diff --git a/.gitea/workflows/ci-test.yaml b/.gitea/workflows/ci-test.yaml
index 0f5759e..96fa359 100644
--- a/.gitea/workflows/ci-test.yaml
+++ b/.gitea/workflows/ci-test.yaml
@@ -131,13 +131,14 @@ jobs:
       - name: vaultwarden getsecrets
         working-directory: infra/iac
         run: |
+          BW_SESSION2=$(bw unlock --raw)
           # Ler o arquivo de referência
           for secret in $(jq -c '.secrets[]' secrets/vault-secrets-map.json); do
             name=$(echo "$secret" | jq -r '.name')
             type=$(echo "$secret" | jq -r '.type')
             output=$(echo "$secret" | jq -r '.output')
             echo "$name $type $output"
-            item_id=$(bw get item "$name" | jq -r '.id')
+            item_id=$(bw get item "$name" --session "$BW_SESSION2"  | jq -r '.id')
             echo "$item_id"
             if [ "$type" == "attachment" ]; then
               echo "attachment get"
diff --git a/secrets/vault-secrets-map.json b/secrets/vault-secrets-map.json
index 3f9968a..871cb94 100644
--- a/secrets/vault-secrets-map.json
+++ b/secrets/vault-secrets-map.json
@@ -2,12 +2,12 @@
   "secrets": [
     {
       "name": "iac.opentofu.consul.secrets",
-      "type": "attachment",
+      "type": "note",
       "output": "../secrets/consul.secrets.tfvars"
     },
     {
       "name": "iac.opentofu.proxmox.secrets",
-      "type": "attachment",
+      "type": "note",
       "output": "../secrets/proxmox.secrets.tfvars"
     },
     {