[infra] SOPS-encrypt global.tfvars for Azure deployment

[daniel-goldstein]

What happened?

The infrastructure necessary to run a Hail Batch deployment (network, buckets, DB, Kubernetes cluster) are managed through Terraform in infra/gcp and infra/azure. In order to migrate terraform resources, the terraform module need to be given input variables specific to our deployment provided through a global.tfvars file. Since this file contains secrets, in GCP we encrypt the file with SOPS and check it into the repo so that any developer with the credentials to our deployment can run the terraform. This is not the case in Azure, so if a developer wants to run the Azure terraform they have to obtain the global.tfvars from myself. We should use the same strategy for communicating this file as we do in GCP.

Version

0.2.129

Relevant log output

No response