oss compoments for multi-vault namespaces #8453
Conversation
| @@ -101,6 +101,11 @@ Run Options: | |||
| the job file. This overrides the token found in $VAULT_TOKEN environment | |||
| variable and that found in the job. | |||
|
|
|||
| -vault-namespace | |||
| If set, the passed Vault namespace is stored in the job before sending to the | |||
| Nomad servers. This overrides the namespace found in $VAULT_NAMESPACE environment | |||
There was a problem hiding this comment.
I just realized this is a bit of a backwards incompatibility:
Before Nomad ignored this environment variable and would have used the agent-configured Vault namespace.
Now the operator's environment will override the agent-configuration.
I could see this being an issue for CI/CD environments which may use a distinct Vault namespace from the app being deployed.
However, VAULT_TOKEN is already prior art for nomad run's environment to be app specific.
To be safe, let's call out this change in the Version Specific Upgrade docs.
drewbailey
force-pushed
the
oss-multi-vault-ns
branch
2 times, most recently
from
3d287a7 to
9e9f7c2
Compare
adds in oss components to support enterprise multi-vault namespace feature upgrade specific doc on vault multi-namespaces vault docs update test to reflect new error
drewbailey
force-pushed
the
oss-multi-vault-ns
branch
from
457371d to
1981036
Compare
Signed-off-by: Yoan Blanc <[email protected]>
Signed-off-by: Yoan Blanc <[email protected]>
Signed-off-by: Yoan Blanc <[email protected]>
Signed-off-by: Yoan Blanc <[email protected]>
|
I'm going to lock this pull request because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active contributions. |
Adds oss components to support enterprise multi-vault namespace feature