From de135bbf80189b2aa4d190c7c548853a5af8acb1 Mon Sep 17 00:00:00 2001 From: woojae-siloai Date: Sun, 8 Feb 2026 10:22:50 +0200 Subject: [PATCH 01/10] fix: move ConfigMap to openbao-config folder and rename init version to avoid conflict --- scripts/bootstrap.sh | 10 ++++------ .../templates/cf-init-openbao-job.yaml | 2 +- .../0.1.0}/templates/openbao-secret-manager-cm.yaml | 0 3 files changed, 5 insertions(+), 7 deletions(-) rename {scripts/init-openbao-job => sources/openbao-config/0.1.0}/templates/openbao-secret-manager-cm.yaml (100%) diff --git a/scripts/bootstrap.sh b/scripts/bootstrap.sh index e8991cc6..63cc36a5 100755 --- a/scripts/bootstrap.sh +++ b/scripts/bootstrap.sh @@ -270,12 +270,10 @@ helm template --release-name openbao ${SCRIPT_DIR}/../sources/openbao/0.18.2 --n --kube-version=${KUBE_VERSION} | kubectl apply --server-side --field-manager=argocd-controller --force-conflicts -f - kubectl wait --for=jsonpath='{.status.phase}'=Running pod/openbao-0 -n cf-openbao --timeout=100s -# Create static ConfigMaps needed for init job -echo "Creating OpenBao config static resources..." -helm template --release-name openbao-config-static ${SCRIPT_DIR}/init-openbao-job \ - --set domain="${DOMAIN}" \ - --kube-version=${KUBE_VERSION} \ - --show-only templates/openbao-secret-manager-cm.yaml | kubectl apply -f - +# Create initial secrets config for init job (separate from ArgoCD-managed version) +echo "Creating initial OpenBao secrets configuration..." +cat ${SCRIPT_DIR}/../sources/openbao-config/0.1.0/templates/openbao-secret-manager-cm.yaml | \ + sed "s|name: openbao-secret-manager-scripts|name: openbao-secret-manager-scripts-init|g" | kubectl apply -f - # Create initial secrets config for init job (separate from ArgoCD-managed version) echo "Creating initial OpenBao secrets configuration..." diff --git a/scripts/init-openbao-job/templates/cf-init-openbao-job.yaml b/scripts/init-openbao-job/templates/cf-init-openbao-job.yaml index 8bc6a729..31f0d6f7 100644 --- a/scripts/init-openbao-job/templates/cf-init-openbao-job.yaml +++ b/scripts/init-openbao-job/templates/cf-init-openbao-job.yaml @@ -55,5 +55,5 @@ spec: name: openbao-secrets-init-config - name: secret-manager configMap: - name: openbao-secret-manager-scripts + name: openbao-secret-manager-scripts-init defaultMode: 0755 diff --git a/scripts/init-openbao-job/templates/openbao-secret-manager-cm.yaml b/sources/openbao-config/0.1.0/templates/openbao-secret-manager-cm.yaml similarity index 100% rename from scripts/init-openbao-job/templates/openbao-secret-manager-cm.yaml rename to sources/openbao-config/0.1.0/templates/openbao-secret-manager-cm.yaml From 56179b1c31efeede04cd34b088e40bd030a5a1ba Mon Sep 17 00:00:00 2001 From: woojae-siloai Date: Sun, 8 Feb 2026 20:30:53 +0200 Subject: [PATCH 02/10] test: openbao replica 3 like v1.7.0 --- root/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/root/values.yaml b/root/values.yaml index d428069f..3408cc9a 100644 --- a/root/values.yaml +++ b/root/values.yaml @@ -142,7 +142,7 @@ apps: enabled: false raft: enabled: false - replicas: 1 + replicas: 3 ui: enabled: true syncWave: -4 From 7f478dcaf868c7e4df1c6e3fe3fe7d70cc6a8861 Mon Sep 17 00:00:00 2001 From: woojae-siloai Date: Sun, 8 Feb 2026 20:31:44 +0200 Subject: [PATCH 03/10] test: openbao replica 3 like v1.7.0 --- root/values_medium.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/root/values_medium.yaml b/root/values_medium.yaml index 1b0a5d02..a93e51cc 100644 --- a/root/values_medium.yaml +++ b/root/values_medium.yaml @@ -129,7 +129,7 @@ apps: server: ha: enabled: false - replicas: 1 + replicas: 3 raft: enabled: false dataStorage: From ba47b5b07b2cd09b5554a0f4b7f28277b8deba2e Mon Sep 17 00:00:00 2001 From: woojae-siloai Date: Sun, 8 Feb 2026 21:12:02 +0200 Subject: [PATCH 04/10] test: openbao replica ha true --- sources/openbao/0.18.2/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources/openbao/0.18.2/values.yaml b/sources/openbao/0.18.2/values.yaml index 2402d2c8..1f078e76 100644 --- a/sources/openbao/0.18.2/values.yaml +++ b/sources/openbao/0.18.2/values.yaml @@ -881,7 +881,7 @@ server: # Helm project by default. It is possible to manually configure OpenBao to use a # different HA backend. ha: - enabled: false + enabled: true replicas: 3 # Set the api_addr configuration for OpenBao HA From 85734db4557827c2db893f1b1a5d258432a2713e Mon Sep 17 00:00:00 2001 From: woojae-siloai Date: Sun, 8 Feb 2026 21:26:26 +0200 Subject: [PATCH 05/10] test: openbao raft true --- sources/openbao/0.18.2/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sources/openbao/0.18.2/values.yaml b/sources/openbao/0.18.2/values.yaml index 1f078e76..c2071647 100644 --- a/sources/openbao/0.18.2/values.yaml +++ b/sources/openbao/0.18.2/values.yaml @@ -900,7 +900,7 @@ server: # The OpenBao cluster will coordinate leader elections and failovers internally. raft: # Enables Raft integrated storage - enabled: false + enabled: true # Set the Node Raft ID to the name of the pod setNodeId: false From 5bd10abc53cfa8876b9b0b718366574235401e0a Mon Sep 17 00:00:00 2001 From: woojae-siloai Date: Sun, 8 Feb 2026 21:39:01 +0200 Subject: [PATCH 06/10] test: openbao edit values ha and raft --- root/values.yaml | 4 ++-- root/values_medium.