Skip to content

Commit

Permalink
Update variables.mdx
Browse files Browse the repository at this point in the history
  • Loading branch information
@yaarAdarsh
yaarAdarsh authored Oct 25, 2024
1 parent 19dff18 commit 6ba90f2
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions docs/team/features/variables.mdx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,28 +2,28 @@
title: "Variables & Secrets"
---

Digger supports per-project Variables that are made available as environment variables to terraform / opentofu at runtime.
Digger supports per-project Variables that are made available as environment variables to Terraform / OpenTofu at runtime.
Variables are stored on the backend and passed to the job via the Job Spec.

You can manage variables in the TFVars tab of every project.
You can manage variables in the `TFVars` tab of every project.

There are 2 types of variables: Plain Text and Secret.

# Plain Text variables

They are stored on the backend as-is and are not secured in any special way beyond standard transport and at-rest encryption in the infrastructure. Plain Text variable should only be used for non-sensitive data, like configuration parameters that differ across environments.
They are stored on the backend as-is and are not secured in any special way beyond standard transport and at-rest encryption in the infrastructure. Plain Text variables should only be used for non-sensitive data, like configuration parameters that differ across environments.

# Secret variables

These variables are stored in the database encrypted with your organisation's Secret Key. It's an RSA public key that you can create in Organisation Settings. You will not be able to create Secret Variables until you have created your Secret Key as follows:

1. Go to your Organisation Settings and click Create Secrets Key
1. Go to your Organisation Settings and click Create Secret Key
2. Copy the private key and save it in your GitHub Actions as an org-level secret named `DIGGER_PRIVATE_KEY`

<Note>
The key pair is generated in the front-end, and only shown once. At no point
the private key is saved or accessed by Digger services. If you lose your
private key, you will also lose ability to decrypt your secrets created using
is the private key saved or accessed by Digger services. If you lose your
private key, you will also lose the ability to decrypt your secrets created using
that key - so you will need to re-create all your secrets in all projects.
</Note>

Expand Down

0 comments on commit 6ba90f2

Please sign in to comment.