This message was deleted.

sparse-intern-71089

10/19/2020, 5:27 PM

This message was deleted.

billowy-army-68599

10/19/2020, 5:28 PM

is it a public helm chart? it's not actually the case that a deployment would update when a secret changes, you need to do some little tricks to refresh the deployment

billowy-army-68599

10/19/2020, 5:28 PM

(I'm assuming here you're changing the secret values, not the secret name)

bored-intern-60856

10/19/2020, 5:31 PM

Not public, and yea, I need to do some little tricks but I'm not sure what 😶

bored-intern-60856

10/19/2020, 5:32 PM

I've tried to change both the keys and values inside the secret, but yea, didn't change the secret name itself

bored-intern-60856

10/19/2020, 5:33 PM

I'm not sure if that's a Pulumi limitation, on purpose or bug, but I'd expect it to change. What tricks would you recommend? 😶

billowy-army-68599

10/19/2020, 5:42 PM

it's kind of expected. the trick is to add an annotation to your deployment with the md5 hash of the contents of your secret. You can do this with Helm: https://github.com/elastic/helm-charts/blob/master/metricbeat/templates/deployment.yaml#L43 or pulumi: https://gist.github.com/jaxxstorm/c0fb80dacc7d293750ffbc5f1ace4527#file-index-ts-L51

bored-intern-60856

10/19/2020, 5:44 PM

Why "kind of expected"?

bored-intern-60856

10/19/2020, 5:47 PM

Thanks alot, looks like it's gonna fix it for now

billowy-army-68599

10/19/2020, 5:48 PM

the values inside the secret are only picked up at scheduling time for the pod. you have to restart the pod to pick up the new values

bored-intern-60856

10/19/2020, 5:49 PM

No, I get that, but Pulumi auto-updates the deployments when the secrets/configmaps change, so why wouldn't it do that with a deployment inside a helm chart?

bored-intern-60856

10/19/2020, 5:50 PM

Is that the expected behaviour or should I open an issue regarding that?

gorgeous-egg-16927

10/19/2020, 5:56 PM

Just to clarify here: the reason it works for resources deployed natively with Pulumi is due to the resource dependency graph. This graph isn’t present within a Helm resource, which explains the lack of auto-update you’re seeing.

gorgeous-egg-16927

10/19/2020, 5:56 PM

Here’s an older blog post with a section on how that works: https://www.pulumi.com/blog/program-kubernetes-with-11-cloud-native-pulumi-pearls/#10-trigger-cascading-rollouts-from-dependent-updates

Open in Slack

Previous Next

Pulumi Community

No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.