-
-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Secrets cannot be set in tfaction.yaml #1564
Comments
Thank you for your report. Is the GitHub Actions Secret |
Hi, I'm facing the same exactly issue. I solved this problem by switching to AWS Secrets Manager 😂 my ...
target_groups:
- working_directory: fastly
target: fastly
aws_region: ap-northeast-1
terraform_command: terraform
drift_detection:
enabled: true
terraform_plan_config:
aws_assume_role_arn: arn:aws:iam::123412341234:role/github-actions-terraform-plan-role
terraform_apply_config:
aws_assume_role_arn: arn:aws:iam::123412341234:role/github-actions-terraform-apply-role
secrets:
- env_name: FASTLY_API_KEY
secret_name: FASTLY_API_KEY
I'm using the exact same workflow with reference to suzuki-shunsuke/tfaction-example. |
Could you try v1.3.1-1? https://github.com/suzuki-shunsuke/tfaction/releases/tag/v1.3.1-1 This release has a update of the action export-secrets to output the list of secret names for troubleshooting. If secrets aren't passed properly, this isn't a bug of tfaction. |
Yeah, so you need to pass secrets to a reusable workflow. https://docs.github.com/en/actions/using-workflows/reusing-workflows#passing-inputs-and-secrets-to-a-reusable-workflow We should add the description about this to tfaction-example and tfaction-docs. |
Released v1.3.1 and updated tfaction-example and tfaction-docs. |
tfaction version
1.2.0
Overview
Adding secrets to tfaction.yaml does not result in secrets being added as environment variables
How to reproduce
tfaction-root.yaml
tfaction.yaml
GitHub Actions Workflow
Other related code such as local Registry
GitHub Actions' log
Expected behaviour
export-secrets action should use target config respecting tfaction.yaml
Actual behaviour
export-secrets only reads tfaction-root.yaml
Important Factoids
With tfaction-root.yaml like this it works with the exact same workflow:
Note
No response
The text was updated successfully, but these errors were encountered: