sparse-intern-71089
11/14/2023, 6:07 PMsalmon-account-74572
11/14/2023, 8:29 PMstale-answer-34162
11/14/2023, 8:36 PMpulumi up
in an isolated environment. A distroless container that only knows about pulumi such as Chainguard here is very appealing. I realize this image from Chainguard is more suited to automated deployments but I really like the idea of devcontainer -> pulumi deployment (or wherever) as that gives a full sbom on the provisioning toolchain, bypasses errors in user environments, and hopefully some protection from insecure vscode extensions.salmon-account-74572
11/14/2023, 9:07 PM