Closed sailorlqh closed 7 months ago
sailorlqh
commented
7 months ago You'll need to make sure the CR service account has access to the underlying secrets or else it will fail to boot.
Yes, the plugin already has that covered: https://github.com/abcxyz/jvs-plugin-github/blob/main/terraform/modules/secret_manager/main.tf#L63
sqin2019
commented
7 months ago You'll need to make sure the CR service account has access to the underlying secrets or else it will fail to boot.
Yes, the plugin already has that covered: https://github.com/abcxyz/jvs-plugin-github/blob/main/terraform/modules/secret_manager/main.tf#L63
We should work on an example infra setup in jvs-plugin-github, we may see circular dependencies of the jvs e2e module and the secret_manager module (jvs e2e need the secret version and name, secret manager need the CR sa created in e2e).
Add
plugin_secret_envvarsvariables so we can use the secret_envvars fromabcxyz/terraform-module/cloud_run, and get secret from secret manager directly.