This provider adds integration between Terraform, Pass and Gopass password stores.
It was forked from camptocamp/terraform-provider-pass.
Pass is a password store using gpg to encrypt password and git to version. Gopass is a rewrite of the pass password manager in Go with the aim of making it cross-platform and adding additional features.
Download the provider source code
$ go get github.com/mecodia/terraform-provider-pass
Enter the provider directory and build the provider
$ cd $GOPATH/src/github.com/mecodia/terraform-provider-pass
$ dep ensure
$ make build
With Terraform 0.14 you'll load it straight from the registry.
For development and testing purposes you can do this (adjust for your os/arch):
mkdir -p $(HOME)/.terraform.d/plugins/local/mecodia/pass/3.0/darwin_arm64/
cp ./bin/$(BINARY)_*_darwin_arm64 $(HOME)/.terraform.d/plugins/local/mecodia/pass/3.0/darwin_arm64/$(BINARY)
And you can then reverence it as local/mecodia/pass
in your providers block.
terraform {
required_providers {
pass = {
source = "mecodia/pass"
}
}
}
resource "pass_password" "test" {
path = "secret/foo"
password = "0123456789"
data = {
zip = "zap"
}
}
data "pass_password" "test" {
path = "${pass_password.test.path}"
}
The provider takes no arguments.
The resource takes the following arguments:
path
- Full path from which a password will be readpassword
- Secret passworddata
- (Optional) Additional secret data (keys and values, not nested)yaml
- (Optional) YAML document, can't be set together with data
The following attributes are exported:
path
- Full path from which the password was readpassword
- Secret passworddata
- Additional secret databody
- Raw secret data, only filled if not stored as YAMLfull
- Entire raw secret contents
The data source takes the following arguments:
path
- Full path from which a password will be read
The following attributes are exported:
path
- Full path from which the password was readpassword
- Secret passworddata
- Additional secret databody
- Raw secret data, only filled if not stored as YAMLfull
- Entire raw secret contents
If you wish to work on the provider, you'll first need Go installed on your machine (version 1.17+ is required). You'll also need to correctly set up a GOPATH, as well as adding $GOPATH/bin
to your $PATH
.
To compile the provider, run make build
. This will build the provider and put the provider binary in the $GOPATH/bin
directory.
$ make bin
...
$ $GOPATH/bin/terraform-provider-$PROVIDER_NAME
...
In order to test the provider, you can simply run make test
.
$ make test
In order to run the full suite of Acceptance tests, run make testacc
.
Note: Acceptance tests create real resources, and often cost money to run.
$ make testacc
summon goreleaser release --rm-dist