Update EGI vault address and documentation tuning

0b281f42 · František Dvořák · e0c23a68 · 0b281f42
Commit 0b281f42 authored 11 months ago by František Dvořák
--- a/README.md
+++ b/README.md
@@ -9,20 +9,22 @@ Notebooks.
 Prepare environment for interrating with Hashicorp Vault:
-    export VAULT_ADDR=https://vault.services.fedcloud.eu:8200
+    export VAULT_ADDR=https://secrets.egi.eu
 Login:
-    # get the service token
+    # optional (values from environment)
-    read OIDC_ACCESS_TOKEN
+    # read CLIENT_ID CLIENT_SECRET
+    # export CLIENT_ID CLIENT_SECRET
    # login to vault
-    export VAULT_TOKEN=$(vault write auth/jwt/login jwt=$OIDC_ACCESS_TOKEN | grep -Po 'token\s+\K[^\s]+$')
+    ./vault-login.py
-Note: values were created as admin by commands (replace $SECRET\_NAME and $VALUE):
+Note: example commands to create secrets for "eosc-dev":
    prefix=/users/e1662e20-e34b-468c-b0ce-d899bc878364@egi.eu/eosc-dev
-    vault kv put -mount secrets $prefix/nexus_admin_password/$SECRET_NAME value=$VALUE
+    vault kv put -mount secrets $prefix/FEDCLOUD_DYNAMIC_DNS $HOST1=$SECRET1 $HOST2=$SECRET2
+    vault kv put -mount secrets $prefix/deployment-hub checkin_host=... client_id=... client_secret=...
 ## Sites