glamorous-printer-66548
09/10/2018, 8:26 AMpassword: execSync('gcloud auth print-access-token').toString('utf8'))
). This access token changes on every pulumi up
invocation and because of this pulumi shows the resource as updated on every invocation. I’m not sure if it’s a good design decision that pulumi considers the password / access_token part of the permanent state / checkpoint of the resource since it’s more or less a secret that it just needed to create the resource but not a crucial part of the resource itself (i.e. unlike a password of a database resource). Also for GCR there is no classic notion of a long lived username / password (see https://cloud.google.com/container-registry/docs/advanced-authentication) . I think the easiest / quick-win for me would be if you allow to disable authentication (i.e. skip docker login
) since my local docker is already authenticated automatically via gcloud which is registered as docker credential helper (see also https://cloud.google.com/sdk/gcloud/reference/auth/configure-docker).creamy-potato-29402
09/10/2018, 5:43 PM