You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are using SOPS with AWS KMS key approach to manage secrets in our Terragrunt.
The issue is that there seems to be no easy way to read it ONCE, and only once, and then share its contents across all modules, dependencies, includes etc etc - we've tried everything, but always end up with repeating either sops_decrypt_file() or read_terragrunt_config() (WITH sops_decrypt_file() in it) over and over across each include{} block, which results in EXTREMELY long terragrunt execution as it calls KMS API to decrypt SOPS file 10-15 times during the execution.
I've read through dozens of issues, discussions, proposals etc here on github and on SO as well, without any reasonable answer - some pointed over to new stacks feature which does not seem to solve this problem at all.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hi,
We are using SOPS with AWS KMS key approach to manage secrets in our Terragrunt.
The issue is that there seems to be no easy way to read it ONCE, and only once, and then share its contents across all modules, dependencies, includes etc etc - we've tried everything, but always end up with repeating either sops_decrypt_file() or read_terragrunt_config() (WITH sops_decrypt_file() in it) over and over across each include{} block, which results in EXTREMELY long terragrunt execution as it calls KMS API to decrypt SOPS file 10-15 times during the execution.
I've read through dozens of issues, discussions, proposals etc here on github and on SO as well, without any reasonable answer - some pointed over to new stacks feature which does not seem to solve this problem at all.
Any suggestions?
Beta Was this translation helpful? Give feedback.
All reactions