala:370)
at akka.actor.dungeon.Children.makeChild(Children.scala:272)
at akka.actor.dungeon.Children.attachChild(Children.scala:48)
at akka.actor.dungeon.Children.attachChild$(Children.scala:47)
at akka.actor.ActorCell.attachChild(ActorCell.scala:370)
at akka.actor.ActorSystemImpl.actorOf(ActorSystem.scala:717)
at mesosphere.marathon.core.leadership.LeadershipModuleImpl.startWhenLeader(LeadershipModule.scala:45)
at mesosphere.marathon.core.task.tracker.InstanceTrackerModule.instanceTrackerActorRef$lzycompute(InstanceTrackerModule.scala:41)
at mesosphere.marathon.core.task.tracker.InstanceTrackerModule.instanceTrackerActorRef(InstanceTrackerModule.scala:40)
at mesosphere.marathon.core.task.tracker.InstanceTrackerModule.instanceTracker$lzycompute(InstanceTrackerModule.scala:25)
at mesosphere.marathon.core.task.tracker.InstanceTrackerModule.instanceTracker(InstanceTrackerModule.scala:24)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.