veles: replace secrets oneoff job

2026-06-09 01:06:18 -03:00 · 2026-06-09 01:06:18 -03:00 · 2985a7d12c
commit 2985a7d12c
parent 4f7777522e
2 changed files with 3 additions and 3 deletions
--- a/services/veles/NOTES.md
+++ b/services/veles/NOTES.md
@ -52,7 +52,7 @@ tolerations:
 2. Use Metis with `titan-23` in `METIS_FLASH_HOSTS`; the existing node secret placeholder uses `192.168.22.23`.
 3. Confirm the node normalizer applies the Veles labels and taint.
 4. Add Oceanus Longhorn disks at paths tagged by the Longhorn tag ensure job.
-5. Let Vault policy reconciliation run, then unsuspend `veles-secrets-ensure-1`.
+5. Let Vault policy reconciliation run, then unsuspend `veles-secrets-ensure-2`.
 6. Unsuspend `veles-realm-ensure-1` in `services/keycloak` to create the realm/client secret.
 7. Create the Harbor `veles` project or robot access before image automation is enabled in production.
 8. Scale `veles-postgres`, then backend/frontend once app images exist.
--- a/services/veles/oneoffs/veles-secrets-ensure-job.yaml
+++ b/services/veles/oneoffs/veles-secrets-ensure-job.yaml
@ -1,11 +1,11 @@
 # services/veles/oneoffs/veles-secrets-ensure-job.yaml
-# One-off job for veles/veles-secrets-ensure-1.
+# One-off job for veles/veles-secrets-ensure-2.
 # Purpose: seed Veles Vault paths before app/Postgres pods are scaled up.
 # Keep suspended until the veles Vault role has reconciled, then unsuspend once.
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: veles-secrets-ensure-1
+  name: veles-secrets-ensure-2
  namespace: veles
 spec:
  suspend: true