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/root/values.yaml b/root/values.yaml index 3408cc9a..aa428950 100644 --- a/root/values.yaml +++ b/root/values.yaml @@ -139,9 +139,9 @@ apps: component: server topologyKey: kubernetes.io/hostname ha: - enabled: false + enabled: true raft: - enabled: false + enabled: true replicas: 3 ui: enabled: true diff --git a/root/values_medium.yaml b/root/values_medium.yaml index a93e51cc..5e1e0c34 100644 --- a/root/values_medium.yaml +++ b/root/values_medium.yaml @@ -128,10 +128,10 @@ apps: valuesObject: server: ha: - enabled: false + enabled: true replicas: 3 raft: - enabled: false + enabled: true dataStorage: size: 5Gi storageClass: direct From c2ea390b44bc4f9ed595c95d3c2e343c2094abe7 Mon Sep 17 00:00:00 2001 From: Daniel Vaskivaara Date: Mon, 9 Feb 2026 10:01:54 +0200 Subject: [PATCH 07/10] triage: hard-code templates/cluster-forge.yaml sources --- root/templates/cluster-forge.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/root/templates/cluster-forge.yaml b/root/templates/cluster-forge.yaml index bcaa2620..77783167 100644 --- a/root/templates/cluster-forge.yaml +++ b/root/templates/cluster-forge.yaml @@ -16,12 +16,12 @@ spec: # here we want the base values.yaml and the custom values file from external repo # the path to the custom values file is relative to the root of the external values repo valueFiles: - - {{ .Values.externalValues.path }} - - {{ .Values.global.clusterSize }} - - $values/values.yaml + - values.yaml + - values_large.yaml + - $cluster-values/values.yaml - repoURL: {{ .Values.externalValues.repoUrl }} targetRevision: {{ .Values.externalValues.targetRevision }} - ref: values + ref: cluster-values {{ else }} # helm-chart & values file within the same git repo source: From 98051fe62bba62c3618143c9a5a8bc68ca5b4c2b Mon Sep 17 00:00:00 2001 From: Daniel Vaskivaara Date: Mon, 9 Feb 2026 10:30:17 +0200 Subject: [PATCH 08/10] fix: revert value file changes --- root/values.yaml | 6 +++--- root/values_medium.yaml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/root/values.yaml b/root/values.yaml index aa428950..d428069f 100644 --- a/root/values.yaml +++ b/root/values.yaml @@ -139,10 +139,10 @@ apps: component: server topologyKey: kubernetes.io/hostname ha: - enabled: true + enabled: false raft: - enabled: true - replicas: 3 + enabled: false + replicas: 1 ui: enabled: true syncWave: -4 diff --git a/root/values_medium.yaml b/root/values_medium.yaml index 5e1e0c34..1b0a5d02 100644 --- a/root/values_medium.yaml +++ b/root/values_medium.yaml @@ -128,10 +128,10 @@ apps: valuesObject: server: ha: - enabled: true - replicas: 3 + enabled: false + replicas: 1 raft: - enabled: true + enabled: false dataStorage: size: 5Gi storageClass: direct From d57e054f82ea77af3fb4d80c1066e8864a2616b7 Mon Sep 17 00:00:00 2001 From: Daniel Vaskivaara Date: Mon, 9 Feb 2026 10:32:01 +0200 Subject: [PATCH 09/10] fix: revert openbao source values.yaml --- sources/openbao/0.18.2/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sources/openbao/0.18.2/values.yaml b/sources/openbao/0.18.2/values.yaml index c2071647..2402d2c8 100644 --- a/sources/openbao/0.18.2/values.yaml +++ b/sources/openbao/0.18.2/values.yaml @@ -881,7 +881,7 @@ server: # Helm project by default. It is possible to manually configure OpenBao to use a # different HA backend. ha: - enabled: true + enabled: false replicas: 3 # Set the api_addr configuration for OpenBao HA @@ -900,7 +900,7 @@ server: # The OpenBao cluster will coordinate leader elections and failovers internally. raft: # Enables Raft integrated storage - enabled: true + enabled: false # Set the Node Raft ID to the name of the pod setNodeId: false From 78da5c8036a1b26a4887d584c9c85ac1c0310e4f Mon Sep 17 00:00:00 2001 From: Daniel Vaskivaara Date: Mon, 9 Feb 2026 10:47:39 +0200 Subject: [PATCH 10/10] fix: revert hard-coding of cluster-forge application manifest --- root/templates/cluster-forge.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/root/templates/cluster-forge.yaml b/root/templates/cluster-forge.yaml index 77783167..ce7cee38 100644 --- a/root/templates/cluster-forge.yaml +++ b/root/templates/cluster-forge.yaml @@ -16,8 +16,8 @@ spec: # here we want the base values.yaml and the custom values file from external repo # the path to the custom values file is relative to the root of the external values repo valueFiles: - - values.yaml - - values_large.yaml + - {{ .Values.externalValues.path }} + - {{ .Values.global.clusterSize }} - $cluster-values/values.yaml - repoURL: {{ .Values.externalValues.repoUrl }} targetRevision: {{ .Values.externalValues.targetRevision }}