const stack = await LocalWorkspace.createStack({

stackName,

projectName,

program: createPulumiProgram(stackName),

},{

projectSettings: {

name: projectName,

runtime: 'nodejs',

description: projectName,

backend: {

url: 'azblob://***********'

},

},

stackSettings: {

[stackName]: {

secretsProvider: 'azurekeyvault://********.<http://vault.azure.net/keys/********|vault.azure.net/keys/********>',

config: {

"azure:location": Constants.AZURE_CONFIG.location,

"azure:environment": Constants.AZURE_CONFIG.environment,

"azure:clientId": Constants.AZURE_CONFIG.clientId,

"azure:clientSecret": { secret: Constants.AZURE_CONFIG.clientSecret },

"azure:subscriptionId": Constants.AZURE_CONFIG.subscriptionId,

"azure:tenantId": Constants.AZURE_CONFIG.tenantId,

}

},

},

envVars: {

"AZURE_STORAGE_KEY": "******",

"AZURE_STORAGE_ACCOUNT": "**********",

"AZURE_KEYVAULT_AUTH_VIA_CLI": "false",

},

});

Error is as follows, CommandError: code: 255 stdout: Created stack 'statictest' stderr: error: passphrase must be set with PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE environment variables err?: at Object.createCommandError (/Users/veerasamy001/Projects/3Labs/cloud-self-service-portal/node_modules/@pulumi/pulumi/automation/errors.js:71:17) at ChildProcess.<anonymous> (/Users/veerasamy001/Projects/3Labs/cloud-self-service-portal/node_modules/@pulumi/pulumi/automation/cmd.js:63:40) at ChildProcess.emit (node:events:378:20) at Process.ChildProcess._handle.onexit (node:internal/child_process:290:12) { commandResult: CommandResult { stdout: "Created stack 'statictest'\n", stderr: '*error: passphrase must be set with PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE environment variables*\n', code: 255, err: undefined } } I am actually facing the above issue even though I have emvironment variables for Azure Blob storage. Any help would be much appreciated.

It looks like you’re missing the top-level secretsProvider setting. See this thread for more details: https://pulumi-community.slack.com/archives/C019YSXN04B/p1620424551253500?thread_ts=1620350166.244800&amp;cid=C019YSXN04B

Thanks for the suggestion first of all but got the issue

stderr: "error: open keeper <azurekeyvault://hi3g-kv-demo-pulumi-3se.vault.azure.net/keys/pulumi-encryption-key>: failed to Dial default KeyVault: Invoking Azure CLI failed with the following error: ERROR: Please run 'az login' to setup account.\n" +

this time. @red-match-15116 Any suggestions?

Hmm yeah unfortunately I don’t have much azure-specific knowledge.

Oh I see! Is this somehow related to this https://github.com/pulumi/pulumi/issues/6597?

Possibly, although it seems that you are setting the

AZURE_KEYVAULT_AUTH_VIA_CLI

env var and it’s still not working - and that seemed to work in that specific bug report