Add data source for secrets #455
Conversation
Aflynn50
force-pushed
the
secrets-data-source
branch
from
2dbd0eb to
ba9d304
Compare
Aflynn50
changed the title
Aflynn50
force-pushed
the
secrets-data-source
branch
2 times, most recently
from
11c6fd9 to
44836b5
Compare
Aflynn50
force-pushed
the
secrets-data-source
branch
from
44836b5 to
1a05797
Compare
rather than the name
| data "juju_secret" "this" { | ||
| model = "model-name" | ||
| name = "secret-name" | ||
| } |
There was a problem hiding this comment.
This is a good start, but please add an application example where the data.juju_secret.this.secret_id is provided to an application config.
There was a problem hiding this comment.
Added, though it won't be runnable until #454 is in.
There was a problem hiding this comment.
That's okay, we'll land that before RC.
| data "juju_secret" "secret_data_source" { | ||
| name = juju_secret.secret_resource.name | ||
| model = juju_model.{{.ModelName}}.name |
There was a problem hiding this comment.
This test is a bit contrived. But we need a good charm for this and full implementation of all 3 pieces for secrets to do that.
Please add a ToDo.
There was a problem hiding this comment.
Added, there is also one at the top of this PR description, am not planning on merging until its done
| A resource that represents a Juju secret. | ||
| --- | ||
|
|
||
| # juju_secret (Resource) |
There was a problem hiding this comment.
I wonder if we're going to have a merge conflict somewhere, you shouldn't be picking up this file. The original commit needs an example.tf too.
Aflynn50
force-pushed
the
secrets-data-source
branch
from
ac1a672 to
ac80039
Compare
Add a full example with a charm using the secret Sort import statements into stanzas Call os.Getenv only once for tests Check if secret id is emepty by directly comparing to empty string.
Description
This PR only has very basic acceptance tests right now. It will not be possible to do an end to end test until #454 is in as without this it is not possible for applications to make use of the secret.
To access a secret in juju we are already adding in a new resource that allows you to create a new secret. But there may often be cases where the user does not wish to store the raw secret values in the terraform plan, and add them instead some other way. In this use case, a data source is needed.
A data source is added that allows a secret specified by name in a particular model to be referenced in the terraform plan.
Type of change
Environment
3.3 and above
QA steps
Manual QA steps should be done to test this PR.
juju bootstrap lxdjuju add-model default