about summary refs log tree commit diff
path: root/default.nix
diff options
context:
space:
mode:
authorVincent Ambo <mail@tazj.in>2023-04-21T16·13+0300
committertazjin <tazjin@tvl.su>2023-04-24T10·56+0000
commit111e1d38e5ac177bcf4defe70aee1e853206bc6d (patch)
tree0670c6f3067a319859cd3d48b07d012e3ee11402 /default.nix
parent0637ab3add4f57359842a451ca9ffd70194524e2 (diff)
feat(corp/ops): configure state bucket for terraform r/6109
This was a bit trickier than I anticipated, because there's no good
ways to avoid passing the credentials around manually.

What's basically happening now is that the credentials for the state
bucket are checked in (encrypted), and sourcing `creds.fish` uses the
cloud HSM to decrypt and load them into the environment.

Change-Id: I3f5ce1c9bd9d5efbf1013414f94771a09ea3a488
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8494
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Diffstat (limited to 'default.nix')
0 files changed, 0 insertions, 0 deletions