Add Vault credentials to workflow secrets
Some checks failed
Code Quality & Security Scan / TFLint (push) Successful in 20s
Code Quality & Security Scan / Checkov Security Scan (push) Has been cancelled
Code Quality & Security Scan / Tfsec Security Scan (push) Has been cancelled
Code Quality & Security Scan / SonarQube Trigger (push) Has been cancelled
Code Quality & Security Scan / Terraform Init (push) Has been cancelled
Some checks failed
Code Quality & Security Scan / TFLint (push) Successful in 20s
Code Quality & Security Scan / Checkov Security Scan (push) Has been cancelled
Code Quality & Security Scan / Tfsec Security Scan (push) Has been cancelled
Code Quality & Security Scan / SonarQube Trigger (push) Has been cancelled
Code Quality & Security Scan / Terraform Init (push) Has been cancelled
- Added TF_VAR_role_id and TF_VAR_secret_id environment variables - Added VAULT_ADDR environment variable - Vault credentials now sourced from Gitea secrets instead of tfvars - Required secrets: VAULT_ADDR, VAULT_ROLE_ID, VAULT_SECRET_ID
This commit is contained in:
parent
4a2ed7bf4f
commit
72c8be1a56
GPG Key ID:
5EBA7F21CF583321
@ -100,6 +100,9 @@ jobs:
|
|||||||
TF_BACKEND_BUCKET: ${{ secrets.MINIO_BUCKET }}
|
TF_BACKEND_BUCKET: ${{ secrets.MINIO_BUCKET }}
|
||||||
TF_BACKEND_KEY: ${{ secrets.MINIO_STATE_KEY }}
|
TF_BACKEND_KEY: ${{ secrets.MINIO_STATE_KEY }}
|
||||||
TF_BACKEND_REGION: "main"
|
TF_BACKEND_REGION: "main"
|
||||||
|
TF_VAR_role_id: ${{ secrets.VAULT_ROLE_ID }}
|
||||||
|
TF_VAR_secret_id: ${{ secrets.VAULT_SECRET_ID }}
|
||||||
|
VAULT_ADDR: ${{ secrets.VAULT_ADDR }}
|
||||||
run: |
|
run: |
|
||||||
terraform init \
|
terraform init \
|
||||||
-backend-config="endpoints={s3=\"${TF_BACKEND_ENDPOINT}\"}" \
|
-backend-config="endpoints={s3=\"${TF_BACKEND_ENDPOINT}\"}" \
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user