This message was deleted Pulumi Community #general

Join Slack

This message was deleted.

# general

sparse-intern-71089

03/15/2022, 7:59 AM

This message was deleted.

adorable-gpu-98268

03/15/2022, 8:10 AM

I relied on this information here to configure the provider: https://www.pulumi.com/registry/packages/docker/installation-configuration/#configuring-the-provider Maybe that’s not enough and I have to provide the credentials directly to pulumi?

adorable-gpu-98268

03/15/2022, 8:43 AM

So, I got it to work using a

new docker.Provider

and passing

username

and

password

explicitly. However: These are then plaintext in my pulumi state! I don’t think this is an acceptable solution. Is there any way to have the credentials external to the pulumi state?

witty-candle-66007

03/15/2022, 3:10 PM

If you use Pulumi’s config secrets management the credentials will not be in clear text. For example, I can set config values as follows:

Copy code

pulumi config set dockerUsername --secret
pulumi config set dockerPassword --secret

And then use those values in my program as such:

Copy code

const config = new Config()

const dockerProvider = new docker.Provider("dockprovider", {
  registryAuth: [{
    address: "<https://index.docker.io/v1>",
    password: config.requireSecret("dockerPassword"),
    username: config.requireSecret("dockerUsername"),

  }]
})

adorable-gpu-98268

03/15/2022, 3:13 PM

Thanks, though I don’t really feel it should be there at all. The ECR token anyway will only be valid for some hours, so would I get a state change on each update? I’d prefer something that externally configures the credentials and pulumi just assumes that it’ll work.

4 Views

Open in Slack

Previous Next