You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
33 lines
1.2 KiB
Markdown
33 lines
1.2 KiB
Markdown
---
|
|
# quotesdb-625z
|
|
title: Document secrets management — Cloudflare API token, account ID, how to supply to OpenTofu and local dev
|
|
status: completed
|
|
type: task
|
|
priority: normal
|
|
created_at: 2026-03-10T23:32:08Z
|
|
updated_at: 2026-03-10T23:32:15Z
|
|
blocked_by:
|
|
- quotesdb-zzm3
|
|
---
|
|
|
|
<context>
|
|
Infrastructure is managed with OpenTofu using the Cloudflare provider. Configuration lives in `infra/`. Resources include a Cloudflare Worker (API), Cloudflare D1 database (bound to the worker), and a Cloudflare Pages project (UI frontend).
|
|
</context>
|
|
|
|
<goal>
|
|
Write documentation in `infra/README.md` or `docs/SECRETS.md` covering:
|
|
1. What secrets/credentials are required (Cloudflare API token, account ID)
|
|
2. How to provide them for local OpenTofu runs (environment variables or `.env` file — never commit)
|
|
3. How to provide them in CI/CD (GitHub Actions secrets or equivalent)
|
|
4. What permissions the Cloudflare API token needs (Workers, D1, Pages, DNS)
|
|
</goal>
|
|
|
|
<constraints>
|
|
- Do not commit any actual secrets or tokens — document the variable names only.
|
|
- Cross-reference the `.gitignore` for infra secrets files.
|
|
</constraints>
|
|
|
|
<commit>
|
|
`docs(quotesdb): document secrets management for Cloudflare credentials`
|
|
</commit>
|