https://pulumi.com logo
Join Slack
Powered by
:wave: hello! qq: how do I prevent an output from...
# general
m
👋 hello! qq: how do I prevent an output from printing out as 
[secret]
? Context: I’m following this guide to create a GKE kubernetes cluster. The code (copy pasted from the example) generates a kubeconfig by combining the outputs of the cluster resource. I want to export the kubeconfig so I can use 
kubectl
against it, but it just prints out as 
[secret]
. Why?
here’s the code that generates the kubeconfig:
Copy code
export const kubeconfig = pulumi.
    all([ cluster.name, cluster.endpoint, cluster.masterAuth ]).
    apply(([ name, endpoint, masterAuth ]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });
b
pulumi stack output kubeconfig --show-secrets
m
hmm ok, thanks! but why is it a secret in the first place?
i dont think there’s anything secret in the inputs (cluster zone, name, endpoint, CA)
maybe 
masterAuth
is treated as a secret by pulumi? 🤷‍♂️
anyway, if you don’t know off the top of your head, doesn’t matter thanks for the tip!
7 Views
Open in Slack
PreviousNext
Powered by