https://pulumi.com logo
Title
s

sparse-apartment-71989

07/07/2021, 6:33 PM
Hello all. I’m wondering about the approach of storing the access token as a secret; e.g. from the Civo provider docs:
pulumi config set civo:token XXXXXXXXXXXXXX --secret
I see an encrypted value of the token is written out into a yaml file in the project. My question is, is this safe to commit into SCM or should it be ignored; i.e. excluded via .gitignore? Thanks in advance!
b

billowy-army-68599

07/07/2021, 6:36 PM
yes, it's safe to commit. It's encrypted by a unique key. You can also choose a cloud provider key like AWS KMS if you desire more control
s

sparse-apartment-71989

07/07/2021, 6:41 PM
Thx for the fast response!