[Blueprints, 02-at-scale]: Use Secrets to pass terraform variables to Casc - Githubissues

cloudbees / terraform-aws-cloudbees-ci-eks-addon

CloudBees CI Add-on for AWS EKS

https://registry.terraform.io/modules/cloudbees/cloudbees-ci-eks-addon/aws

MIT License

8 stars 10 forks source link

[Blueprints, 02-at-scale]: Use Secrets to pass terraform variables to Casc #130

Closed carlosrodlop closed 1 month ago

carlosrodlop commented 1 month ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

What is the outcome that you are trying to reach?

Reduce the complexity of adding terraform variables to Casc and use secrets to inject those values to Casc

https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/tree/main/blueprints/02-at-scale#update-amazon-s3-bucket-settings

Describe the solution you would like

On the Terraform side

https://github.com/cloudbees/terraform-aws-cloudbees-ci-eks-addon/issues/124

resource "kubernetes_secret" "example" {
  metadata {
    name = "basic-auth"
  }

  data = {
    secS3bucketName = "${local.bucket_name}"
    secGrafanaUrlOT = "${local.grafanaURl}" 
  }

  type = "kubernetes.io/basic-auth"
}

On the Casc side

Replace variables by secrets ==> ${cbci_s3} by {sec_cbci_s3}

Describe alternatives you have considered

Additional context