When instantiating the module, v1 of github-webhook-secret is created. Then, README asks to generate this secret locally (32 char base64) and update the value in the cloud console (creating v2).
Since this value is not inserted anywhere else, I don't understand why Terraform can not create the "final" value directly as v1, removing the need for this manual step? I think it should be able to create an appropriate string with random_password.
Detailed design
No response
Alternatives considered
No response
Additional information
Doing click-ops to update the secret values in Cloud Console is not great as it is not captured by Terraform.
This is also the case for the .pem secret, which presumably could also be imported into terraform, but I understand if this is a little trickier.
TL;DR
When instantiating the module, v1 of
github-webhook-secretis created. Then, README asks to generate this secret locally (32 char base64) and update the value in the cloud console (creating v2).Since this value is not inserted anywhere else, I don't understand why Terraform can not create the "final" value directly as v1, removing the need for this manual step? I think it should be able to create an appropriate string with
random_password.Detailed design
No response
Alternatives considered
No response
Additional information
Doing click-ops to update the secret values in Cloud Console is not great as it is not captured by Terraform.
This is also the case for the .pem secret, which presumably could also be imported into terraform, but I understand if this is a little trickier.