HomeDevCentral

Fetch credentials from Vault

Description

Fetch credentials from Vault

Summary:
Connect to Vault. Allow to fetch a credential and login again if the token
is expired, as the current duration lease is 4 hours.

vendor/vault.tcl is a work-in-progress Vault client implementation in TCL,
to be integrated in a future tcllib revision. Once released, that file will
be removed from the repository to use directly the tcllib one.

Allow nickserv, MySQL and RabbitMQ to consume secrets. The first two are
handled by configuration, the RabbitMQ one by this change.

Ref T1733.

Test Plan: Tested live on Daeghrefn and with a full restart on Wearg.

Reviewers: dereckson

Reviewed By: dereckson

Maniphest Tasks: T1733

Differential Revision: https://devcentral.nasqueron.org/D2686

Details

Provenance
derecksonAuthored on May 12 2022, 22:11
derecksonPushed on May 29 2022, 11:59
Reviewer
dereckson
Differential Revision
D2686: Fetch credentials from Vault
Parents
rVIPER5776c93cb210: Improve inclusive terminology
Branches
Unknown
Tags
Unknown
Tasks
T1733: Store credentials in Vault