From 3b40c22bf5deb0df1f7332332d6fdd489b24128d Mon Sep 17 00:00:00 2001
From: valerio-bontempi <valerio.bontempi@it.ibm.com>
Date: Fri, 12 Sep 2025 14:43:08 +0200
Subject: [PATCH] fix: added sensitive flag to input variables

---
 modules/eso-secretstore/variables.tf      | 1 +
 solutions/fully-configurable/variables.tf | 1 +
 2 files changed, 2 insertions(+)

diff --git a/modules/eso-secretstore/variables.tf b/modules/eso-secretstore/variables.tf
index 86035d49..3b00225f 100644
--- a/modules/eso-secretstore/variables.tf
+++ b/modules/eso-secretstore/variables.tf
@@ -44,6 +44,7 @@ variable "sstore_secret_apikey" {
   description = "APIkey to be stored into var.sstore_secret_name secret to authenticate with Secrets Manager instance"
   type        = string
   default     = null
+  sensitive   = true
   validation {
     condition     = var.eso_authentication == "api_key" ? var.sstore_secret_apikey != null : true
     error_message = "API Key authentication is enabled and scope for store is cluster, therefore sstore_secret_apikey must be provided."
diff --git a/solutions/fully-configurable/variables.tf b/solutions/fully-configurable/variables.tf
index 1db6f2d6..ed6b44ae 100644
--- a/solutions/fully-configurable/variables.tf
+++ b/solutions/fully-configurable/variables.tf
@@ -12,6 +12,7 @@ variable "secrets_manager_ibmcloud_api_key" {
   type        = string
   description = "API key to authenticate on Secrets Manager instance. If null the ibmcloud_api_key will be used."
   default     = null
+  sensitive   = true
 }
 
 variable "provider_visibility" {