Merged
Conversation
Collaborator
digiserg
commented
Dec 23, 2025
digiserg
commented
Implements comprehensive dual backend support allowing vals-operator to work with both HashiCorp Vault and OpenBao. OpenBao is the open-source fork of Vault that maintains API compatibility while being fully community-driven. Key changes: - Add abstraction layer with SecretsClient interface for backend-agnostic operations - Implement OpenBao client wrapper using BAO_* environment variables - Implement Vault client wrapper maintaining existing VAULT_* variables for backwards compatibility - Add automatic environment variable fallback from BAO_* to VAULT_* variables - Add workaround for vals library compatibility by setting VAULT_* variables when using OpenBao - Update Helm chart to support both backends with proper configuration - Update documentation with authentication configuration for both backends - Fix initialization to check for either VAULT_ADDR or BAO_ADDR Environment variable changes: - OpenBao uses BAO_ prefix (BAO_ADDR, BAO_TOKEN, BAO_ROLE_ID, etc.) - Falls back to VAULT_* variables when BAO_* not set for easy migration - OpenBao takes precedence when both are configured This provides zero-downtime migration path from Vault to OpenBao while maintaining full backwards compatibility with existing deployments.
Signed-off-by: Sergio Rua <sergio.rua@digitalis.io>
rgooding
approved these changes
Jan 7, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.