Benjamin_Boenisch/breakpilot-core
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(vault): prevent CPU-burning init loop with marker file + idempotent checks

Browse Source 
Root cause: init scripts ran repeatedly (on container restart) and tried
vault secrets enable / vault auth enable for already-existing paths.
Vault logged ERRORs and burned 40-84% CPU in the loop.

Fix:
- Marker file /vault/data/.init-complete skips re-initialization
- vault secrets list / vault auth list checks before enable calls
- No more "path already in use" errors on subsequent runs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-05-05 11:46:16 +02:00
parent 64f45be63a
commit 775d8b52f3
3 changed files with 32 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
vault/init-secrets.sh
+6 -2
View File
@@ -24,8 +24,12 @@ done
echo "Vault is ready. Initializing secrets..."
# Enable KV v2 secrets engine at 'secret/' (usually enabled in dev mode)
vault secrets enable -version=2 -path=secret kv 2>/dev/null || echo "KV engine already enabled"
# Enable KV v2 secrets engine at 'secret/' (only if not already enabled)
if ! vault secrets list -format=json 2>/dev/null | grep -q '"secret/"'; then
vault secrets enable -version=2 -path=secret kv
else
echo "KV engine already enabled — skipping"
fi
# ================================================
# API Keys (PLACEHOLDER - Replace in production!)