Ops: firehose-to-syslog password taken from CF deployment

[kinjelom]

Due to UAA firehose client is recreated by:

• the logsearch-for-cloudfoundry operation
• and the CF UAA Operation

the uaa_clients_firehose_to_syslog_secret should be used in both deployments.

Issue: https://github.com/cloudfoundry-community/logsearch-for-cloudfoundry/issues/333

[CLAassistant]

All committers have signed the CLA.

[Infra-Red]

Thanks @wildloop !

[kinjelom]

@Infra-Red thanks! I wonder why the Ingestor pre-start script creates the firehose-to-syslog UAA client? This is in case the UAA doesn't create the one? I think there should be the new property cloudfoundry.firehose_client_autorecreate - false by default. What you think about it?

[Infra-Red]

@wildloop Previously the pre-start script was the way to create a client. It would be nice to completely remove client creation from pre-start script. Ideally release shouldn’t require any of UAA or CF admin credentials.

[kinjelom]

@Infra-Red At least we should separate create-uaa-client to the new operation file, such like autocreate-uaa-client.yml :) I'll prepare the new PR.

[kinjelom]

done: https://github.com/cloudfoundry-community/logsearch-boshrelease/pull/154

[kinjelom]

@Infra-Red I think it should be simplified and set-firehose-to-syslog-password.yml should be a part of the new cloudfoundry.yml (autocreate-uaa-client.yml in a separate file).