This message was deleted Pulumi Community #general

Join Slack

This message was deleted.

# general

sparse-intern-71089

04/30/2021, 8:27 PM

This message was deleted.

many-psychiatrist-74327

04/30/2021, 8:28 PM

here’s the code that generates the kubeconfig:

Copy code

export const kubeconfig = pulumi.
    all([ cluster.name, cluster.endpoint, cluster.masterAuth ]).
    apply(([ name, endpoint, masterAuth ]) => {
        const context = `${gcp.config.project}_${gcp.config.zone}_${name}`;
        return `apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: ${masterAuth.clusterCaCertificate}
    server: https://${endpoint}
  name: ${context}
contexts:
- context:
    cluster: ${context}
    user: ${context}
  name: ${context}
current-context: ${context}
kind: Config
preferences: {}
users:
- name: ${context}
  user:
    auth-provider:
      config:
        cmd-args: config config-helper --format=json
        cmd-path: gcloud
        expiry-key: '{.credential.token_expiry}'
        token-key: '{.credential.access_token}'
      name: gcp
`;
    });

billowy-army-68599

04/30/2021, 8:31 PM

pulumi stack output kubeconfig --show-secrets

many-psychiatrist-74327

04/30/2021, 8:35 PM

hmm ok, thanks! but why is it a secret in the first place?

many-psychiatrist-74327

04/30/2021, 8:36 PM

i dont think there’s anything secret in the inputs (cluster zone, name, endpoint, CA)

many-psychiatrist-74327

04/30/2021, 8:36 PM

maybe

masterAuth

is treated as a secret by pulumi? 🤷‍♂️

many-psychiatrist-74327

04/30/2021, 8:41 PM

anyway, if you don’t know off the top of your head, doesn’t matter thanks for the tip!

10 Views

Open in Slack

Previous Next