However, currently we must fetch secrets from AWS and Supabase, and then put them in Vercel and Github.
If we don't want to do this manually, and also have the benefit of transparency by using IaC, then we have to manage secrets in TF. Which means either encrypting or using Spacelift.
We will have to do this manually for now, getting CI/CD going with TF is too big a lift.
However, currently we must fetch secrets from AWS and Supabase, and then put them in Vercel and Github.
If we don't want to do this manually, and also have the benefit of transparency by using IaC, then we have to manage secrets in TF. Which means either encrypting or using Spacelift.
We will have to do this manually for now, getting CI/CD going with TF is too big a lift.