Attention Iron Bank Customers: On March 27, 2025, we are moving SBOM artifacts from the Anchore Scan job to the Build job to streamline the container hardening pipeline. If you currently download SBOMs from the Anchore Scan job, you can still get them from the Build job and from other sources, including IBFE and image attestations.
Adds further logic to the init container to handle when vault is already initialized.
It is worth noting that unsealing vault after a situation where pods get restarted and vault seals itself, outside of a KMS environment this needs to be done manually and the rest of this job will still time out as it did before, but vault functionality will continue as long as unsealing is performed. This is only on a redeployment or other situation where vault seals itself and the init job runs again.
Justin Guidry authored