`clusterGroup.insecureUnsealVaultInsideCluster`

[adelton]

The page https://validatedpatterns.io/learn/vault/ says

In order to setup HashiCorp Vault there are two different ways, both of which happen automatically as part of the make install command:

1. Inside the cluster directly when the helm value clusterGroup.insecureUnsealVaultInsideCluster is set to true. With this method a cronjob will run every five minutes inside the imperative namespace and unseal, initialize and configure the vault. The vault’s unseal keys and root token will be stored inside a secret called vaultkeys in the imperative namespace. It is considered best practice to copy the content of that secret offline, store it securely and then delete it.
2. On the user’s computer when the helm value clusterGroup.insecureUnsealVaultInsideCluster is set to false. This will store the json containing containing both vault root token and unseal keys inside a file called common/pattern-vault.init. It is recommended to encrypt this file or store it securely.

However, https://github.com/validatedpatterns/multicloud-gitops/blob/main/common/Changes.md#december-9-2022 says

Dropped insecureUnsealVaultInsideCluster (and file_unseal) entirely. Now vault is always unsealed via a cronjob in the cluster. It is recommended to store the imperative/vaultkeys secret offline securely and then delete it.

Should the documentation drop the second item on that page completely to align with the code?

[mbaldessari]

Good catch, yeah this needs an update.