sparse-intern-71089
12/20/2019, 10:22 PMwhite-balloon-205
prehistoric-account-60014
12/20/2019, 10:26 PMdevelopment
into a new stack on each merge request. Because Pulumi.development.yaml
can’t just be copied, because of how the encryption is unique per stack, I’m getting the config JSON so that I can loop through it and set it in the new stack. Here’s the snippet:
function test_pulumi() {
PULUMI_STACK=test
CI_ENVIRONMENT_SLUG=development
CI=true
pulumi login
pulumi stack init $PULUMI_STACK || true
if [[ "$CI_ENVIRONMENT_SLUG" != "production" ]] || [[ "$CI_ENVIRONMENT_SLUG" != "staging" ]]; then
json="$(pulumi config --verbose=3 --stack $PULUMI_STACK --config-file Pulumi.development.yaml --show-secrets --json)"
keys="$(echo $json | jq -r 'keys[]')"
for key in $(echo $keys | tr '\n' ' ')
do
pulumi config --stack "$PULUMI_STACK" set "$key" "$(echo $json | jq -r '.["'"$key"'"].value')" $(if [ "$(echo $json | jq -r '.["'"$key"'"].secret')" = "true" ]; then echo "--secret"; fi)
done
fi
prehistoric-account-60014
12/20/2019, 10:26 PMpulumi login
.prehistoric-account-60014
12/20/2019, 10:28 PMtest_pulumi
because I’m reproducing this stuff locally after getting the 400
in CI. Getting the 400
locally as well.prehistoric-account-60014
12/20/2019, 10:29 PM--stack $PULUMI_STACK
to --stack development
in the line where I get the JSON and that would be fine for now. I was just wondering if it wasn’t supported to decrypt from a config file that’s different from the current stack? (I’m like 99% sure that’s the issue here)prehistoric-account-60014
12/20/2019, 10:34 PMdevelopment
instead of specifying the configuration file. I was trying to avoid this before because I didn’t want to hardcode the development stack, but hardcoding Pulumi.development.yaml
is basically the exact same thing. I’m guessing that the server returns a 400
because it’s using the encryption key of $PULUMI_STACK
but attempting to decrypt Pulumi.development.yaml
which belongs to another stack and that makes perfect sense. I guess the error message could be a bit clearer but it was definitely an erroneous setup on my end. I guess I didn’t need any help 😅prehistoric-account-60014
12/20/2019, 10:35 PMwhite-balloon-205
prehistoric-account-60014
12/20/2019, 10:47 PM