VAULT-37303 fix consul-template handling of secret reads when namespace equals mount path #2075

VioletHynes · 2025-07-11T18:53:04Z

As documented in https://hashicorp.atlassian.net/browse/VAULT-37303 -- currently, consul-template fails to render secrets when the namespace equals the mount path. This fixes that issue.

I have a test on the Vault repo which confirms that this fix works. This is part of https://github.com/hashicorp/vault-enterprise/pull/8445 and this PR will pull in this library update once released.

While I was here, I decided to update the go.mod to update all of the dependencies, to keep security up to date.

PCI review checklist

I have documented a clear reason for, and description of, the change I am making.
If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.
If applicable, I've documented the impact of any changes to security controls.

Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.

…ce equals mount path

anandmukul93

LGTM

VAULT-37303 fix consul-template handling of secret reads when namespa…

2b78f5d

…ce equals mount path

VioletHynes requested a review from divyaac July 11, 2025 18:53

VioletHynes added 2 commits July 11, 2025 14:58

amend tests

3a0d23b

tests again

a0e102c

VioletHynes marked this pull request as ready for review July 11, 2025 19:20

VioletHynes requested a review from a team as a code owner July 11, 2025 19:20

VioletHynes added 2 commits July 11, 2025 15:21

remove log

b1ab3a6

More upversions

d03d481

divyaac approved these changes Jul 15, 2025

View reviewed changes

anandmukul93 approved these changes Jul 16, 2025

View reviewed changes

VioletHynes merged commit 384f48e into main Jul 17, 2025
53 of 54 checks passed

VioletHynes deleted the violethynes/VAULT-37303-consul-template branch July 17, 2025 13:38