From 1898daa4a5a1695a51bc30451adbd0ed96cf7bc7 Mon Sep 17 00:00:00 2001
From: miwr <michal.wrobel@telekom.de>
Date: Wed, 26 Mar 2025 14:36:03 +0100
Subject: [PATCH] bao audit enable file file_path=stdout added

---
 template/stacks/ref-implementation/openbao/values.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/template/stacks/ref-implementation/openbao/values.yaml b/template/stacks/ref-implementation/openbao/values.yaml
index 0ff72cf..4a9e926 100644
--- a/template/stacks/ref-implementation/openbao/values.yaml
+++ b/template/stacks/ref-implementation/openbao/values.yaml
@@ -4,6 +4,7 @@ server:
     - -c
     - |
       sleep 10
+      rm -rf /openbao/data/* # UN-initialises the openbao server (necessary for the new instance to spin up if the pod or container crashes)
       bao operator init >> /tmp/init.txt
       cat /tmp/init.txt | grep "Key " | awk '{print $NF}' | xargs -I{} bao operator unseal {}
       echo $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/initial_token.txt
@@ -13,5 +14,7 @@ server:
       echo $(grep "Unseal Key 4:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key4.txt
       echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt
       rm /tmp/init.txt
+      bao login $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')      
+      bao audit enable file file_path=stdout 
 ui:
   enabled: true