Add terraform-provider-litellmvaultsecret implementation
Populate the repo with the Terraform/OpenTofu provider that manages the LiteLLM dynamic secrets engine on Vault/OpenBao via the Vault API. - Provider (VAULT_ADDR/VAULT_TOKEN) with resources litellmvaultsecret_secret_backend (mount + config) and litellmvaultsecret_secret_backend_role (models, max_budget, ttl/max_ttl in seconds, metadata) - Unit tests against a mock Vault API - End-to-end test: builds the sibling plugin, boots Vault + LiteLLM + Postgres, and runs a real terraform apply/destroy asserting key generation works - Makefile, woodpecker CI (build/test/pre-commit), examples, README
This commit is contained in:
@@ -0,0 +1,29 @@
|
||||
terraform {
|
||||
required_providers {
|
||||
litellmvaultsecret = {
|
||||
source = "git.unkin.net/unkin/litellmvaultsecret"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "litellmvaultsecret" {
|
||||
address = "http://127.0.0.1:8200"
|
||||
token = "root"
|
||||
}
|
||||
|
||||
resource "litellmvaultsecret_secret_backend" "litellm" {
|
||||
path = "litellm"
|
||||
description = "LiteLLM dynamic virtual keys (e2e)"
|
||||
# Reachable from inside the vault container, where the plugin runs.
|
||||
base_url = "http://litellm:4000"
|
||||
master_key = "sk-master-e2e-1234"
|
||||
}
|
||||
|
||||
resource "litellmvaultsecret_secret_backend_role" "team_a" {
|
||||
backend = litellmvaultsecret_secret_backend.litellm.path
|
||||
name = "team-a"
|
||||
models = ["gpt-3.5-turbo"]
|
||||
max_budget = 10
|
||||
ttl = 3600
|
||||
max_ttl = 86400
|
||||
}
|
||||
Reference in New Issue
Block a user