No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Hello! I have an operator deployed and I am making a stack, the stack references a github repo. The expected behavior will be that the operator syncs up the stack to always match the github repo. I want to use my own backend for states instead of pulumi cloud. If you have a workload identity set up with the operator, do I need to specify google cloud credentials in the stack or can I just specify backend: "gs://{bucket_name}}"

I haven't tried using a backend like tfstate, but I would say that you will need credentials since you are going to create files in the bucket.

My operator has a service account setup for workload identity so it can create the gcp resources! I've specified the backend as a gcs bucket and I'm trying to do self hosted. However I'm running into an issue where it's asking for a pulumi access token. I was wondering if its possible to do so without given that I want to host it on my own

```evel":"error","ts":"2024-01-17T21:53:52.510Z","logger":"controller_stack","msg":"Failed to update Stack","Request.Namespace":"pulumi","Request.Name":"my-stack-h4mhn5zb","Stack.Name":"staging","error":"failed to create and/or select stack staging: failed to select stack: exit status 255\ncode: 255\nstdout: \nstderr: error: PULUMI_ACCESS_TOKEN must be set for login during non-interactive CLI sessions\n\n","stacktrace":"<http://github.com/pulumi/pulumi-kubernetes-operator/pkg/controller/stack.(*ReconcileStack).Reconcile|github.com/pulumi/pulumi-kubernetes-operator/pkg/controller/stack.(*ReconcileStack).Reconcile>\n\t/home/runner/work/pulumi-kubernetes-operator/pulumi-kubernetes-operator/pkg/controller/stack/stack_controller.go:638\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).reconcileHandler\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.0/pkg/internal/controller/controller.go:298\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).processNextWorkItem\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.0/pkg/internal/controller/controller.go:253\nsigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller).Start.func2.2\n\t/home/runner/go/pkg/mod/sigs.k8s.io/controller-runtime@v0.9.0/pkg/internal/controller/controller.go:214"}```

here you have the pulumi connector: <https://github.com/pulumi/actions>. Add in the previous step the gcp credentials