kind-mechanic-53546
05/19/2020, 7:23 AMdocker.Image
but I cannot get it to pass it decrypted
Definition: _export_ const sec = pulumiConfig.requireSecret("secKey");
I've tried pulumi.all([sec]).apply(([secString]) => { return { ARG_NAME: secString }; });
and { ARG_NAME: sec.apply(v=>v) }
Neither of these works, the value is always either [secret]
or Calling [toString] on an [Output<T>] is not supported.\n\nTo get the value of an Output...
For what it's worth, pulumi.all
works fine on a secret imported from another stack using a StackReferencefuture-barista-68134
05/19/2020, 2:05 PMconst buildArgs = sec.apply( secret => {
return {
args: {
ARG_NAME: secret
}
}
});
const dockerImage = new docker.Image("name", {
imageName: "image-name",
build: buildArgs
});
_Note_: Inside of anorapply
, your secret will be decrypted for use within the callback in plaintext. It is up to your program to treat this value sensitively and only pass the value to code that you trust.all
kind-mechanic-53546
05/19/2020, 10:09 PMconst pulumiConfig = new pulumi.Config();
const sec = pulumiConfig.requireSecret("secKey");
const sec2 = pulumiConfig.requireSecret("sec2Key");
const buildArgs = pulumi.all([sec, sec2]).apply(([secVal, sec2Val]) => {
return {
ARG1: secVal,
ARG2: sec2Val,
};
});
const imageName = "spark-dotnet";
const imageVersion = "v1beta-0.0.1-spark-2.4.5";
const image = new docker.Image(imageName, {
imageName: pulumi.interpolate`${k8sInfraStack.k8sRegistryLoginServer}/${imageName}:${imageVersion}`,
build: {
context: `./spark-dotnet-docker`,
args: buildArgs,
},
registry: {
server: k8sInfraStack.k8sRegistryLoginServer,
username: k8sInfraStack.k8sRegistryUsername,
password: k8sInfraStack.k8sRegistryPassword,
},
});
future-barista-68134
05/19/2020, 11:26 PMkind-mechanic-53546
05/20/2020, 4:26 AMconst buildArgs = pulumi.all([sec, sec2]).apply(([secVal, sec2Val]) => {
return {
ARG1: `https:<mailto://${secVal}@org.visualstudio.com|//${secVal}@org.visualstudio.com>`,
fatal: could not read Password for 'https://[secret]@org.visualstudio.com': No such device or address
future-barista-68134
05/20/2020, 12:44 PMconst buildArgs = pulumi.all([sec, sec2]).apply(([secVal, sec2Val]) => {
return {
context: `./spark-dotnet-docker`,
args: {
ARG1: secVal,
ARG2: sec2Val
}
}
});
const imageName = "spark-dotnet";
const imageVersion = "v1beta-0.0.1-spark-2.4.5";
const image = new docker.Image(imageName, {
imageName: pulumi.interpolate`${k8sInfraStack.k8sRegistryLoginServer}/${imageName}:${imageVersion}`,
build: buildArgs,
registry: {
server: k8sInfraStack.k8sRegistryLoginServer,
username: k8sInfraStack.k8sRegistryUsername,
password: k8sInfraStack.k8sRegistryPassword,
},
});
kind-mechanic-53546
05/20/2020, 10:58 PM