vault 1.5.0 go mod error

[sdeoras]

Describe the bug
Error upgrading go mod dependency from vault 1.4.3 to vault 1.5.0

To Reproduce
Write simple code that calls vault api at v1.5.0. You may likely run into this issue during go mod tidy.

Expected behavior
Expected go mod tidy command to go through fine. I got the following error:

go mod tidy
go: github.com/hashicorp/[email protected] requires
	github.com/hashicorp/vault/[email protected]: invalid version: unknown revision 1a16f3c699c6

The error goes away if I use following replace statements in go.mod file:

require (
	github.com/hashicorp/vault v1.5.0
	github.com/hashicorp/vault/api v1.0.5-0.20200630205458-1a16f3c699c6
)
replace github.com/hashicorp/vault/api => github.com/hashicorp/vault/api v0.0.0-20200718022110-340cc2fa263f

Environment:

• Vault Server Version (retrieve with vault status):
• Vault CLI Version (retrieve with vault version):
• Server Operating System/Architecture:

Vault server configuration file(s):

# Paste your Vault config here.
# Be sure to scrub any sensitive values

Additional context
Add any other context about the problem here.

[alexanderbez]

Yeah doesn't look like commit 1a16f3c is on the 1.5 tag HEAD.

[zaunist]

I met the same error,how to solve the problem？

[ncabatoff]

Hi @sdeoras, @zaunist,

No one should be importing github.com/hashicorp/vault, only the api and sdk modules. The top-level vault module is not intended to be a dependency for other projects, we're using go.mod solely to manage our own dependencies here. There's some discussion of this in #7848.

Since we haven't been creating new version tags for api and sdk very often, I suggest using the tip of the branch if you want to use the latest, i.e.

go get github.com/hashicorp/vault/api@master
go get github.com/hashicorp/vault/sdk@master

[greut]

E.g. the DefaultTokenHelper is used in the terraform-provider-nomad which requires to import everything.

https://github.com/hashicorp/vault/blob/124572bf80150689e747dbe84db0b76f4a1a6ad0/command/config/util.go

[unflag]

Same problem here - go mod tidy fails for my vault plugin. Adding
replace github.com/hashicorp/vault/api => github.com/hashicorp/vault/api v0.0.0-20200718022110-340cc2fa263f
helps, hope it will be fixed soon.

[ggilley]

@ncabatoff

No one should be importing github.com/hashicorp/vault, only the api and sdk modules. The top-level vault module is not intended to be a dependency for other projects, we're using go.mod solely to manage our own dependencies here. There's some discussion of this in #7848.

Is there another way to get TestCoreUnsealed to be able to do unit tests against vault? This is a huge thing (advocated by your founder) that is the only reason I'm importing vault.

[ncabatoff]

Ah, TestCoreUnsealed/NewTestCluster are indeed excellent reasons to import vault. I'll talk it over with the rest of the team and see if we can come up with a way to improve the situation.

[orirawlings]

I also have a dependency on the github.com/hashicorp/vault module due to DefaultTokenHelper. I'd love to see the token helper functionality moved into github.com/hashicorp/vault/api or another similar module since it helps any code using github.com/hashicorp/vault/api bootstrap authentication credentials.

I'm also facing the reported issue when trying to upgrade to github.com/hashicorp/[email protected].

[ggilley]

@ncabatoff Any update? I've had to avoid updating packages because of this issue.

[froismo]

I've fallen into this as well. In my case I'm using

"github.com/hashicorp/vault/http"
"github.com/hashicorp/vault/vault"

in tests.

[shaunco]

At a minimum, it would be really nice to have some guidance in the README.md or api/README.md, as doing a go get github.com/hashicorp/vault results in v1.0.4, which is about 2 years old at this point. I didn't even notice I ended up with a super old version until I tried to use RenewAccessor. This led to about an hour of trying to get v1.6.3 of the API, which just gives:

go: github.com/hashicorp/vault/[email protected]: reading github.com/hashicorp/vault/api/api/go.mod at revision api/v1.6.3: unknown revision api/v1.6.3

After reading through this issue, a go get github.com/hashicorp/vault/api@b540be4b7ec48d0dd7512c8d8df9399d6bf84d76 got me to the equivalent of v1.6.3, which has github.com/hashicorp/vault/api v1.0.5-0.20210224012239-b540be4b7ec4 in my go.mod.

[dynajoe]

Is there a recommendation on how we can continue using the TestCoreUnsealed function?

[averche]

This issue is quite old and may no longer be relevant, so I'm going to close it for now.

At a minimum, it would be really nice to have some guidance in the README.md or api/README.md, as doing a go get github.com/hashicorp/vault results in v1.0.4, which is about 2 years old at this point.

Running go get github.com/hashicorp/vault at the time of the writing pulls the latest version of vault:

go: downloading github.com/hashicorp/vault v1.11.3

I've tried retroactively fixing go.mod file in the 1.5.x branch but without any success. If this is still an issue and you are unable to use the latest version, please feel free to reopen this issue.