Diffusion ViperServ scripts 1c6f3be2ef97

Fetch credentials from Vault
1c6f3be2ef97
Actions

Description

Fetch credentials from Vault

Summary:
Connect to Vault. Allow to fetch a credential and login again if the token
is expired, as the current duration lease is 4 hours.

vendor/vault.tcl is a work-in-progress Vault client implementation in TCL,
to be integrated in a future tcllib revision. Once released, that file will
be removed from the repository to use directly the tcllib one.

Allow nickserv, MySQL and RabbitMQ to consume secrets. The first two are
handled by configuration, the RabbitMQ one by this change.

Ref T1733.

Test Plan: Tested live on Daeghrefn and with a full restart on Wearg.

Reviewers: dereckson

Reviewed By: dereckson

Maniphest Tasks: T1733

Differential Revision: https://devcentral.nasqueron.org/D2686

Details

Provenance

dereckson	Authored on May 12 2022, 22:11
dereckson	Pushed on May 29 2022, 11:59

Reviewer

dereckson

Differential Revision

D2686: Fetch credentials from Vault

Parents

rVIPER5776c93cb210: Improve inclusive terminology

Branches

Unknown

Tags

Unknown

Tasks

T1733: Store credentials in Vault

Event Timeline

dereckson committed rVIPER1c6f3be2ef97: Fetch credentials from Vault (authored by dereckson).May 29 2022, 11:59

dereckson added a task: T1733: Store credentials in Vault.

dereckson added an edge: D2686: Fetch credentials from Vault.

Changes (5)

Path

Size

Wearg/

vendor/

rVIPER1c6f3be2ef97

View Options

Core.tcl

View Options

Vault.tcl

View Options

Wearg/Broker.tcl

View Options

vendor/README.md

View Options

Fetch credentials from Vault1c6f3be2ef97Actions

Description

Details

Event Timeline

Changes (5)

rVIPER1c6f3be2ef97

Core.tcl

Vault.tcl

Wearg/Broker.tcl

vendor/README.md

vendor/vault.tcl

Fetch credentials from Vault
1c6f3be2ef97
Actions