https://pulumi.com
Join Slack
This message was deleted.
# general
s
This message was deleted.
l
For now I changed the prod stack passphrase to the same as the other stacks. Really not a good solution. So I'd still appreciate any input / feedback / direction on if this is possible and, if so, how. Based on what I'm seeing right now, this seems to be a conflict between what we're able to do with secrets providers (a documented feature) and stack references (also a documented feature). Note that I have already seen these issues: • https://github.com/pulumi/pulumi/issues/5151 and • https://github.com/pulumi/pulumi/issues/4665 No updates of note in ~3+ years.
Bump. @billowy-army-68599??
b
This is not supported now as you point out. The secrets provider needs to be able to decrypt the value. If you need to do this, use a cloud secrets provider like a kms key or the Pulumi service
Also: I appreciate you need an answer, but this is a best effort support basis.
✔️ 1
l
Thanks for the reply. It's not clear to me how using a cloud secrets provider fixes the issue. Is that b/c the provider is internally "known" by each stack so when I call "new StackReference" it knows everything required for that referenced stack, separate from the current stack?
I appreciate you need an answer, but this is a best effort support basis.
You're right. I know that. My apologies if I came across as demanding.
3 Views
Open in Slack
PreviousNext
Powered by

Pulumi Community

No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Powered by