viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks/platform
History
Viktor Barzin 7302cd7908 infra: untrack generated backend.tf (stale PG creds + .200 literal) [CI SKIP] 
terragrunt generates backend.tf per run (remote_state generate,
if_exists=overwrite_terragrunt) from get_env("PG_CONN_STR"); these 72 committed
copies are stale artifacts already covered by .gitignore:65. They held a
plaintext (Vault-rotated, ~expired) PG password + the .200 state-backend literal
and were re-committed by CI on every run. git rm --cached stops that; they
regenerate locally from PG_CONN_STR. The live .200:5432 literal now lives only
in scripts/tg (its single bootstrap source).

Part of the L4 LB-IP review (docs/plans/2026-06-03-lb-ip-hygiene-design.md).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-03 10:52:46 +00:00
..
.gitkeep [ci skip] Add Terragrunt directory skeleton and root config 2026-02-22 13:01:37 +00:00
.terraform.lock.hcl state(dbaas): update encrypted state 2026-03-19 20:23:59 +00:00
main.tf extract remaining 19 modules from platform, complete stack split [ci skip] 2026-03-17 21:42:16 +00:00
providers.tf kms: revert files accidentally bundled into the docs commit 2026-06-01 10:36:49 +00:00
secrets [ci skip] Migrate 22 platform service states to stacks/platform 2026-02-22 13:35:10 +00:00
terragrunt.hcl fix: resolve HCL semicolons and vault-platform dependency cycle 2026-03-14 17:37:25 +00:00
tiers.tf [ci skip] Phase 1: PostgreSQL migrated to CNPG on local disk 2026-02-28 19:08:06 +00:00