You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
$ pulumi about
CLI
Version 3.111.1
Go Version go1.22.1
Go Compiler gc
Plugins
NAME VERSION
go unknown
vault 4.6.0
Host
OS darwin
Version 12.6
Arch x86_64
This project is written in go: executable='/[***]/go/bin/go' version='go version go1.22.1 darwin/amd64'
Backend
Name M[***]V
URL file://.state
User q[***]
Organizations
Token type personal
Dependencies:
NAME VERSION
github.com/pulumi/pulumi-vault/sdk/v4 v4.6.0
github.com/pulumi/pulumi/sdk/v3 v3.52.1
Pulumi locates its logs in /var/folders/_[***]p/T/ by default
warning: Failed to get information about the current stack: No current stack
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
The text was updated successfully, but these errors were encountered:
Hi @kindy, sorry for the trouble and long delay getting back to you! Thanks for your patience.
When you read the config into your program with cfg.RequireObject, the values will be in plaintext. When passing those plaintext values as inputs elsewhere, the system won't know that they are secret values.
If you use cfg.RequireSecretObject instead, the secretness would be maintained, but you'd have to access the value inside an Apply and since you're using the value in a loop to create resources, I wouldn't recommend that, since we generally don't recommend creating resources inside an Apply because it can make previews unreliable.
Instead, in this case, I'd suggest continuing to use cfg.RequireObject, but explicitly making any values secret that should be secret when passed as inputs to other resources.
What happened?
as title said.
Example
steps:
dev
k0-jwt-token
)pulumi config set k8s.clusters.k0.token k0-jwt-token -s dev --secret --path
vault server -dev -dev-root-token-id="dev-root"
pulumi up -s dev
(passdev
)k0-jwt-token
is searchablecode.tar.gz
Output of
pulumi about
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
The text was updated successfully, but these errors were encountered: