When using the OpenStack provider (and possibly other providers?) it seems to be storing both username and password the Pulumi state – how to avoid that? Very unsafe and unnecessary (it also generates a diff depending on who updates the stack) 😅

You can mark outputs as secrets, although we should probably mark that one by default. Can you open an issue please https://github.com/pulumi/pulumi-openstack

Alright, could you refer me to any docs on how to mark these values as secret? Should I explicitly pass the username & password in the provider options and grab the value from the env vars explicitly and wrap them? I will open an issue! Thanks 😄

Hi @sticky-translator-17495 - what version of the provider are you using?

That's a good question! Most likely not the latest... Lemme have a look

I believe I fixed this issue 😉 https://github.com/pulumi/pulumi-openstack/blob/master/CHANGELOG.md#2141-2021-02-16

Alright, how embarrassing, case closed! Sorry for the smoke, luckily there was no fire 🤓

hey it's good to raise the issues! We'd rather you were happy 🙂

🙏🏻 Now off to upgrade deps! Life of a JS dev

😄