I dont know if it is GCP specific as we dont use other providers, but

new gcp.Provider("name", {project: "another-project"})

leaks ambient provider credentials into stack unencrypted

Ok, looking at it right now

hmm, just checked cloudflare provider from another stack. in stack config:

config:
  cloudflare: my-email
  cloudflare:token:
    secure:  ABCDEFG

but in stack state file there is a

pulumi:providers:cloudflare

resource with

.token

property shown as is butt naked

ok

for the reference, we also have

gcloud auth activate-service-account --key-file <(printf '%s' "${GOOGLE_CREDENTIALS}")

but I think it is redundant and GOOGLE_CREDENTIALS is enough

so you have something like

yes

👍

yes, looks similar. if you check stack file there is a credentials field with full token unencrypted

it's right there in the stack output when you use a custom provider

it is concealed for GCP ambient provider though, but ambient cloudflare provider reveals token too

to see if the same behaviour exists

do you want me to open cloudflare issue too or it is a generic problem with providers?

Out of curiosity, any reason you use an env var for the credentials instead of

GOOGLE_APPLICATION_CREDENTIALS

which is a path to the json instead of the contents? Or does this not actually work with the provider (haven’t tested this myself)?

no particular reason, we pull credentials from bootstrap stack output, where all projects and all pulumi service accounts are managed. then individual pulumi stack is doing:

GCP_PROJECT_INFO=$(pulumi stack output output --show-secrets -j --stack nakhoda/gcp-bootstrap/prod | python -c 'import json,sys; print(json.dumps(json.load(sys.stdin)["'${PULUMI_STACK#*/}'"]))')
GOOGLE_CREDENTIALS=$(python -c 'import json,sys; print(json.load(sys.stdin)["serviceAccountKey"])' <<<"$GCP_PROJECT_INFO" | base64 -d)
export GOOGLE_CREDENTIALS

Ah gotcha.