gifted-ocean-95126
05/10/2020, 2:22 PM-o StrictHostKeyChecking=no
). One way to achieve this is to generate the Droplet host keys locally on my PC then apply them to the Droplets using the user_data
droplet property. I could then add the host public keys to the Pulumi stack output and configure Ansible to check the hosts against those public keys when connecting.
But, running pulumi stack export
shows that the original #cloud-config
file, including the private keys, is being stored in the stack state. Although I understand that the data is encrypted, storing these files is unnecessary and so I would prefer not to store them.
Can I tell Pulumi to store the hashes and not the original contents of resource properties? Thank you.broad-dog-22463
05/10/2020, 2:29 PMbroad-dog-22463
05/10/2020, 2:29 PMbroad-dog-22463
05/10/2020, 2:30 PMgifted-ocean-95126
05/10/2020, 2:30 PMgifted-ocean-95126
05/10/2020, 2:31 PMbroad-dog-22463
05/10/2020, 2:33 PMgifted-ocean-95126
05/10/2020, 2:34 PMbroad-dog-22463
05/10/2020, 2:35 PMbroad-dog-22463
05/10/2020, 2:36 PMgifted-ocean-95126
05/10/2020, 2:38 PMgifted-ocean-95126
05/10/2020, 2:41 PMStateFunc
which allows this). https://github.com/terraform-providers/terraform-provider-digitalocean/blob/726215a1fd1d897296e22b7f5c28fb3a766e0f33/digitalocean/resource_digitalocean_droplet.go#L172broad-dog-22463
05/10/2020, 3:11 PMbroad-dog-22463
05/10/2020, 3:11 PM