https://pulumi.com logo
#kubernetes
Title
# kubernetes
b

brave-ambulance-98491

03/09/2020, 2:29 PM
I'm working on bootstrapping a cluster, and I noticed that when I create a
kubernetes.Provider
with an inline
kubeconfig
string, the string (with cluster access tokens) isn't being treated as a secret. Is there any way to mark this as a secret, so that the cluster's cleartext root credentials aren't available in diffs and the state store?
g

gentle-diamond-70147

03/09/2020, 4:18 PM
Yea, I believe this should do it.
Copy code
const k8sProvider = new k8s.Provider(projectName, {
    kubeconfig: pulumi.secret(kubeconfig), // <-- use pulumi.secret(...)
});
b

brave-ambulance-98491

03/09/2020, 4:48 PM
Thanks, that works great! I thought I had tried that earlier and had it fail, but I must have not. 🙂
5 Views