2024-01-25 19:13:35 +01:00
|
|
|
resource "docker_secret" "secrets" {
|
|
|
|
for_each = nonsensitive(var.secrets) # tf complains about sensitive values, but keys are not sensitive
|
|
|
|
|
|
|
|
# Because secrets names can only be 64 characters long, we're hashing the key to shorten it & make it unique.
|
|
|
|
# This makes the key name harder to read, but it's not like we're going to look at it often anyway.
|
|
|
|
name = "grafana_${md5("${each.key}-${replace(timestamp(), ":", ".")}")}"
|
|
|
|
|
|
|
|
data = base64encode(each.value)
|
|
|
|
lifecycle {
|
|
|
|
ignore_changes = [name]
|
|
|
|
create_before_destroy = true
|
|
|
|
}
|
2024-01-25 19:25:52 +01:00
|
|
|
}
|