generated from coulomb/repo-seed
Clarify OpenBao rotation flow
This commit is contained in:
@@ -290,6 +290,12 @@ open an interactive pod TTY, prompt there for a root/sudo-capable OpenBao
|
||||
token, keep the token out of the local command line, and then run rotate init,
|
||||
share submission, or cancel.
|
||||
|
||||
**2026-05-26:** Added an explicit rotation-status action and clarified the
|
||||
rotation flow after the operator successfully started rotate-keys and then hit
|
||||
`rotation already in progress` by rerunning init. The UI now says init is a
|
||||
run-once step and that the next step is checking status or submitting existing
|
||||
shares with the nonce until quorum completes.
|
||||
|
||||
**2026-05-24:** Stepped back from ad hoc secret rollout and added the
|
||||
custodian age-key bootstrap model to the control surface. The UI now records
|
||||
the custodian public age recipient, a derived fingerprint, and a non-secret
|
||||
|
||||
Reference in New Issue
Block a user