server: extraContainers: - name: grafana-alloy image: grafana/alloy:latest ports: - containerPort: 12345 securityContext: runAsUser: 100 volumeMounts: - name: log-storage mountPath: /openbao/logs - name: alloy-data mountPath: /var/lib/alloy - name: config-volume mountPath: /etc/alloy - name: log-sidecar image: alpine:latest command: ["/bin/sh", "-c", " while true; do echo 'Hello' sleep 5; done "] volumeMounts: - name: log-storage mountPath: /openbao/logs/pupa - name: config-volume mountPath: /etc/alloy items: - key: "config.yaml" path: "config.alloy" volumes: - name: log-storage emptyDir: {} - name: alloy-data emptyDir: {} - name: config-volume configMap: name: sidecar-container-alloy-config volumeMounts: - mountPath: /openbao/logs name: log-storage readOnly: false postStart: - sh - -c - | sleep 10 bao operator init >> /tmp/init.txt cat /tmp/init.txt | grep "Key " | awk '{print $NF}' | xargs -I{} bao operator unseal {} echo $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/initial_token.txt echo $(grep "Unseal Key 1:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key1.txt echo $(grep "Unseal Key 2:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key2.txt echo $(grep "Unseal Key 3:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key3.txt echo $(grep "Unseal Key 4:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key4.txt echo $(grep "Unseal Key 5:" /tmp/init.txt | awk '{print $NF}')| cat > /openbao/data/unseal_key5.txt bao login $(grep "Initial Root Token:" /tmp/init.txt | awk '{print $NF}') rm /tmp/init.txt bao audit enable -path="stdout" file file_path=stdout bao audit enable -path="file" file file_path=/openbao/logs/openbao.log ui: enabled: true