vault-token-renew runbook: document the self-heal behavior
All checks were successful
ci/woodpecker/push/default Pipeline was successful
All checks were successful
ci/woodpecker/push/default Pipeline was successful
Drift guard section rewritten: admin-capable clobbers now self-heal at the nightly run (HEALED log line); weak clobbers keep the loud DRIFT failure; manual re-mint is only the weak-clobber recovery now. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
parent
4a7b6db806
commit
d9717a53bf
2 changed files with 39 additions and 23 deletions
|
|
@ -1,10 +1,11 @@
|
|||
#!/usr/bin/env bash
|
||||
# Unit tests for the pure drift-guard functions in vault-token-renew.sh.
|
||||
# Sources the script (vtr_main is guarded) and exercises the decision logic that
|
||||
# decides whether ~/.vault-token is OUR periodic admin token (renew) or a foreign
|
||||
# token that clobbered the file (refuse, fail loud). This is exactly the logic
|
||||
# whose ABSENCE let the 2026-06-05 woodpecker-token clobber be silently renewed
|
||||
# for two days. Run: bash infra/scripts/test-vault-token-renew.sh
|
||||
# Unit tests for the pure functions in vault-token-renew.sh.
|
||||
# Sources the script (vtr_main is guarded) and exercises (a) the drift-guard
|
||||
# decision — is ~/.vault-token OUR periodic admin token (renew) or a foreign
|
||||
# clobber (heal / fail loud)? — whose ABSENCE let the 2026-06-05 woodpecker
|
||||
# clobber be silently renewed for two days, and (b) the self-heal's revoke
|
||||
# filter — which stale token-devvm-wizard tokens a heal may sweep.
|
||||
# Run: bash infra/scripts/test-vault-token-renew.sh
|
||||
set -uo pipefail
|
||||
DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
||||
# shellcheck source=/dev/null
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue