It is always safe to commit the stack settings/config files. All secrets are in encrypted form inside this file.
Usually what we suggest is:
- If it's a stack you're using in a team environment, commit the config file. This just makes it easier to share.
- If it's a private dev stack that you're not sharing, you get to decide. If it's in the context of a shared repo, it probably doesn't make sense to commit. If it's your own private Git repo, and having dev stacks in there wouldn't be confusing, it's usually more convenient just to commit them.
Although it's true the service records the config, it's helpful to have it in Git. This gives you a history of updates (although our service can do the same, having it alongside code is often helpful). More importantly, it means all "inputs" to a Pulumi update are always fully specified in code (code+config), which means all you need to do is
git checkout
at the right commit, and you have everything you need. We do offer a
pulumi config refresh
command that reloads the config from the service, but needing to orchestrate that command alongside Git commands can be tedious/error prone.
HTH, this is definitely an area we'd love feedback on.