This message was deleted.
# kubernetes
s
This message was deleted.
b
you're likely placing the lambda at the wrong place, can you share the code you tried?
b
Code is pretty complicated, but I’ll include the details as much as I can. So in
utils.py
,
Copy code
for secret_key in secret_keys:
        try:
            secret_value = config.require_secret(secret_key).apply(
                lambda val: val
            )
        except pulumi.ConfigMissingError as cme:
            raise cme
        richen_manifest['extra_env'].append({
            'name': secret_key,
            'value': secret_value
        })
   # this is a jinja2 template rendering...
   template.render(manifest)
and in the
__main__.py
, we call that rendering part from
utils
and then dump it to a temporary file.
Copy code
with open(tmp_manifest, 'w') as f:
                yaml.dump(yaml.load(rendered_manifest), f)

            kubernetes.yaml.ConfigFile(
                f'events-{server}-{product}-{stage}',
                file=tmp_manifest,
                opts=ResourceOptions(provider=k8s)
            )
And the bare template looks like
Copy code
containers:
        - image: {{ registry }}/{{ image }}:{{ image_tag }}
          env:
          {% for item in extra_env %}
            - name: {{ item.name }}
              value: "{{ item.value }}"
          {% endfor %}
So the resulting rendering looks like
Copy code
env:
        - name: SCHEMA_REGISTRY_AUTH
          value: "<pulumi.output.Output object at 0x7fcc98c51b80>"
b
you need to life the apply to where the template is rendered:
config.require_secret(secret_key).apply(template.render)
etc
b
Since there are lot’s of secrets that should be into the template, it’s tough to maintain the
apply
scheme. Is there any other solutions available?
b
no,
apply
is there because of technical reasons around when the value is known. Why is it tough to maintain?