WladyX
commented
1 month ago I came searching for the same thing, also need this, @maidul98 is this something you're looking into? Thank you for infisical & for this provider!
Open mdepedrof opened 4 months ago
WladyX
commented
1 month ago I came searching for the same thing, also need this, @maidul98 is this something you're looking into? Thank you for infisical & for this provider!
WladyX
commented
1 month ago in the mean time you can workaround like this:
provider "infisical" {
host = "https://infisical.example.com"
client_id = var.infisical_client_id
client_secret = var.infisical_client_secret
}
variable "infisical_client_id" {
type = string
default = ""
# sensitive = true
}
variable "infisical_client_secret" {
type = string
default = ""
# sensitive = true
}and export the vars like TF_VAR_infisical_client_secret=... and TF_VAR_infisical_client_id=...
mdepedrof
commented
1 month ago yes, this is the way i have setting up but this is not the most secure way.
akhilmhdh
commented
3 hours ago @WladyX @mdepedrof Not sure if I got it correct. But you can pass the client secret and client id as environment variable.
As
INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET
INFISICAL_UNIVERSAL_AUTH_CLIENT_ID@WladyX @mdepedrof Not sure if I got it correct. But you can pass the client secret and client id as environment variable.
As
INFISICAL_UNIVERSAL_AUTH_CLIENT_SECRET INFISICAL_UNIVERSAL_AUTH_CLIENT_ID
is that documented? i can see that.
For Security reasons its a good practise not hardcoded Secrets on your code. If you puts your code on a repository you are publishing your clientSecret for your Infisical environment.
The recomendation, like other providers, is allow to set the provider configs using envorinments variables.
Thanks!