This message was deleted.
# general
s
This message was deleted.
v
Hello team - Any insights into this?
b
Running
pulumi login
generates an access token. You can also generate an access token from the Pulumi console, under the Settings for that account. Then set it as an environment variable called
PULUMI_ACCESS_TOKEN
c
no, you don't have to run
login
or set an access token. If you are using AWS KMS to encrypt secrets and an AWS S3 bucket to store state, I got this to work
Copy code
secrets_provider = f"awskms://{kms_key_id}"
    <http://logger.info|logger.info>(f"Stack is: {fully_qualified_stack_name}")
    project_runtime_info = ProjectRuntimeInfo(  # Eli (2/11/21) - I have no idea what this does or if it is necessary
        name="python", options={"virtualenv": "venv"}
    )
    backend_url = f"s3://{backend_bucket}/REDACTED/{GITLAB_WORKLOAD_NAME}/{GITLAB_PROJECT_NAME}"

    project_backend = ProjectBackend(url=backend_url)
    project_settings = ProjectSettings(
        name=project_name, runtime=project_runtime_info, backend=project_backend
    )
    stack_settings = StackSettings(
        secrets_provider=secrets_provider,
        config=stack_config,
    )
    workspace_options = LocalWorkspaceOptions(
        secrets_provider=secrets_provider,  # Eli (2/11/22): since secrets_provider is already given in the ProjectSettings, I don't know if it's needed in both places or if just one spot would be better. Unclear at the moment
        project_settings=project_settings,
        stack_settings={stack_name: stack_settings},
    )

    stack = create_or_select_stack(
        stack_name,
        project_name=project_name,
        program=pulumi_program,
        opts=workspace_options,
    )