vault-charm

tls_insecure_skip_verify is most likely no longer needed

Bug #1979582 reported by Andrea Ieri on 2022-06-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	vault-charm	Triaged	Medium	Phan Trung Thanh

Bug Description

src/templates/vault.hcl.j2 contains the following lines:

  # Use tls_insecure_skip_verify due to https://github.com/hashicorp/vault/issues/4961
  # tls_insecure_skip_verify is currently only supported in the snap version of vault.
  tls_insecure_skip_verify = "true"

Issue 4961[0] has been fixed with PR 8037[1], which landed in vault 1.4.0 (April 7th, 2020).

It should be pretty safe to drop the config option since I don't see any charm channel for versions older than 1.5

[0] https://github.com/hashicorp/vault/issues/4961
[1] https://github.com/hashicorp/vault/pull/8037

Tags:

Revision history for this message

Alex Kavanagh (ajkavanagh) wrote on 2022-06-27:

Agreed; it can probably be dropped.

Changed in vault-charm:
importance:	Undecided → Medium
status:	New → Triaged
tags:	added: good-first-bug

Muhammad Ahmad (ahmadfsbd) on 2022-07-27

Changed in vault-charm:
assignee:	nobody → Muhammad Ahmad (ahmadfsbd)

Muhammad Ahmad (ahmadfsbd) on 2022-07-28

Changed in vault-charm:
assignee:	Muhammad Ahmad (ahmadfsbd) → nobody

Revision history for this message

Phan Trung Thanh (tphan025) wrote on 2023-10-02:

Hello, I see this line is still present is the master branch so I'd like to help working on it, I'm assigning it to myself but I want to check if it's already being worked on?

Thanks!

Changed in vault-charm:
assignee:	nobody → Phan Trung Thanh (tphan025)

Revision history for this message

Alex Kavanagh (ajkavanagh) wrote on 2023-10-02:

Hi @tphan025, you are the only one working on it. Looking forward to the fix. If you have any issues then please reach out to the OpenStack team on IRC OFTC #openstack-charms of in the charmhub mattermost channel: https://chat.charmhub.io/charmhub/channels/openstack-charms. Thanks.