Replace old cloud app credentials in the vault files

[sanjaysrikakulam]

I created a "general-purpose" app credentials in our new cloud, which we can use for cron jobs, telegraf, and others. This PR replaces the old cloud app credentials in the vault with the ones for the new cloud created using the service account, thus removing the credentials associated with any of the admin user accounts.

NOTE: The old cloud creds were only used by the VGCN monitoring telegraph task and the manage vms bash script. So, this will not affect anything.

Ref: https://github.com/usegalaxy-eu/infrastructure-playbook/pull/1180

[mira-miracoli]

maybe I lost track or there is another PR pending, but you renamed the variable to openstack_bwcloud24_...– I can not find a reference currently.

[sanjaysrikakulam]

maybe I lost track or there is another PR pending, but you renamed the variable to openstack_bwcloud24_...– I can not find a reference currently.

This was added to the vault for the first time. It is the service account of our new cloud. All cron jobs, Jenkins jobs, etc., should use the cloud/app credentials created from this service user account. I have already created a couple of app credentials, and one is added here in this PR to the vault. The other one has already been added to Jenkins, and the Jenkins projects have already been configured to use it.

[mira-miracoli]

Ah okay, so it is also for us to create the app-cred....yml files manually?

[sanjaysrikakulam]

Ah okay, so it is also for us to create the app-cred....yml files manually?

Yup. This way none of the cloud/app credentials created and distributed will be associated with an employee user account.

[sanjaysrikakulam]

All admins should create a app credentials from this service account if they want to add it to a service or automate something that requires cloud access etc. No admin should create an app-credential from their user account and add it to the vault or Jenkins, etc.