No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

What are the best practices about deploying env variables / secrets?
1. At deploy time resolve all the variables, set them somewhere as environment variables and use them in the program ?  (so e.g. github actions would connect to pulumi, but not the deployed binary)
2. At startup time, the program itself connects to pulumi ESC to download the variable it needs? (here we need the deployed binary to connect to pulumi too)