generated from coulomb/repo-seed
Fix OpenBao rotation commands
This commit is contained in:
@@ -284,6 +284,12 @@ state. The stage model now moves from S3 to S4 after OpenBao initial
|
||||
configuration, root-token disposition, and restore drill are complete, then to
|
||||
S5 only when the platform is explicitly reopened under custody.
|
||||
|
||||
**2026-05-25:** Corrected the OpenBao rotate-keys action cards after the
|
||||
operator hit `permission denied` on rotation init. The rotation commands now
|
||||
open an interactive pod TTY, prompt there for a root/sudo-capable OpenBao
|
||||
token, keep the token out of the local command line, and then run rotate init,
|
||||
share submission, or cancel.
|
||||
|
||||
**2026-05-24:** Stepped back from ad hoc secret rollout and added the
|
||||
custodian age-key bootstrap model to the control surface. The UI now records
|
||||
the custodian public age recipient, a derived fingerprint, and a non-secret
|
||||
|
||||
Reference in New Issue
Block a user