Add terraform-provider-litellmvaultsecret implementation #1

Open
unkinben wants to merge 2 commits from benvin/initial-implementation into main
Owner

Why

Populate the newly-created repo with the Terraform/OpenTofu provider that manages
the LiteLLM dynamic secrets engine on Vault/OpenBao, for use from
terraform-vault.

Changes

  • Add the provider (auth via VAULT_ADDR/VAULT_TOKEN).
  • Add litellmvaultsecret_secret_backend (mounts the engine and writes its
    connection config) and litellmvaultsecret_secret_backend_role (models,
    max_budget, ttl/max_ttl in seconds, metadata).
  • Add unit tests against a mock Vault API.
  • Add an end-to-end test that builds the sibling plugin, boots Vault + LiteLLM +
    Postgres, and runs a real terraform apply/destroy asserting a working key is
    generated from the managed role.
  • Add Makefile, woodpecker CI (build/test/pre-commit), examples, and README.
## Why Populate the newly-created repo with the Terraform/OpenTofu provider that manages the LiteLLM dynamic secrets engine on Vault/OpenBao, for use from `terraform-vault`. ## Changes - Add the provider (auth via `VAULT_ADDR`/`VAULT_TOKEN`). - Add `litellmvaultsecret_secret_backend` (mounts the engine and writes its connection config) and `litellmvaultsecret_secret_backend_role` (models, `max_budget`, `ttl`/`max_ttl` in seconds, `metadata`). - Add unit tests against a mock Vault API. - Add an end-to-end test that builds the sibling plugin, boots Vault + LiteLLM + Postgres, and runs a real `terraform apply`/`destroy` asserting a working key is generated from the managed role. - Add Makefile, woodpecker CI (build/test/pre-commit), examples, and README.
unkinben added 2 commits 2026-07-02 23:23:31 +10:00
Populate the repo with the Terraform/OpenTofu provider that manages the LiteLLM
dynamic secrets engine on Vault/OpenBao via the Vault API.

- Provider (VAULT_ADDR/VAULT_TOKEN) with resources litellmvaultsecret_secret_backend
  (mount + config) and litellmvaultsecret_secret_backend_role (models, max_budget,
  ttl/max_ttl in seconds, metadata)
- Unit tests against a mock Vault API
- End-to-end test: builds the sibling plugin, boots Vault + LiteLLM + Postgres,
  and runs a real terraform apply/destroy asserting key generation works
- Makefile, woodpecker CI (build/test/pre-commit), examples, README
Some required checks are missing.
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin benvin/initial-implementation:benvin/initial-implementation
git checkout benvin/initial-implementation
Sign in to join this conversation.
No Reviewers
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: unkin/terraform-provider-litellmvaultsecret#1