overview
Secrets.
Secrets and variables are inputted into the platform as credentials and inputvars.
- credentials simplify common third parties
- inputvars is more flexible and will replace credentials moving forward.
- both are encrypted.
- both are referenced as environment variables
- inputvars can be referenced in stacks
e.g. stack.inputvars[“slack_webhook”]
Conventions.
| name | type | description | conventions |
|---|---|---|---|
| aws | credentials | aws iam pair keys | user-id => aws access key password => aws secret key fetched in env var => AWS_ACCESS_KEY_ID,AWS_SECRET_ACCESS_KEY |
| do-token | credentials | digital ocean api token | user-id => < blank > password => api token fetched in env var => DO_TOKEN,DIGITALOCEAN_TOKEN,TF_VAR_DO_TOKEN |
| gitlab-token | inputvars | gitlab api token | GITLAB_TOKEN => < gitlab api token > fetched in env var => GITLAB_TOKEN |
| github-token | inputvars | github api token | GITHUB => < github token > GH_TOKEN => < github token > fetched in env var => GITHUB_TOKEN,GH_TOKEN |
| dockerhub-token | inputvars | dockerhub api token | DOCKER_TOKEN => < dockerhub token > DOCKERHUB_TOKEN => < dockerhub token > fetched in env var => DOCKER_TOKEN,DOCKERHUB_TOKEN |
| slack | inputvars | slack webhook | slack_webhook => < slack webhook > fetch in stack => stack.inputvars[“slack_webhook”] |