fast-vr-6049
12/06/2023, 7:56 PMignoreChanges
Custom Resource Option to ignore changes to the value, but it means that any resources that depend on the Token won't be able to get the value if anything ever changes
b) Regenerate the Token every time, which works, but isn't ideal for anything that consumes the token outside of the stack (like as an output)
My question: is it possible to set the Token as a (secret) Stack Output, then in future Pulumi runs, refer to that Output? I know you can reference the Outputs of another Stack using StackReference
. Could I poke the infinite recursion bear by doing something like a StackReference(self)
? If that pattern doesn't work, I'd also welcome suggestions for other methods.little-cartoon-10569
12/06/2023, 8:06 PMpulumi up
isn't touching the source of the value. You can use a stack reference to get that value any number of times, and the Azure container registry token isn't getting involved: the value is coming from the other stack's state.fast-vr-6049
12/06/2023, 8:08 PMlittle-cartoon-10569
12/06/2023, 8:08 PMdry-keyboard-94795
12/06/2023, 8:08 PMlittle-cartoon-10569
12/06/2023, 8:09 PMlittle-cartoon-10569
12/06/2023, 8:09 PMlittle-cartoon-10569
12/06/2023, 8:09 PMfast-vr-6049
12/06/2023, 8:11 PMup
command. Setting the Token's value as an output safely stores it in the Stack's state somewhere, which is why I thought using a Stack Reference would work. That old cached value is exactly what I'm hoping to retrievelittle-cartoon-10569
12/06/2023, 8:12 PMlittle-cartoon-10569
12/06/2023, 8:12 PMfast-vr-6049
12/06/2023, 8:13 PMSecrets
Stack?little-cartoon-10569
12/06/2023, 8:13 PMlittle-cartoon-10569
12/06/2023, 8:14 PMlittle-cartoon-10569
12/06/2023, 8:16 PMlittle-cartoon-10569
12/06/2023, 8:16 PMfast-vr-6049
12/06/2023, 8:19 PMlittle-cartoon-10569
12/06/2023, 8:20 PMfast-vr-6049
12/06/2023, 8:22 PMbeginGenerateCredentialsAndWait()
invocation, then never again. After that, the only option for getting a value is to invoke regenerateCredential()
, invalidating the old valuelittle-cartoon-10569
12/06/2023, 8:22 PMfast-vr-6049
12/06/2023, 8:25 PMGetSecret()
method on subsequent Pulumi executions, but that'd have to happen before the Secret resource is declaredlittle-cartoon-10569
12/06/2023, 8:25 PMfast-vr-6049
12/06/2023, 8:25 PMlittle-cartoon-10569
12/06/2023, 8:25 PMfast-vr-6049
12/06/2023, 8:29 PMlittle-cartoon-10569
12/06/2023, 8:59 PMdry-keyboard-94795
12/06/2023, 9:22 PMfast-vr-6049
12/06/2023, 9:29 PMbeginGenerateCredentialsAndWait()
using the Azure ARM SDK (API here) because there's no equivalent in the Pulumi resource model. As such, that value doesn't become part of the Token resource. Because you can only call that method once, you can only have the value available to the run once, thus my dilemmafast-vr-6049
12/06/2023, 9:32 PMregenerateCredential()
(https://learn.microsoft.com/en-us/javascript/api/%40azure/arm-containerregistry/registries?view=azure-node-latest#@azure-arm-cont[…]neratecredential) working during subsequent runs, but it runs into that less-than-ideal case of the value of the secret changing every rundry-keyboard-94795
12/06/2023, 9:35 PMrandom
provider for generating a password?fast-vr-6049
12/06/2023, 9:36 PMdry-keyboard-94795
12/06/2023, 9:37 PMdry-keyboard-94795
12/06/2023, 9:38 PMfast-vr-6049
12/06/2023, 9:39 PMCreationTime
, Expiry
, and Name
https://www.pulumi.com/registry/packages/azure-native/api-docs/containerregistry/token/#tokenpasswordfast-vr-6049
12/06/2023, 9:39 PMValue
, but it isn't populated when the Token resource is createddry-keyboard-94795
12/06/2023, 9:40 PMfast-vr-6049
12/06/2023, 9:42 PMdry-keyboard-94795
12/06/2023, 9:44 PMfast-vr-6049
12/06/2023, 9:44 PMfast-vr-6049
12/06/2023, 9:56 PMerror: Code="PasswordCannotBeAdded" Message="New passwords can be added only through 'generateCredentials'. For more information on repository permissions, please visit <https://aka.ms/acr/repo-permissions>."
dry-keyboard-94795
12/06/2023, 9:59 PMfast-vr-6049
12/06/2023, 9:59 PMdry-keyboard-94795
12/06/2023, 10:00 PMfast-vr-6049
12/06/2023, 10:06 PMdry-keyboard-94795
12/06/2023, 10:06 PM