Page MenuHomeDevCentral
Differential D3923

Migrate viperserv Vault AppRole to Terraform
ClosedPublic
Actions

Authored by dereckson on Feb 8 2026, 11:04.
Tags
None
Referenced Files
F25128641: D3923.id10167.diff
Tue, Mar 31, 17:22
F25126061: D3923.id10166.diff
Tue, Mar 31, 12:24
F25114138: D3923.id10165.diff
Mon, Mar 30, 22:52
Unknown Object (File)
Mon, Mar 30, 12:39
Unknown Object (File)
Sun, Mar 29, 13:53
Unknown Object (File)
Sun, Mar 29, 00:27
Unknown Object (File)
Sat, Mar 28, 18:39
Unknown Object (File)
Sat, Mar 28, 05:35
View All Files
Subscribers
None

Details

Reviewers
dereckson
Maniphest Tasks
T2212: Move eggdrops from Ysul to WindRiver
Commits
rOPSabe00f4a2633: Migrate viperserv Vault AppRole to Terraform
Summary

Currently, the viperserv AppRole is bound to Ysul IP 172.27.27.33.

As we're migrating the eggdrops to WindRiver, the AppRole is now
bound to 172.27.27.35 instead.

Ref T2212

Test Plan
  • Deploy with Terraform (init, plan, apply)
  • vault read auth/approle/role/viperserv

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dereckson requested review of this revision.Feb 8 2026, 11:04
dereckson created this revision.
Harbormaster completed remote builds in B6258: Diff 10165.Feb 8 2026, 11:04
dereckson planned changes to this revision.Feb 8 2026, 11:05
dereckson added inline comments.
terraform/openbao/policies/viperserv.hcl
1

I think we also need to prune a viperserv entry in the pillar.

dereckson updated this revision to Diff 10166.Feb 8 2026, 11:06

Remove Terraform policy from Salt policies list

Harbormaster completed remote builds in B6259: Diff 10166.Feb 8 2026, 11:06
dereckson updated this revision to Diff 10167.Feb 8 2026, 11:20

Update credentials fields in Salt config. Fix header.

Harbormaster completed remote builds in B6260: Diff 10167.Feb 8 2026, 11:20
dereckson accepted this revision.Feb 8 2026, 11:23
This revision is now accepted and ready to land.Feb 8 2026, 11:23
Closed by commit rOPSabe00f4a2633: Migrate viperserv Vault AppRole to Terraform (authored by dereckson). · Explain WhyFeb 8 2026, 11:25
This revision was automatically updated to reflect the committed changes.
dereckson added a commit: rOPSabe00f4a2633: Migrate viperserv Vault AppRole to Terraform.

Revision Contents
Changeset List

PathSize
pillar/
credentials/
1 line
roles/
vault/
policies/
files/
viperserv/
eggdrop/
files/
4 lines
terraform/
openbao/
modules/
app_credentials/
1 line
6 lines
40 lines
terraform/
openbao/
policies/
roles/
vault/
policies/
files/
2 lines

Diff 10168

View Options

pillar/credentials/vault.sls

Loading...
View Options

roles/vault/policies/files/viperserv.hcl

Loading...
View Options

roles/viperserv/eggdrop/files/dot.credentials

Loading...
View Options

terraform/openbao/modules/app_credentials/main.tf

Loading...
View Options

terraform/openbao/modules/app_credentials/variables.tf

Loading...
View Options

terraform/openbao/policies/viperserv.hcl

Loading...
View Options

terraform/openbao/viperserv.tf

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator