I'm using Vault and Concourse Helm charts. I have managed to get both working successfully, however, there are times specifically when the concourse-web pod is restarted for whatever reason, that when it restarts, I get the resource config creds evaluation: undefined vars: error when trying to retrieve secrets from Vault. It will be working completely fine up until the restart of the concourse-web pod.
Does anyone know why this keeps happening? I am using the approle auth backend, and adding it to the correct secret values - as I've managed to get it working fine. But it's getting to a point where countless hours have been lost having to delete the approle in vault, recreate it, get a new credentials to add to the concourse secret. Even this is temperamental as sometimes it resolves and sometimes it doesn't. Is there any official way of doing this? Or is the case valid where every time the concourse-web pod restarts that it completely severs ties with all working approle's?
I'm using Vault and Concourse Helm charts. I have managed to get both working successfully, however, there are times specifically when the
concourse-web
pod is restarted for whatever reason, that when it restarts, I get theresource config creds evaluation: undefined vars:
error when trying to retrieve secrets from Vault. It will be working completely fine up until the restart of theconcourse-web
pod.Does anyone know why this keeps happening? I am using the
approle
auth backend, and adding it to the correct secret values - as I've managed to get it working fine. But it's getting to a point where countless hours have been lost having to delete theapprole
in vault, recreate it, get a new credentials to add to the concourse secret. Even this is temperamental as sometimes it resolves and sometimes it doesn't. Is there any official way of doing this? Or is the case valid where every time theconcourse-web
pod restarts that it completely severs ties with all workingapprole
's?