Page MenuHomeDevCentral

WIP: Fetch credentials from Vault
Needs ReviewPublic

Authored by dereckson on Thu, May 12, 22:16.
This revision needs review, but there are no reviewers specified.

Details

Reviewers
None
Maniphest Tasks
T1733: Store credentials in Vault
Summary

Connect to Vault. Allow to fetch a credential and login again if the token
is expired, as the current duration lease is 4 hours.

vendor/vault.tcl is a work-in-progress Vault client implementation in TCL,
to be integrated in a future tcllib revision. Once released, that file will
be removed from the repository to use directly the tcllib one.

Allow nickserv, MySQL and RabbitMQ to consume secrets. The first two are
handled by configuration, the RabbitMQ by this change.

Ref T1733.

Test Plan

Tested on Daeghrefn

Diff Detail

Repository
rVIPER ViperServ scripts
Lint
No Lint Coverage
Unit
No Test Coverage
Branch
vault
Build Status
Buildable 4233
Build 4492: arc lint + arc unit