Docs feedback: consider suggesting Terraforms environmental-variable alternative to putting tokens into config files
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
The GitLab documentation has several places which suggest creating a .terraformrc file with a GitLab token. That's in the documentation in places like this:
https://docs.gitlab.com/ee/user/packages/terraform_module_registry/
In your linked examples like this:
https://gitlab.com/mattkasa/terraform-module-test/-/blob/main/.gitlab-ci.yml
In the console help on the infrastructure registry page for a Terraform package:
Registry setup
To authorize access to the Terraform registry:
credentials "git.loc.gov" { token = "<TOKEN>" }
Until Terraform 1.2.0 was released that was the easiest option but now Terraform supports the functionality which used to be in the terraform-env-credentials plugin where you can set TF_TOKEN_<hostname with dots converted to hyphens>:
https://developer.hashicorp.com/terraform/cli/config/config-file#environment-variable-credentials
I think that would be useful to recommend, possibly exclusively, because it's much simpler to say TF_TOKEN_git_example_org=$CI_JOB_TOKEN than have to create files & populate them without leaking the values accidentally, and because it's easier to set that value globally rather than having to deal with creating files in multiple places.