Hey Folks,
We have a K8s cluster with one single Vault server and multiple validators for different networks ( e.g. goerli, gnosis and mainnet ), each validator chart (network) is located in a different namespace of course.
We noted that sync-vault creates ACL policies and Roles for getting access to the validators but they are fixed with the string "validators" so it won't work if you want to have multiple mount_points with keys for different networks in the same Vault.
I create this issue in order to have centralised conversation of our proposal which is, create policies and roles which names, based on the namespace instead a fixed name.
Of course it also means we will need to update the way validators are getting keys in init.sh.
Hey Folks,
We have a K8s cluster with one single Vault server and multiple validators for different networks ( e.g. goerli, gnosis and mainnet ), each validator chart (network) is located in a different namespace of course.
We noted that
sync-vaultcreates ACL policies and Roles for getting access to the validators but they are fixed with the string "validators" so it won't work if you want to have multiple mount_points with keys for different networks in the same Vault.I create this issue in order to have centralised conversation of our proposal which is, create policies and roles which names, based on the namespace instead a fixed name.
Of course it also means we will need to update the way validators are getting keys in init.sh.