dazzling-oxygen-84405
05/07/2024, 5:58 PMkubeconfig
argument to the provider causes the provider to be replaced, which also causes all resources in the stack to be replaced!
We've worked around this by doing some stack editing, and manually replacing the kubeconfig
input in the stack state, so the change is not detected. This doesn't seem like a sustainable workflow though, what is the recommended way of rotating provider credentials?modern-zebra-45309
05/07/2024, 6:01 PMhallowed-photographer-31251
05/09/2024, 9:26 PMdazzling-oxygen-84405
05/10/2024, 7:20 AMsalmon-gold-74709
05/22/2024, 12:28 PMdamp-airline-38442
05/22/2024, 8:44 PMmodern-zebra-45309
05/22/2024, 8:56 PMdazzling-oxygen-84405
05/22/2024, 9:03 PMclusterId
, only treat the provider as changed if this value changes) sounds like it would work for us. An env var would probably also be OK, but the clusterId
seems more explicit.
With the env var, I think it would have to be a "sticky" change, so once I run PULUMI_K8S_NO_REPLACE_PROVIDER=1 pulumi up
, the provider remembers the updated kubeconfig, and the env var no longer needs to be set (until the kubeconfig changes again).most-lighter-29914
05/24/2024, 6:39 AMclusterId
sounds good as a solution for thissalmon-gold-74709
05/30/2024, 2:00 PMhallowed-photographer-31251
05/30/2024, 2:28 PMhallowed-photographer-31251
07/19/2024, 4:16 PMclusterIdentifier
provider configuration and it’s available in 4.16.0-alpha.1721342660
if you’d like to give it a spin!