-
Notifications
You must be signed in to change notification settings - Fork 129
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Deck support placeholder replace #191
Comments
Hello @cello86 , |
HI @Zaragon-AQ, This work fine but we would understand if we have to adjust the files before the release via deck sync or there are some other quick steps like env variables to perform the same operation. Thanks, |
Seconding the approach of doing this in the build step. We use YTT https://get-ytt.io/ to do string replacement along with replacement of entire YAML structures based off environment specific properties files that get fed in for each of our environments. |
Up until this point, I've been against adding such a feature into decK because templating is a whole another problem that decK will never be able to solve in a way that makes even 80% of users happy. And hence, I've been advising all users to use solutions like YTT or j2, bring-your-own-templating-engine. Having said that, there are more and more users who are requesting this feature and I'm now reconsider my position on this. Adding some basic templating into decK could help many users. But before we do so, we need some examples from the community on how people are templating their YAMLs today. Would all users in this thread mind sharing their solutions with some code and samples? That should help us understand the expectations and come up with a design that works well for everyone. Cheers! |
Hi @hbagdi,
Marcello |
To me, the most basic requirement would to be to avoid putting secrets and passwords into deck files. Unfortunately, I have seen it happen several times that AWS secrets were exposed that were used to configure the Lambda plugin. Maybe a straightforward implementation would be to use bash-style variable replacement, e.g.:
decK already uses Viper which can read environment variables, config files, and even values from etcd and Consul - so it would mostly be about inserting those in the right places when reading the state. |
Thanks for the input here. I've something concrete in my mind to get to the feature state. Here is the summary:
|
Introducing support for envirment variable substitution in state files. This is primarily intended for injecting sensitive data at runtime. Fix #191
Please take a look at this PR for this feature: #286 |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Introducing support for envirment variable substitution in state files. This is primarily intended for injecting sensitive data at runtime. Fix #191
Introducing support for envirment variable substitution in state files. This is primarily intended for injecting sensitive data at runtime. Fix #191
Introducing support for envirment variable substitution in state files. This is primarily intended for injecting sensitive data at runtime. Fix #191
Introducing support for envirment variable substitution in state files. This is primarily intended for injecting sensitive data at runtime. Fix #191
Introducing support for environment variable substitution in state files. This is primarily intended for injecting sensitive data at runtime. Fix #191 Co-authored-by: Michał Flendrich <michal@flendrich.pro>
Introducing support for environment variable substitution in state files. This is primarily intended for injecting sensitive data at runtime. Fix #191 Co-authored-by: Michał Flendrich <michal@flendrich.pro>
Introducing support for environment variable substitution in state files. This is primarily intended for injecting sensitive data at runtime. Fix #191 Co-authored-by: Michał Flendrich <michal@flendrich.pro>
Hi,
is it possible to apply a sort of placeholder substitution into deck sync operation to support the multi environment configuration via single branch of SCM like git?
Regards,
Marcello
The text was updated successfully, but these errors were encountered: