Imagine you are working in the next feature for the main app of your employer and suddenly you notice something terrible: there is a hardcoded secret committed in the remote repository. This is something we must avoid at all costs because anyone with access to that repository can see the secret and potentially use it to access live data or bring the system down. After some investigation, you notice that the commit that introduced the secret is quite old, and lots of new commits have been added since then.
There are times where we have secret values to configure in our cloud resources for our system to work properly. For example, we might need to add an Api Key to a deployed application that communicates with a third party Api, or we have to connect to a SQL Server that only supports traditional user and password authentication. In this blog post we are going to explain how to pass secret values to an Infrastructure as Code pipeline in a secure way using Github Actions and Terraform.