https://pulumi.com logo
#general
Title
# general
b

brave-salesmen-42327

02/19/2019, 8:41 PM
Using pulumi config, and pulumi secrets, stored locally and encrypted. There is some help text that pops out that says
set PULUMI_CONFIG_PASSPHRASE to remember
but when I do that, it does't seem to work.
Copy code
[git::secrets]$ echo ${PULUMI_CONFIG_PASSPHRASE}
secret
[git::secrets]$ p config --show-secrets
Enter your passphrase to unlock config/secrets
    (set PULUMI_CONFIG_PASSPHRASE to remember):
error: incorrect passphrase
[git::secrets]$
Ed. Note: I just pressed enter here, resulting in the 'incorrect passphrase' message. To show that it is the correct password stored in my config passphrase shell var:
Copy code
[git::secrets]$ p config --show-secrets
Enter your passphrase to unlock config/secrets
    (set PULUMI_CONFIG_PASSPHRASE to remember):
KEY         VALUE
aws:region  us-east-1
info        useless
secrets     SuperSecret
g

gentle-diamond-70147

02/19/2019, 9:42 PM
Hi Jake, are you using the Pulumi service (app.pulumi.com) for your stack storage or the local backend?
The passphrase only applies to the local backend.
When using the service, the service manages a stack-specific key for you.
Note: we have some changes in the works for this at https://github.com/pulumi/pulumi/issues/1867 .
b

brave-salesmen-42327

02/19/2019, 10:20 PM
Howdy. Yeah its local backend. We don't have the service in use yet. Not approved. Yet.
g

gentle-diamond-70147

02/19/2019, 11:49 PM
Hmm, the
PULUMI_CONFIG_PASSPHRASE
env var works for me. https://gist.github.com/clstokes/2d3b34007dae2a388c3e38cfabd77d1e
b

brave-salesmen-42327

02/20/2019, 9:39 PM
Rar. I must be flubbing something up. Ill look back into it and post what I did wrong.
🤐 Nothing to see here. Move along. Basic shell fail: I wasn't exporting, I was setting previous to the execution.
g

gentle-diamond-70147

02/21/2019, 8:44 PM
Glad you got it figured out!
3 Views