Hi, i have created a new stack with: `pulumi stac...
# google-cloud
Hi, i have created a new stack with:
pulumi stack init dev --secrets-provider="gcpkms://<redacted>"
and in my code I have:
var config = new Config();
and later in code in an env var definition:
Value = config.RequireSecret("dev-db-connection-string")
and when i try pulumi up i still get:
Missing Required configuration variable 'projectName:dev-db-connection-string'
`please set a value using the command `pulumi config set projectName:dev-db-connection-string <value>`` the secret in GCP is called obviously
what am I missing?
does this only provide the key to encrypt the secrets and the secrets are/should be still kept by pulumi?
You are using Pulumi Config, which reads from the stack config file
great, thanks!
@green-school-95910 is there perhaps somewhere an example how this is used in C#
What I mean - is there a way to read existing secrets in GCP from Pulumi? All I see is ways to create a new secret..
I don't think there is an example of this particular resource on any oss repo. But at the lower in the page there is the
function, which gets a secret that already exists.
finally got it to work with
Copy code
Value = Output.Create(Pulumi.Gcp.SecretManager.GetSecretVersion.InvokeAsync(new Pulumi.Gcp.SecretManager.GetSecretVersionArgs
                                       Secret = "projects/<some_id>/secrets/<secret_name>"
                                   })).Apply(x => x.SecretData)
Oh, right.... I should have asked which language you are using and pointed to the specific docs
Sorry about that