Add bound_claims to OpenBao configuration
What does this merge request do and why?
Add bound_claims to OpenBao configuration
Also fixes inverse claim_mapping expectations.
See also: https://gitlab.com/gitlab-org/gitlab/-/issues/576434 See also: https://gitlab.com/gitlab-org/govern/secrets-management/gitlab-secrets-manager-container/-/merge_requests/74
Signed-off-by: Alexander Scheel <ascheel@gitlab.com>
How to set up and validate locally
https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/openbao.md should still be up-to-date; this is just a change in how the claim validation happens.
Impacted categories
The following categories relate to this merge request:
-
gdk-reliability - e.g. When a GDK action fails to complete. -
gdk-usability - e.g. Improvements or suggestions around how the GDK functions. -
gdk-performance - e.g. When a GDK action is slow or times out.
Merge request checklist
-
This MR references an issue describing the change. -
This change is backward compatible. If not, include steps to communicate to users. --> existing instances are not affected until they reset data: https://gitlab.com/gitlab-org/gitlab-development-kit/-/blob/main/doc/howto/openbao.md#reset-data -
Tests added for new functionality. If not, raise an issue to follow-up. --> synchronizes configuration used in https://gitlab.com/gitlab-org/govern/secrets-management/gitlab-secrets-manager-container -
Observability added/updated (logging, metrics, tracing). -
Documentation added/updated. -
Announcement added for notable changes. -
gdk doctortest added.
Edited by Alex Scheel