quaint-garden-96746
12/03/2019, 8:34 PMtime pulumi --logtostderr -v=9 stack
I1203 22:28:22.700826 89424 backend.go:408] found username for access token
I1203 22:29:03.110095 89424 backend.go:408] found username for access token
Current stack is stage:
Owner: project_iac
Last updated: 7 hours ago (2019-12-03 15:03:51.875385 +0200 EET)
Pulumi version: v1.6.1
Current stack resources (123):
...
Current stack outputs (7):
...
real 0m40.506s
user 0m0.289s
sys 0m0.093s
the others commands like pulumi up slow as well
how can i debug what is the reason of the huge slow down ?sudo tcpdump -i en0 "dst 54.70.73.136 || dst 35.163.58.164"
see many request to remote host during pulumi stack command runnig
then search info how to trace pulumi
https://www.pulumi.com/docs/troubleshooting/
and found this:colossal-beach-47527
12/04/2019, 4:25 PMquaint-garden-96746
12/04/2019, 8:57 PMsecret : {
apiVersion: "v1"
data : "[secret]"
id : "default/backend-api-secrets-ahdxt3ym"
kind : "Secret"
metadata : "[secret]"
stringData: "[secret]"
type : "Opaque"
urn : "urn:pulumi:stage::project-aws-eks::k8s:app:backend$kubernetes:core/v1:Secret::backend-api-secrets"
}
metadata of the k8s.core.v1.Secret became secret I use it for the creating service account with providing registry secret with secret.metadata.name
but it’s encrypted and my service account became encrypted as well and then I use sa.metadata.name for my deployment and its also became encrypted all my k8s resources became encrypted 😄.
i found workaround with:
secret.id.apply(v => v.replace(/^[^\/]+\//,''))
It’s not a good solution at all. I think not all metadata in secrets must be encrypted -> name at least