fix: disable leaked secrets assertion on grafana.ini

This is a workaround while we are implementing a better architecture for managing secrets in the DevOps Stack. One that milestone is accomplished, we will better manage the way we pass these values. See: - https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#override-configuration-with-environment-variables - grafana/helm-charts#2896
camptocamp · Apr 12, 2024 · 8d2c1c2 · 8d2c1c2
1 parent f4e52ec
commit 8d2c1c2
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/locals.tf b/locals.tf
@@ -185,7 +185,11 @@ locals {
         enabled = local.alertmanager.enabled
       })
       grafana = merge(local.grafana.enabled ? {
-        adminPassword = "${replace(local.grafana.admin_password, "\"", "\\\"")}"
+        # TODO Remove the `assertNoLeakedSecrets when we start properly managing them:
+        # - https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/#override-configuration-with-environment-variables
+        # - https://github.com/grafana/helm-charts/issues/2896
+        assertNoLeakedSecrets = false
+        adminPassword         = "${replace(local.grafana.admin_password, "\"", "\\\"")}"
         "grafana.ini" = {
           "auth.generic_oauth" = merge({
             enabled                  = true