Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
package-authoring
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
c
colossal-plastic-46140
11/08/2019, 3:20 PMHi Folks, I am working on some code to generate what a stack config would look like(for easy importing into pulumi), is it possible to get what the salt/encryption method would be outside of a pulumi program? This way I could import secret configs out of band
w
white-balloon-205
11/08/2019, 3:39 PMAre these secrets encrypted with the passphrase encryption (default for local backend) or the Pulumi service encryption (default for Pulumi service backend)?
If the former, it is possible you could recreate the same encryption used in the Pulumi CLI sources. If the latter, you may be able to use the Pulumi service REST API (not yet documented, but stable for use from old CLIs).
c
colossal-plastic-46140
11/08/2019, 3:43 PMthis is a local backend currently
w
white-balloon-205
11/08/2019, 4:07 PMYou can see the current encryption algorithms for passphrase encryption at https://github.com/pulumi/pulumi/blob/master/pkg/resource/config/crypt.go.
c
colossal-plastic-46140
11/08/2019, 4:26 PM👍