No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Morning <@U02RN6CC6LB> - you are actually able to commit secrets to git if you put them inside the config:

```pulumi config set &lt;key&gt; &lt;value&gt; -- secret```

whoah - so pulumi will encrypt them? with the pulumi key or the configured provider?

by default, it'll be a key configured by pulumi, but you can encrypt them with an aws kms key, google cloud key or azure kms key when you create the stack
<https://www.pulumi.com/blog/peace-of-mind-with-cloud-secret-providers/>

it there any short hand way to transfer all key-values from config to the container environment variables?

also I couldn't find any examples on how to use `EnvFrom` in `ContainerArgs` which sounds like could be it

you'd need something like this:
<https://www.pulumi.com/docs/intro/concepts/config/#structured-configuration>

and then pass the configuration object to the container