wip

Author: mrlockstar

infrastructure/modules/container-app/main.tf

@@ -76,6 +76,14 @@ resource "azurerm_container_app" "main" {
         }
       }
 
+      dynamic "secret" {
+        for_each = var.secret_variables
+        content {
+          name = lower(secret.key)
+          value = secret.value
+        }
+      }
+
       dynamic "env" {
         for_each = var.fetch_secrets_from_app_key_vault ? data.azurerm_key_vault_secrets.app[0].secrets : []
         content {

infrastructure/modules/container-app/variables.tf

@@ -52,7 +52,13 @@ variable "docker_image" {
 }
 
 variable "environment_variables" {
-  description = "Environment variables to pass to the container app. Only non-secret variables. Secrets must be stored in key vault 'app_key_vault_id'"
+  description = "Environment variables to pass to the container app. Only non-secret variables. Secrets can be stored in key vault 'app_key_vault_id'"
+  type        = map(string)
+  default     = {}
+}
+
+variable "secret_variables" {
+  description = "Secret environment variables to pass to the container app."
   type        = map(string)
   default     = {}
 }