Hey team!
We are using Terraform to deploy our infrastructure. We used to see the diff of our environment variables when deploying a service, but now, it’s replaced by:
environment_variables = (sensitive values)
I can understand for the secrets, but for environment variables, it would be super convenient to see the diff.
Thanks!
Exploring further the topic, it seems the provider (or Terraform?) has some built-in logic to flag all the variables as sensitive if they have the _TOKEN word in it. In this case, it was perfectly legit, as it was a public token. Moving it in the secrets made the envvar diff appeared again.
My personal feedback: I would prefer to display the token in the diff if it’s in the environment variables (instead of the secrets). Indeed, hiding it in Terraform causes some friction (see my initial post), and doesn’t solve the security issue: the variable is still visible on the Qovery interface.
Hey @jpetitcolas,
Just to be sure to understand, this would be the behavior you expect:
_TOKEN in keyI need to dig deeper in the provider as I am not sure as of today who’s hiding what (our provider, Terraform or upstream eventually).
Cheers
This topic was automatically closed after 16 hours. New replies are no longer allowed.