After merging card #410 we have all of our Terraform and Terragrunt variables and secrets encapulated in TFVars files in password. This poses some challenges when it comes to tracking configuration updates with github. Traceability was lost. Some examples of this were K8s Nodes and Database versions.
WHAT are we building?
Creating env files for each environment in our Terragrunt folder that contains non-secret configurations
VALUE created by our solution
Improved traceability for versioning of our infrastructure releases
Acceptance Criteria
All plans and apply jobs pass in our CI on Staging and Production without any outlying/unexpected changes.
P0NDER0SA
commented
3 days ago
Description
Move Terraform Non-Sensitive Variables into TF Repository from 1Pass https://github.com/cds-snc/ADR/pull/11
WHY are we building?
After merging card #410 we have all of our Terraform and Terragrunt variables and secrets encapulated in TFVars files in password. This poses some challenges when it comes to tracking configuration updates with github. Traceability was lost. Some examples of this were K8s Nodes and Database versions.
WHAT are we building?
Creating env files for each environment in our Terragrunt folder that contains non-secret configurations
VALUE created by our solution
Improved traceability for versioning of our infrastructure releases
Acceptance Criteria
All plans and apply jobs pass in our CI on Staging and Production without any outlying/unexpected changes.
QA Steps