From a23c0cd07a56e79fee4d216e5c8054f0c3416c28 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johannes=20W=C3=BCrbach?= Date: Tue, 23 Apr 2024 14:55:22 +0200 Subject: [PATCH] feat: set backstage service-to-service auth key --- examples/with-backstage/README.md | 4 ++++ examples/with-backstage/backstage-humanitec.tf | 14 ++++++++++++++ examples/with-backstage/provider.tf | 4 ++++ 3 files changed, 22 insertions(+) diff --git a/examples/with-backstage/README.md b/examples/with-backstage/README.md index c41286d..65e8668 100644 --- a/examples/with-backstage/README.md +++ b/examples/with-backstage/README.md @@ -76,6 +76,7 @@ Once you are finished with the reference architecture, you can remove all provis | aws | ~> 5.17 | | github | ~> 5.38 | | humanitec | ~> 1.0 | +| random | ~> 3.5 | ### Providers @@ -84,6 +85,7 @@ Once you are finished with the reference architecture, you can remove all provis | aws | ~> 5.17 | | github | ~> 5.38 | | humanitec | ~> 1.0 | +| random | ~> 3.5 | ### Modules @@ -118,6 +120,7 @@ Once you are finished with the reference architecture, you can remove all provis | [humanitec_resource_definition_criteria.backstage_mysql](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource | | [humanitec_resource_definition_criteria.backstage_postgres](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource | | [humanitec_resource_definition_criteria.backstage_workload](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/resource_definition_criteria) | resource | +| [humanitec_value.app_config_backend_auth_keys](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/value) | resource | | [humanitec_value.aws_default_region](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/value) | resource | | [humanitec_value.backstage_cloud_provider](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/value) | resource | | [humanitec_value.backstage_github_app_client_id](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/value) | resource | @@ -128,6 +131,7 @@ Once you are finished with the reference architecture, you can remove all provis | [humanitec_value.backstage_github_org_id](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/value) | resource | | [humanitec_value.backstage_humanitec_org](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/value) | resource | | [humanitec_value.backstage_humanitec_token](https://registry.terraform.io/providers/humanitec/humanitec/latest/docs/resources/value) | resource | +| [random_bytes.backstage_service_to_service_auth_key](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/bytes) | resource | ### Inputs diff --git a/examples/with-backstage/backstage-humanitec.tf b/examples/with-backstage/backstage-humanitec.tf index cb75645..b06fbdb 100644 --- a/examples/with-backstage/backstage-humanitec.tf +++ b/examples/with-backstage/backstage-humanitec.tf @@ -85,6 +85,20 @@ resource "humanitec_value" "aws_default_region" { is_secret = false } +resource "random_bytes" "backstage_service_to_service_auth_key" { + length = 24 +} + +resource "humanitec_value" "app_config_backend_auth_keys" { + app_id = humanitec_application.backstage.id + key = "APP_CONFIG_backend_auth_keys" + description = "Backstage service-to-service-auth keys" + value = jsonencode([{ + secret = random_bytes.backstage_service_to_service_auth_key.base64 + }]) + is_secret = true +} + # Configure required resources for backstage locals { diff --git a/examples/with-backstage/provider.tf b/examples/with-backstage/provider.tf index 2d80a35..990d784 100644 --- a/examples/with-backstage/provider.tf +++ b/examples/with-backstage/provider.tf @@ -12,6 +12,10 @@ terraform { source = "integrations/github" version = "~> 5.38" } + random = { + source = "hashicorp/random" + version = "~> 3.5" + } } required_version = ">= 1.3.0" }