I am creating a logic inside terraform to do a for_each loop towards a directory using fileset() function. So, Whenever a *.yaml file is published into the directory. Terraform will take the config data from yaml file as input to spin up an Azure subscription. Since, fileset() is local directory-based function. Tracking 50-100 yaml files (Each files represents a subscription) as part of Git is not effective approach to scale.
But, upon scaling Git will be holding a lot of .yaml files tracked in a directory of git repo causes the git pull to be heavy.
- What will be the recommendation to have this directory external to git repo?
- How can I pass sensitive variables using the .yaml. Since, terraform can only replace the tfvars when the file is .tf with a variable. The yaml variable replacement is handled external to terraform. So, handling sensitive values is difficult