Error unsealing vault due to key index out of range

**Describe the bug**:
bank-vaults trying to retrieve unseal key with index that is out of range.
 
**Expected behaviour**:
Vault gets unsealed using keys is k8s secret.

**Steps to reproduce the bug**:
helm upgrade --install vault-operator banzaicloud-stable/vault-operator
kubectl apply -f https://github.com/banzaicloud/bank-vaults/blob/master/operator/deploy/cr.yaml

**Additional context**:
none

**Environment details**:
- Kubernetes version: v1.18.6
- Cloud-provider/provisioner: minikube --driver=none on Centos7
- bank-vaults version: 1.4.1
- Install method: helm
- Logs from the misbehaving component (and any other relevant logs):

$ kubectl logs vault-0 bank-vaults
time="2020-08-26T14:28:24Z" level=error msg="error unsealing vault: unable to get key 'vault-unseal-5': key 'vault-unseal-5' is not present in secret: vault-unseal-keys"
time="2020-08-26T14:28:29Z" level=info msg="vault is sealed, unsealing"
time="2020-08-26T14:28:33Z" level=error msg="error unsealing vault: unable to get key 'vault-unseal-5': key 'vault-unseal-5' is not present in secret: vault-unseal-keys"
time="2020-08-26T14:28:38Z" level=info msg="vault is sealed, unsealing"
time="2020-08-26T14:28:40Z" level=error msg="error unsealing vault: unable to get key 'vault-unseal-5': key 'vault-unseal-5' is not present in secret: vault-unseal-keys"
time="2020-08-26T14:28:45Z" level=info msg="vault is sealed, unsealing"

- Resource definition (possibly in YAML format) that caused the issue, without sensitive data:

Secret created by vault operator
$ kubectl get secret vault-unseal-keys -o yaml
apiVersion: v1
kind: Secret
metadata:
  labels:
    app.kubernetes.io/name: vault
    vault_cr: vault
  name: vault-unseal-keys
  namespace: default
type: Opaque
data:
  vault-root: cy5TWXRybHUzZDE5VGM0UktrdmRNWEVHNDU=
  vault-test: dmF1bHQtdGVzdA==
  vault-unseal-0: MGEzNWQxMjVmYzc1YTA0MGIxMmI3YmY5ZDdmMDY4Mzk5MDMzY2NlMjhjMjFlMzJkMTUzODc2NzUwMGZjNDc1MjZl
  vault-unseal-1: ZmNmZTg3NjNhYjMzYTgxMTdkMzA0ZjhlNmIzOGZmOGNmNTUyM2YzZjY4MjAzYjMxZjk5ZDI2MzY3YTliZDllYjFk
  vault-unseal-2: YWYwMzJiYmJlNmYxNjlkODNlOGFhN2Q0NGUwNzc5ODc2YmM2MzAzOWRhMTI5NGVlMjRhOGQzMDkxZTFkMjc0YTY1
  vault-unseal-3: NDRmNWQxYjViMTYyNGZiY2EwNDA2NWYyNmZmYjZmM2IwMGNlN2Y3YWIyZWUzOWJhNDg2NzVkYjA1YjVjMDdlYzJk
  vault-unseal-4: YzY5ZGJlZmZiZjZmMjg1NmM3M2EzNThiNDIzMmJiYWI2Mzg2ZmY1NzY3OTQ1NTQ1ZTA0ODc2ZTRmMzMwOTk1Yzlj


/kind bug


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Error unsealing vault due to key index out of range #1085

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Error unsealing vault due to key index out of range #1085

Description

Activity

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions