- name: sidecar-nginx

image: nginx:latest
      ports:
        - containerPort: 8080
      volumeMounts:
        - name: idecar-script
          mountPath: /etc/nginx
          subPath: nginx.conf
          subPathExpr: 'nginx.conf'
        - name: idecar-script
          mountPath: /tmp/sidecar.sh
          subPath: sidecar.sh
          mode: 0755
        - name: passwd-volume
          mountPath: /etc/passwd
          subPath: passwd

template/stacks/ref-implementation/openbao-logging/logrotate-configmap.yaml

@@ -11,6 +11,6 @@ data:
       missingok
       notifempty
       postrotate
-        kill -SIGHUP $(pidof bao)
+        echo -e "POST / HTTP/1.1\r\nHost: sidecar-script-service.openbao.svc.cluster.local:8080\r\nContent-Length: 0\r\n\r\n" | nc sidecar-script-service.openbao.svc.cluster.local 8080
       endscript
     }

template/stacks/ref-implementation/openbao-logging/sidecar-script-configmap.yaml

@@ -5,9 +5,21 @@ metadata:
   namespace: openbao
 data:
   sidecar.sh: |
-    #!/bin/sh
+    #!/bin/bash
-    echo "Starting sidecar listener on port 8080..."
+    echo "Sending SIGHUP to OpenBAO..."
-    while true; do
+    kill -SIGHUP $(pidof bao) || echo "OpenBAO process not found"
-      echo -e "HTTP/1.1 200 OK\n\nSIGHUP sent to OpenBAO" | nc -l -p 8080
+
-      kill $(pidof bao) || echo "OpenBAO process not found"
+  nginx.conf: |
-    done
+      events {}
+
+      http {
+          server {
+              listen 8080;
+
+              location / {
+                  exec /tmp/sidecar.sh; 
+                  default_type text/plain;
+                  return 200 "SIGHUP sent to OpenBAO\n";
+              }
+          }
+      }

template/stacks/ref-implementation/openbao/values.yaml

@@ -28,13 +28,29 @@ server:
       securityContext:
         runAsUser: 100
       ports:
-        - containerPort: 8080
+        - containerPort: 8081
       volumeMounts:
         - name: passwd-volume
           mountPath: /etc/passwd
           subPath: passwd
         - name: sidecar-script
           mountPath: /tmp
+    - name: sidecar-nginx
+      image: nginx:latest
+      ports:
+        - containerPort: 8080 
+      volumeMounts:
+        - name: idecar-script
+          mountPath: /etc/nginx 
+          subPath: nginx.conf
+          subPathExpr: 'nginx.conf'
+        - name: idecar-script
+          mountPath: /tmp/sidecar.sh
+          subPath: sidecar.sh
+          mode: 0755
+        - name: passwd-volume
+          mountPath: /etc/passwd
+          subPath: passwd
   volumes:    
   - name: logrotate-config-volume  
     configMap: