https://pulumi.com logo
Join Slack
Powered by
what is the easiest way to "wait" for whole object...
# general
b
what is the easiest way to "wait" for whole object and then get is as JSON? I have gcp.serviceaccount.ServiceAccountKey, all of it's properties are Output<>, but object itself is not, so I tried following, but failed:
Copy code
const x = new gcp.serviceaccount.Key(...)
new k8s.core.v1.Secret("x", { data:  {key: x.apply(JSON.stringify) }} )
b
I think you have to wrap all the properties you need which are outputs inside of a 
pulumi.all
c
Copy code
const gcpCredentials = new k8s.core.v1.Secret('gcp-credentials', {
  metadata: {
    namespace: namespace.metadata.name,
    labels: config.appLabels
  },
  type: 'Opaque',
  stringData: {
    'gcp-credentials.json': serviceAccount.key.privateKey.apply(x => Buffer.from(x, 'base64').toString('utf8'))
  }
});
This is what we do in our projects
b
that is just a key, not the whole json, right?
c
It’s the entire GOOGLE_APPLICATION_CREDENTIALS file
So we mount this secret in our pods, and use an env 
GOOGLE_APPLICATION_CREDENTIALS
as a path to the mount.
b
@busy-umbrella-36067, if I set whole resource as stack output, it comes back as a plain JSON , so they already have a generic code which does all the promise resolution, I'll try to find it
@cool-egg-852, thanks, I'll check, but I recall there were problems with GOOGLE_APPLICATION_CREDENTIALS in a ruby library project is using
worth a shot nevertheless
@cool-egg-852,you were right, worked!
I was looking at .priavateKey in the stack output and though it is a whole .Key . got confused by the fact that inside that privateKey there is another 
private_key
c
Ah, yeah, it is confusing.
Open in Slack
PreviousNext
Powered by