7f5dbb82f4
Part of SOPS multi-user secrets migration. - .sops.yaml: defines age recipients (Viktor + CI) - scripts/tg: wrapper that decrypts secrets before running terragrunt - .gitignore: excludes decrypted secrets.auto.tfvars.json No functional change — terraform.tfvars still works as before.
66 lines
1.4 KiB
Text
Executable file
66 lines
1.4 KiB
Text
Executable file
|
|
# Created by https://www.toptal.com/developers/gitignore/api/terraform
|
|
# Edit at https://www.toptal.com/developers/gitignore?templates=terraform
|
|
|
|
### Terraform ###
|
|
# Local .terraform directories
|
|
**/.terraform/*
|
|
|
|
# .tfstate files
|
|
#*.tfstate
|
|
*.tfstate.*
|
|
|
|
# Crash log files
|
|
crash.log
|
|
|
|
# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
|
|
# .tfvars files are managed as part of configuration and so should be included in
|
|
# version control.
|
|
#
|
|
# example.tfvars
|
|
#*.tfvars
|
|
|
|
# Ignore override files as they are usually used to override resources locally and so
|
|
# are not checked in
|
|
override.tf
|
|
override.tf.json
|
|
*_override.tf
|
|
*_override.tf.json
|
|
|
|
# Include override files you do wish to add to version control using negated pattern
|
|
# !example_override.tf
|
|
|
|
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
|
|
# example: *tfplan*
|
|
|
|
git_crypt.key
|
|
|
|
# SOPS — decrypted secrets (temporary, never commit)
|
|
/secrets.auto.tfvars.json
|
|
/secrets.auto.tfvars.json.*
|
|
|
|
# Claude Code - temporary/sensitive files
|
|
.claude/cmd_input.txt
|
|
.claude/cmd_output.txt
|
|
.claude/cmd_status.txt
|
|
.claude/settings.local.json
|
|
.claude/._*
|
|
|
|
._*
|
|
|
|
# Terragrunt
|
|
.terragrunt-cache/
|
|
state/
|
|
|
|
# Terragrunt-generated files (providers, backend config)
|
|
backend.tf
|
|
providers.tf
|
|
.terraform.lock.hcl
|
|
|
|
# Kubernetes config (sensitive)
|
|
config
|
|
|
|
# Node.js (not part of infra)
|
|
node_modules/
|
|
package-lock.json
|
|
package.json
|