https://pulumi.com logo
Powered by
Title
m

many-psychiatrist-74327

04/30/2021, 8:27 PM
👋 hello! qq: how do I prevent an output from printing out as 
[secret]
? Context: I’m following this guide to create a GKE kubernetes cluster. The code (copy pasted from the example) generates a kubeconfig by combining the outputs of the cluster resource. I want to export the kubeconfig so I can use 
kubectl
against it, but it just prints out as 
[secret]
. Why?
here’s the code that generates the kubeconfig: 
export const kubeconfig = pulumi.
    all([ cluster.name, cluster.endpoint, cluster.masterAuth ]).
    apply(([ name, endpoint, masterAuth ]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });
b

billowy-army-68599

04/30/2021, 8:31 PM
pulumi stack output kubeconfig --show-secrets
m

many-psychiatrist-74327

04/30/2021, 8:35 PM
hmm ok, thanks! but why is it a secret in the first place?
i dont think there’s anything secret in the inputs (cluster zone, name, endpoint, CA)
maybe 
masterAuth
is treated as a secret by pulumi? 🤷‍♂️
anyway, if you don’t know off the top of your head, doesn’t matter thanks for the tip!
#generalJoin Slack
Powered by