https://pulumi.com logo
Join Slack
Powered by
This message was deleted.
# general
s
This message was deleted.
e
So internally stack outputs are all basically just JSON blobs (the "4dabf18193072939515e22adb298388d" is pulumi encoding that it's a special JSON blob) so we lose all the typing information between stacks, which is why 
requireOutput
just returns an 
Output<any>
. But I think you should be able to type this as an 
Output<string[]>
a
The issue here isn’t that the type information is lost - it’s that an output exported as
Copy code
export data = ["some-string"]
Is being imported as
Copy code
const data = stack.requireOutput("data");

console.log(data) // {string: "...", value: ["some-string"]}
Whereas the expected value of data should be 
["some-string"]
e
That's because it's secret
q
So. Does that mean that for secrets we cannot convey the type information from stack A to stack B when using stack references?
What would be the right way to pass this kind of secret from one stack to another to avoid this:
Copy code
type a_type = {string: string, "value": [string]};
a as unknown as pulumi.Output<a_type>;
e
Does that mean that for secrets we cannot convey the type information from stack A to stack B when using stack references?
As above we never get type information across stacks, its all just untyped JSON.
What would be the right way to pass this kind of secret from one stack to another to avoid this:
Output<string[]> should work here, if it's not that's a n SDK bug that we should go and look into.
a
That’s because it’s secret
I don’t understand why this makes any difference. I have never seen this behaviour when exporting any other kind of secret data, even other datatypes that are 
string[]
- this is as if the JSON representation is getting transformed. Seems like a bug to me..
And the data itself being exported is correct as when we run 
pulumi stack output
then it’s correct. Why would pulumi modify this on the consuming stack?
As above we never get type information across stacks, its all just untyped JSON.
I don’t think Kari is referring to the TypeScript type here - but rather the underlying structure of the data. I.e we don’t care that the output is Typed (in TS) as 
Output<any>
but that the data itself is being mutated when compared to how it is exported from the source stack
q
Yep. That's what I meant - sorry, English is not my native language.
e
but that the data itself is being mutated when compared to how it is exported from the source stack
That is by design when the value is secret. As I said under the hood this just a JSON blob so there needs to be some way to indicate what bits are secret, that's done by wrapping the value in an object with the special key "4dabf18193072939515e22adb298388d" and value "1b47061264138c4ac30d75fd1eb44270". What's not by design is that your seeing that mutation, the SDK layer should have picked that up and translated it into a Output<string[]>.
I'm gonna check we've got tests for this and see if I can repro
a
Thanks 🙏 Let us know if you need anything to help reproduce
e
hmm yeh I'm not having any luck reproducing this, if you can throw something minimal in a gist or something and send us an issue (github.com/pulumi/pulumi/issues) I'll have another look
160 Views
Open in Slack
PreviousNext
Powered by