Working version 6.2

src/lib/openbao.ts

@@ -2,8 +2,7 @@ import { readFileSync } from "fs";
 
 const OPENBAO_ADDR =
   process.env.OPENBAO_ADDR || "http://openbao.openbao.svc:8200";
-const SA_TOKEN_PATH =
-  "/var/run/secrets/kubernetes.io/serviceaccount/token";
+const SA_TOKEN_PATH = "/var/run/secrets/kubernetes.io/serviceaccount/token";
 const K8S_AUTH_ROLE = process.env.OPENBAO_K8S_ROLE || "pieced-portal";
 const K8S_AUTH_MOUNT = process.env.OPENBAO_K8S_MOUNT || "kubernetes";
 
@@ -15,7 +14,6 @@ async function authenticate(): Promise<string> {
   }
 
   const jwt = readFileSync(SA_TOKEN_PATH, "utf-8").trim();
-
   const res = await fetch(
     `${OPENBAO_ADDR}/v1/auth/${K8S_AUTH_MOUNT}/login`,
     {
@@ -38,14 +36,9 @@ async function authenticate(): Promise<string> {
     token,
     expiresAt: Date.now() + leaseDuration * 1000,
   };
-
   return token;
 }
 
-/**
- * Write secrets for a tenant package to OpenBao KV v2.
- * Path: secret/data/tenants/{tenantId}/{packageId}
- */
 export async function writePackageSecrets(
   tenantId: string,
   packageId: string,
@@ -53,7 +46,6 @@ export async function writePackageSecrets(
 ): Promise<void> {
   const token = await authenticate();
   const path = `secret/data/tenants/${tenantId}/${packageId}`;
-
   const res = await fetch(`${OPENBAO_ADDR}/v1/${path}`, {
     method: "POST",
     headers: {
@@ -69,17 +61,12 @@ export async function writePackageSecrets(
   }
 }
 
-/**
- * Delete secrets for a tenant package from OpenBao KV v2.
- * Uses metadata delete to remove all versions.
- */
 export async function deletePackageSecrets(
   tenantId: string,
   packageId: string
 ): Promise<void> {
   const token = await authenticate();
   const path = `secret/metadata/tenants/${tenantId}/${packageId}`;
-
   const res = await fetch(`${OPENBAO_ADDR}/v1/${path}`, {
     method: "DELETE",
     headers: { "X-Vault-Token": token },