-
-
Save tristanmorgan/ac541f5689272a34e6135977c2bdf8ad to your computer and use it in GitHub Desktop.
| disable_checkpoint = true | |
| credentials_helper helper { | |
| args = [] | |
| } | |
| # save this in home. |
| #!/bin/sh | |
| set -e | |
| case $1 in | |
| store) | |
| security add-generic-password -U -a "TF-$USER" -c "htfm" -C "htfm" -D "Hashicorp Terraform" -s "$2" -w "$(jq -r .token)" | |
| ;; | |
| get) | |
| /bin/echo -n "{\"token\": \"$(security find-generic-password -g -a "TF-$USER" -s "$2" -w)\"}" | |
| ;; | |
| forget) | |
| security delete-generic-password -a "TF-$USER" -s "$2" | |
| ;; | |
| *) | |
| echo "Usage: $0 get|forget|store" | |
| ;; | |
| esac | |
| # save this into your ~/.terraform.d/plugins/ folder. |
Just found a Golang implementation terraform-credentials-env that loads your token from environment variables.
Hi, you might be interested in https://github.com/bendrucker/terraform-credentials-keychain, which implements this helper in Go. Thanks for posting the gist, wasn't aware of this functionality until I stumbled onto it/your Medium post.
Thanks @bendrucker, and if hashicorp/terraform-provider-tfe#146 /111 gets fixed we will have more places to use helpers.
and the API changed.... terraform-credentials-credstore --host=credstore.example.com store app.terraform.io for example.
The API is unchanged. Optional flags can be included before get/store/forget.
updated gist to use JQ to extract the token during the store action.
Read: I hadn't tested terraform login with it before.
Terraform Enterprise Creds Helper is a post about how this came to be.