This PR adds a new addon command called setup-approle, which creates an AppRole named genesis-pipelines with the policy genesis-pipelines that grants read access to secret/* and write access to secret/exodus/*. It then adds this information to the Concourse vault path.
In a future version of Genesis (soon), genesis repipe will automatically grab this information from the Vault rather than requiring an operator to extract these creds and place them into ci.yml.
This PR adds a new addon command called
setup-approle
, which creates an AppRole namedgenesis-pipelines
with the policygenesis-pipelines
that grants read access tosecret/*
and write access tosecret/exodus/*
. It then adds this information to the Concourse vault path.In a future version of Genesis (soon),
genesis repipe
will automatically grab this information from the Vault rather than requiring an operator to extract these creds and place them intoci.yml
.