No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hi, I’d like to ask about what is the best/recommended way to implement the following use case. I’m using Python.

I want to create a certain GitLab CI/CD variable for a list of GitLab projects that I construct dynamically by calling the API directly (with `requests`). The GitLab API needs an authentication token that I am providing via a configuration secret:
```gitlab_config = pulumi.Config('gitlab')
gitlab_apikey = gitlab_config.require_secret('api_key')```
This already is problematic, as the value of `gitlab_apikey` is an `Output[string]` . In order to use it in `requests`, I need to do everything inside an `apply()`:
```(...)

def get_projects(api_key: str):
    gl = gitlab.GitLabApi(api_key)

    projects = gl.get_projects()
    for project in projects:
        print(project.path)

gitlab_apikey.apply(get_projects)```
This works OK, but now I would need to create resources (namely, the <https://www.pulumi.com/registry/packages/gitlab/api-docs/projectvariable/|gitlab.ProjectVariable> resource) and Pulumi best practice (that I read somewhere in a github issue from someone at Pulumi, so assuming it’s correct) is to not create resources in the `apply()` callback. So, what are my options here?
Thank you!