i'd like to generate random passwords -> store ...
# kubernetess
square-car-84996
02/07/2022, 2:53 AMi'd like to generate random passwords -> store in a kubernetes secret -> and read those in subsequent
pulumi upk8s.core.v1.Secret.geth
high-grass-3103
02/07/2022, 7:14 AMI use @pulumi.random with keeper param
q
quiet-wolf-18467
02/07/2022, 8:07 AM
Can you share your code? Are you including the namespace in the resource name?
s
square-car-84996
02/07/2022, 1:56 PM@quiet-wolf-18467 - the issue is the .get() fails on an initial run... my hope is to create the secret if it doesn't exist, or get it (and the contents as outputs) if it does, and reuse the contents. Essentially using kubernetes secrets as pulumi secrets, but with the added step of creating the random values if it doesn't
square-car-84996
02/07/2022, 1:58 PM@high-grass-3103 - i will look into the random.RandomPassword w/ keepers, but i was hoping to not have the RNG seeded with anything so the only way to know the password is to have access to the k8s secret.
q
quiet-wolf-18467
02/07/2022, 1:59 PM
@square-car-84996 The query API might be better suited for that: https://www.pulumi.com/blog/query-kubernetes/
quiet-wolf-18467
02/07/2022, 2:00 PM
but IMO, that workflow seems dangerous. I'd probably use
pulumi imports
square-car-84996
02/07/2022, 3:50 PM@quiet-wolf-18467 - it would ideally be initially created by pulumi... i just want the ability to pull existing values (if they exist) and create them if they don't.
square-car-84996
02/07/2022, 3:51 PMi will look into the Query API
square-car-84996
02/07/2022, 4:25 PMthe query api looks pretty simple... much easier than the standard APIs i use for various k8s automations
96 Views