From 5c0f3d5b4ed92bd89da05d546a9da4db07c37635 Mon Sep 17 00:00:00 2001 From: Alex Lebens Date: Sun, 12 Apr 2026 19:35:20 -0500 Subject: [PATCH] feat: update unseal --- .../helm/vault/templates/external-secret.yaml | 102 ++++-------------- clusters/cl01tl/helm/vault/values.yaml | 6 +- 2 files changed, 24 insertions(+), 84 deletions(-) diff --git a/clusters/cl01tl/helm/vault/templates/external-secret.yaml b/clusters/cl01tl/helm/vault/templates/external-secret.yaml index 70ee24901..02eca8ca1 100644 --- a/clusters/cl01tl/helm/vault/templates/external-secret.yaml +++ b/clusters/cl01tl/helm/vault/templates/external-secret.yaml @@ -138,40 +138,20 @@ spec: data: - secretKey: ENVIRONMENT remoteRef: - key: /cl01tl/vault/unseal/config-1 + key: /cl01tl/vault/unseal property: ENVIRONMENT - - secretKey: CHECK_INTERVAL - remoteRef: - key: /cl01tl/vault/unseal/config-1 - property: CHECK_INTERVAL - - secretKey: MAX_CHECK_INTERVAL - remoteRef: - key: /cl01tl/vault/unseal/config-1 - property: MAX_CHECK_INTERVAL - secretKey: NODES remoteRef: - key: /cl01tl/vault/unseal/config-1 + key: /cl01tl/vault/unseal property: NODES - - secretKey: TLS_SKIP_VERIFY - remoteRef: - key: /cl01tl/vault/unseal/config-1 - property: TLS_SKIP_VERIFY - secretKey: TOKENS remoteRef: - key: /cl01tl/vault/unseal/config-1 - property: TOKENS - - secretKey: EMAIL_ENABLED + key: /cl01tl/vault/unseal + property: TOKENS_1 + - secretKey: NOTIFY_QUEUE_URLS remoteRef: - key: /cl01tl/vault/unseal/config-1 - property: EMAIL_ENABLED - - secretKey: NOTIFY_MAX_ELAPSED - remoteRef: - key: /cl01tl/vault/unseal/config-1 - property: NOTIFY_MAX_ELAPSED - - secretKey: NOTIFY_QUEUE_DELAY - remoteRef: - key: /cl01tl/vault/unseal/config-1 - property: NOTIFY_QUEUE_DELAY + key: /cl01tl/vault/unseal + property: NOTIFY_QUEUE_URLS --- apiVersion: external-secrets.io/v1 @@ -190,40 +170,20 @@ spec: data: - secretKey: ENVIRONMENT remoteRef: - key: /cl01tl/vault/unseal/config-2 + key: /cl01tl/vault/unseal property: ENVIRONMENT - - secretKey: CHECK_INTERVAL - remoteRef: - key: /cl01tl/vault/unseal/config-2 - property: CHECK_INTERVAL - - secretKey: MAX_CHECK_INTERVAL - remoteRef: - key: /cl01tl/vault/unseal/config-2 - property: MAX_CHECK_INTERVAL - secretKey: NODES remoteRef: - key: /cl01tl/vault/unseal/config-2 + key: /cl01tl/vault/unseal property: NODES - - secretKey: TLS_SKIP_VERIFY - remoteRef: - key: /cl01tl/vault/unseal/config-2 - property: TLS_SKIP_VERIFY - secretKey: TOKENS remoteRef: - key: /cl01tl/vault/unseal/config-2 - property: TOKENS - - secretKey: EMAIL_ENABLED + key: /cl01tl/vault/unseal + property: TOKENS_2 + - secretKey: NOTIFY_QUEUE_URLS remoteRef: - key: /cl01tl/vault/unseal/config-2 - property: EMAIL_ENABLED - - secretKey: NOTIFY_MAX_ELAPSED - remoteRef: - key: /cl01tl/vault/unseal/config-2 - property: NOTIFY_MAX_ELAPSED - - secretKey: NOTIFY_QUEUE_DELAY - remoteRef: - key: /cl01tl/vault/unseal/config-2 - property: NOTIFY_QUEUE_DELAY + key: /cl01tl/vault/unseal + property: NOTIFY_QUEUE_URLS --- apiVersion: external-secrets.io/v1 @@ -242,40 +202,20 @@ spec: data: - secretKey: ENVIRONMENT remoteRef: - key: /cl01tl/vault/unseal/config-3 + key: /cl01tl/vault/unseal property: ENVIRONMENT - - secretKey: CHECK_INTERVAL - remoteRef: - key: /cl01tl/vault/unseal/config-3 - property: CHECK_INTERVAL - - secretKey: MAX_CHECK_INTERVAL - remoteRef: - key: /cl01tl/vault/unseal/config-3 - property: MAX_CHECK_INTERVAL - secretKey: NODES remoteRef: - key: /cl01tl/vault/unseal/config-3 + key: /cl01tl/vault/unseal property: NODES - - secretKey: TLS_SKIP_VERIFY - remoteRef: - key: /cl01tl/vault/unseal/config-3 - property: TLS_SKIP_VERIFY - secretKey: TOKENS remoteRef: - key: /cl01tl/vault/unseal/config-3 - property: TOKENS - - secretKey: EMAIL_ENABLED + key: /cl01tl/vault/unseal + property: TOKENS_3 + - secretKey: NOTIFY_QUEUE_URLS remoteRef: - key: /cl01tl/vault/unseal/config-3 - property: EMAIL_ENABLED - - secretKey: NOTIFY_MAX_ELAPSED - remoteRef: - key: /cl01tl/vault/unseal/config-3 - property: NOTIFY_MAX_ELAPSED - - secretKey: NOTIFY_QUEUE_DELAY - remoteRef: - key: /cl01tl/vault/unseal/config-3 - property: NOTIFY_QUEUE_DELAY + key: /cl01tl/vault/unseal + property: NOTIFY_QUEUE_URLS --- apiVersion: external-secrets.io/v1 diff --git a/clusters/cl01tl/helm/vault/values.yaml b/clusters/cl01tl/helm/vault/values.yaml index ab99b7e75..ef58a705b 100644 --- a/clusters/cl01tl/helm/vault/values.yaml +++ b/clusters/cl01tl/helm/vault/values.yaml @@ -272,7 +272,7 @@ unseal: main: image: repository: ghcr.io/lrstanley/vault-unseal - tag: 0.7.2@sha256:b25d0c2f6a73d1b9a3907befa473f08fe9fac828d248d7e9702517c5b967733c + tag: 1.0.0@sha256:24ca9bceccdb0a22ae57574346dee4bec107c9b849f836811972b8f7f1baa4ef envFrom: - secretRef: name: vault-unseal-config-1 @@ -288,7 +288,7 @@ unseal: main: image: repository: ghcr.io/lrstanley/vault-unseal - tag: 0.7.2@sha256:b25d0c2f6a73d1b9a3907befa473f08fe9fac828d248d7e9702517c5b967733c + tag: 1.0.0@sha256:24ca9bceccdb0a22ae57574346dee4bec107c9b849f836811972b8f7f1baa4ef envFrom: - secretRef: name: vault-unseal-config-2 @@ -304,7 +304,7 @@ unseal: main: image: repository: ghcr.io/lrstanley/vault-unseal - tag: 0.7.2@sha256:b25d0c2f6a73d1b9a3907befa473f08fe9fac828d248d7e9702517c5b967733c + tag: 1.0.0@sha256:24ca9bceccdb0a22ae57574346dee4bec107c9b849f836811972b8f7f1baa4ef envFrom: - secretRef: name: vault-unseal-config-3