sparse-intern-71089
07/26/2021, 6:26 PMbored-table-20691
07/26/2021, 6:27 PMtls
package for similar purposes and haven’t seen this happen.
What does this code look like?faint-dog-16036
07/26/2021, 6:32 PMPrivateKey
resource in tls only outputs privateKeyPem
, so I use the sshpk
util to convert over to openssh format:
function convertPrivateKeyToOpenSSH(key: pulumi.Input<string>) {
return pulumi.output(key).apply((unwrappedKey) => {
const parsedKey = sshpk.parsePrivateKey(unwrappedKey, "pem");
// @ts-ignore
return parsedKey.toString("ssh");
});
}
... which is called like:
convertPrivateKeyToOpenSSH(tlsPrivateKeyOutput.privateKeyPem)
... the result of which is pushed in stringData
in a k8s cluster Secret.billowy-army-68599
bored-table-20691
07/26/2021, 6:40 PMconvertPrivateKeyToOpenSSH
returns the same string every time?faint-dog-16036
07/26/2021, 6:47 PM+-kubernetes:core/v1:Secret: (replace)
~ stringData: {
}
... and I compared secrets before/after application and they look identical.faint-dog-16036
07/26/2021, 7:10 PM