HomeDevCentral

Avoid to share credentials between dev and prod Docker engines

Description

Avoid to share credentials between dev and prod Docker engines

Summary:
The same Vault policy was applied for all Docker engines.

As plan is to repurpose Dwellers as a development Docker engine,
security requirements require separate sets of credentials.

As we don't currently have well defined environments, to assign
to each server a virtual role "paas-docker-<env>" will do nicely.

This is a follow-up for af9db00760be.

Ref T1724, T1425.

Test Plan: salt dwellers credentials.get_password nasqueron.etherpad.api should fail.

Reviewers: dereckson

Reviewed By: dereckson

Maniphest Tasks: T1724, T1425

Differential Revision: https://devcentral.nasqueron.org/D2669