diff --git a/blueprints/02-at-scale/README.md b/blueprints/02-at-scale/README.md index 24fe567c..5e97b5ed 100644 --- a/blueprints/02-at-scale/README.md +++ b/blueprints/02-at-scale/README.md @@ -58,6 +58,7 @@ Once you have familiarized yourself with [CloudBees CI blueprint add-on: Get sta |------|-------------|------|---------|:--------:| | hosted_zone | Amazon Route 53 hosted zone. CloudBees CI applications are configured to use subdomains in this hosted zone. | `string` | n/a | yes | | trial_license | CloudBees CI trial license details for evaluation. | `map(string)` | n/a | yes | +| secret_file | Relative location of the Secret file to be converted into a Kubernetes Secret. secrets-values.yml is not stored in the repository but it is generated as copy from secrets-values.yml.example. | `string` | `"k8s/secrets-values.yml"` | no | | suffix | Unique suffix to assign to all resources. When adding the suffix, changes are required in CloudBees CI for the validation phase. | `string` | `""` | no | | tags | Tags to apply to resources. | `map(string)` | `{}` | no | diff --git a/blueprints/02-at-scale/main.tf b/blueprints/02-at-scale/main.tf index 430f5d92..0792cc96 100644 --- a/blueprints/02-at-scale/main.tf +++ b/blueprints/02-at-scale/main.tf @@ -107,9 +107,7 @@ module "eks_blueprints_addon_cbci" { } create_k8s_secrets = true - # k8s/secrets-values.yml is not included in the repository - # tflint-ignore: all - k8s_secrets = templatefile("k8s/secrets-values.yml", { # tflint-ignore: all + k8s_secrets = templatefile(var.secret_file, { global_password = local.global_password }) diff --git a/blueprints/02-at-scale/variables.tf b/blueprints/02-at-scale/variables.tf index 2da41ad3..20b72fc6 100644 --- a/blueprints/02-at-scale/variables.tf +++ b/blueprints/02-at-scale/variables.tf @@ -24,3 +24,9 @@ variable "suffix" { error_message = "The suffix can contain 10 characters or less." } } + +variable "secret_file" { + description = "Relative location of the Secret file to be converted into a Kubernetes Secret. secrets-values.yml is not stored in the repository but it is generated as copy from secrets-values.yml.example." + default = "k8s/secrets-values.yml" + type = string +}