sparse-intern-71089
10/23/2021, 3:41 PMbillowy-army-68599
bulky-area-51023
10/23/2021, 5:43 PMutils.py
,
for secret_key in secret_keys:
try:
secret_value = config.require_secret(secret_key).apply(
lambda val: val
)
except pulumi.ConfigMissingError as cme:
raise cme
richen_manifest['extra_env'].append({
'name': secret_key,
'value': secret_value
})
# this is a jinja2 template rendering...
template.render(manifest)
and in the __main__.py
, we call that rendering part from utils
and then dump it to a temporary file.
with open(tmp_manifest, 'w') as f:
yaml.dump(yaml.load(rendered_manifest), f)
kubernetes.yaml.ConfigFile(
f'events-{server}-{product}-{stage}',
file=tmp_manifest,
opts=ResourceOptions(provider=k8s)
)
And the bare template looks like
containers:
- image: {{ registry }}/{{ image }}:{{ image_tag }}
env:
{% for item in extra_env %}
- name: {{ item.name }}
value: "{{ item.value }}"
{% endfor %}
So the resulting rendering looks like
env:
- name: SCHEMA_REGISTRY_AUTH
value: "<pulumi.output.Output object at 0x7fcc98c51b80>"
billowy-army-68599
config.require_secret(secret_key).apply(template.render)
etcbulky-area-51023
10/23/2021, 6:47 PMapply
scheme. Is there any other solutions available?billowy-army-68599
apply
is there because of technical reasons around when the value is known. Why is it tough to maintain?