Changes in ccb8c0d: b5912: rename key vault

				configuration/environments_scripts/central_reverse_proxy/setup-central-reverse-proxy.sh
			
          @@ -157,7 +157,7 @@ chmod 755 /root

           cd ~

           # Copies across the key vault and other relevant secrets from the existing

           # Central Reverse Proxy's /root folder:

          -rsync -a  root@sapsailing.com:/root/{dev-secrets,github_tools_sap.pat,hudson-aws-credentials,key_vault,mail.properties,new_version_key_vault,secrets,ssh-key-reader.token} /root

          +rsync -a  root@sapsailing.com:/root/{dev-secrets,github_tools_sap.pat,hudson-aws-credentials,key_vault,mail.properties,key_vault_old,secrets,ssh-key-reader.token} /root

           scp -o StrictHostKeyChecking=no -r root@sapsailing.com:/etc/letsencrypt /etc

           # add basic test page which won't cause redirect error code if used as a health check.

           cat <<EOF > /var/www/html/index.html

				configuration/environments_scripts/repo/usr/local/bin/imageupgrade_functions.sh
			
          @@ -166,7 +166,7 @@ setup_keys() {

               fi

               pushd .

               TEMP_KEY_DIR=$(mktemp  -d /var/tmp/keysXXXXX)

          -    scp -o StrictHostKeyChecking=no -pr root@sapsailing.com:/root/new_version_key_vault/"${1}"/* "${TEMP_KEY_DIR}"

          +    scp -o StrictHostKeyChecking=no -pr root@sapsailing.com:/root/key_vault/"${1}"/* "${TEMP_KEY_DIR}"

               sudo su - -c "source imageupgrade_functions.sh; __setup_keys_using_local_copy $TEMP_KEY_DIR $SET_PERMISSIONS"

               popd

               rm -rf "${TEMP_KEY_DIR}"

				wiki/info/landscape/amazon-ec2.md
			
          @@ -278,7 +278,7 @@ In all of the following sub-sections the text will assume that you have provided

           In several of the scenarios, both, AdminConsole and REST API, you will have the option to provide security bearer tokens that are used to authenticate requests to processes running the SAP Sailing Analytics. If you omit those, the credentials of the session used to authenticate your sailing user will be used. (Note, that for local test set-ups disconnected from the standard security realm used by all of the sapsailing.com-deployed processes, these credentials may not be accepted by the processes you're trying to control. In this case, please provide explicit bearer tokens instead.) We distinguish between the credentials required to replicate the information shared across the landscape, usually from ``security-service.sapsailing.com``, and those used by a replica in one of your application replica sets to authenticate for credentials to replicate the application replica set's master.

          -There is now a single point of truth for the various ssh and AWS keys, and possibly others in the future. This can be found at `/root/new_version_key_vault` on the central reverse proxy. There you will find directories for different environments' key setups, named consistently with the environment types under `${GIT_HOME}/configuration/environments_scripts` (the directory names are the environment type). One can use the `setup_keys` function in `imageupgrade_functions.sh` to setup the keys. There is 1 parameter, the environment type.

          +There is now a single point of truth for the various ssh and AWS keys, and possibly others in the future. This can be found at `/root/key_vault` on the central reverse proxy. There you will find directories for different environments' key setups, named consistently with the environment types under `${GIT_HOME}/configuration/environments_scripts` (the directory names are the environment type). One can use the `setup_keys` function in `imageupgrade_functions.sh` to setup the keys. There is 1 parameter, the environment type.

           The structure of the vault is important for the efficacy of the script and should appear as below. There is an explanation afterwards.

           ```

...	...	@@ -157,7 +157,7 @@ chmod 755 /root
157	157	cd ~
158	158	# Copies across the key vault and other relevant secrets from the existing
159	159	# Central Reverse Proxy's /root folder:
160		-rsync -a root@sapsailing.com:/root/{dev-secrets,github_tools_sap.pat,hudson-aws-credentials,key_vault,mail.properties,new_version_key_vault,secrets,ssh-key-reader.token} /root
	160	+rsync -a root@sapsailing.com:/root/{dev-secrets,github_tools_sap.pat,hudson-aws-credentials,key_vault,mail.properties,key_vault_old,secrets,ssh-key-reader.token} /root
161	161	scp -o StrictHostKeyChecking=no -r root@sapsailing.com:/etc/letsencrypt /etc
162	162	# add basic test page which won't cause redirect error code if used as a health check.
163	163	cat <<EOF > /var/www/html/index.html

...	...	@@ -166,7 +166,7 @@ setup_keys() {
166	166	fi
167	167	pushd .
168	168	TEMP_KEY_DIR=$(mktemp -d /var/tmp/keysXXXXX)
169		- scp -o StrictHostKeyChecking=no -pr root@sapsailing.com:/root/new_version_key_vault/"${1}"/* "${TEMP_KEY_DIR}"
	169	+ scp -o StrictHostKeyChecking=no -pr root@sapsailing.com:/root/key_vault/"${1}"/* "${TEMP_KEY_DIR}"
170	170	sudo su - -c "source imageupgrade_functions.sh; __setup_keys_using_local_copy $TEMP_KEY_DIR $SET_PERMISSIONS"
171	171	popd
172	172	rm -rf "${TEMP_KEY_DIR}"

...	...	@@ -278,7 +278,7 @@ In all of the following sub-sections the text will assume that you have provided
278	278
279	279	In several of the scenarios, both, AdminConsole and REST API, you will have the option to provide security bearer tokens that are used to authenticate requests to processes running the SAP Sailing Analytics. If you omit those, the credentials of the session used to authenticate your sailing user will be used. (Note, that for local test set-ups disconnected from the standard security realm used by all of the sapsailing.com-deployed processes, these credentials may not be accepted by the processes you're trying to control. In this case, please provide explicit bearer tokens instead.) We distinguish between the credentials required to replicate the information shared across the landscape, usually from ``security-service.sapsailing.com``, and those used by a replica in one of your application replica sets to authenticate for credentials to replicate the application replica set's master.
280	280
281		-There is now a single point of truth for the various ssh and AWS keys, and possibly others in the future. This can be found at `/root/new_version_key_vault` on the central reverse proxy. There you will find directories for different environments' key setups, named consistently with the environment types under `${GIT_HOME}/configuration/environments_scripts` (the directory names are the environment type). One can use the `setup_keys` function in `imageupgrade_functions.sh` to setup the keys. There is 1 parameter, the environment type.
	281	+There is now a single point of truth for the various ssh and AWS keys, and possibly others in the future. This can be found at `/root/key_vault` on the central reverse proxy. There you will find directories for different environments' key setups, named consistently with the environment types under `${GIT_HOME}/configuration/environments_scripts` (the directory names are the environment type). One can use the `setup_keys` function in `imageupgrade_functions.sh` to setup the keys. There is 1 parameter, the environment type.
282	282
283	283	The structure of the vault is important for the efficacy of the script and should appear as below. There is an explanation afterwards.
284	284	```