https://pulumi.com logo
#general
Title
# general
w

worried-queen-62794

06/02/2023, 10:41 AM
I am following the strategy for enforcing resource tagging (https://www.pulumi.com/blog/automatically-enforcing-aws-resource-tagging-policies/) and one of those tags is the git commit hash. When a resource is updated I want the tag to be updated to the current commit hash but I don’t want a new commit to cause a change to the tag of every resource. Is this possible? I want something like a transformer that only applies when there is some other change.
p

polite-sandwich-68547

06/02/2023, 11:48 AM
what you're doing is quite unusual, what is the the real benefit of putting git commit hashes in resource tags?
w

worried-queen-62794

06/02/2023, 12:48 PM
It’s not that unusual. We do it for binary artifacts all the time. We used to do the same back in the days of Puppet deployments. It is for tracing back from a resource to the code that created it.