GeneralBots/botserver
2
1
Fork 0
Code Issues Pull requests Projects Releases 323 Packages Wiki Activity Actions

fix(bootstrap): Initialize SecretsManager after Vault starts in start_all/ensure_services_running

Browse source 
When services are already configured (bootstrap completed), the code
calls start_all() or ensure_services_running() which starts Vault
but didn't initialize SecretsManager. This caused create_conn() to
fail with 'Vault not configured' even though Vault was running.

Now both functions initialize SecretsManager after Vault is unsealed,
ensuring database connections can retrieve credentials from Vault.
This commit is contained in:
Rodrigo Rodriguez (Pragmatismo) 2025-12-09 07:58:39 -03:00
parent 583e764bb9
commit 824b12365b
1 changed files with 22 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
src/core/bootstrap/mod.rs
View file

@ -159,6 +159,15 @@ impl BootstrapManager {
if let Err(e) = self.ensure_vault_unsealed().await {
warn!("Vault unseal check: {}", e);
}
// Initialize SecretsManager so other code can use Vault
info!("Initializing SecretsManager...");
match init_secrets_manager().await {
Ok(_) => info!("SecretsManager initialized successfully"),
Err(e) => {
warn!("Failed to initialize SecretsManager: {}", e);
}
}
}
// Start tables (PostgreSQL) - needed for database operations
@ -315,6 +324,19 @@ impl BootstrapManager {
// Services were started by bootstrap, no need to restart them
return Ok(());
}
// Initialize SecretsManager so other code can use Vault
info!("Initializing SecretsManager...");
match init_secrets_manager().await {
Ok(_) => info!("SecretsManager initialized successfully"),
Err(e) => {
error!("Failed to initialize SecretsManager: {}", e);
return Err(anyhow::anyhow!(
"SecretsManager initialization failed: {}",
e
));
}
}
} else {
// Vault not installed - cannot proceed, need to run bootstrap
warn!("Vault (secrets) component not installed - run bootstrap first");