Vault tokens from Terraform expire too early in config-mgmt
The token should have a TTL of 3 hours (https://ops.gitlab.net/gitlab-com/gl-infra/config-mgmt/-/blob/caa4cf386fe7fc9c6009089d761a6650b95d0787/.gitlab-ci.yml#L11):
TERRAFORM_VAULT_MAX_TTL: 10800But it expires between the plan and manual apply in less than 20 minutes (see https://ops.gitlab.net/gitlab-com/gl-infra/config-mgmt/-/jobs/8804571):
$ terraform apply -parallelism=15 -input=false ${TF_PLAN_FILE} # collapsed multi-line command
╷
│ Error: Error making API request.
│
│ URL: PUT https://vault.ops.gke.gitlab.net/v1/auth/ops-gitlab-net/login
│ Code: 400. Errors:
│
│ * error validating token: invalid expiration time (exp) claim: token is expired
│
│ with provider["registry.terraform.io/hashicorp/vault"].ci,
│ on providers.tf line 28, in provider "vault":
│ 28: provider "vault" {
│
╵Edited by Pierre Guinoiseau