Channels
#getting-started
Title
# getting-started
w
witty-vegetable-61961
02/02/2022, 7:43 PMhi guys, an obvious questionbut in a pulumi program where do i put environment specific data? eg a web app name which is different in dev, test, uat, prd. do these go in the pulumi yaml files ie pulumi.dev.yaml?
l
little-cartoon-10569
02/02/2022, 8:04 PMYes, if the relationship is stack = environment, then the Pulumi stack file is perfect.
e
echoing-dinner-19531
02/02/2022, 8:20 PMWe do have a couple of issues about how best to handle environment data https://github.com/pulumi/pulumi/issues/8402 and https://github.com/pulumi/pulumi/issues/7048.
f
freezing-van-87649
02/02/2022, 9:12 PMone possible alternative is stack/environment specific config object in your language of choice
In python I've got a dict of stack name -> stack config objects that I call at the entrypoint
w
witty-vegetable-61961
02/02/2022, 10:30 PMyeah relationship in my case is stack = environment. Just straightforward dev, tst, stg, prd etc. I guess I can store config variables in a stack and then get those through the language I use (this is documented)?
e
echoing-dinner-19531
02/02/2022, 10:38 PMw
witty-vegetable-61961
02/02/2022, 10:47 PMah yes, just what i saw. ok that makes sense. one last question. I provisioned my pulumi program, specifically to create Auth0 resources. In order for that to happen, I created auth0 config variables (client secret, etc). In my Pulumi program, these exist in the yaml file. Can I remove them from the yaml file? as theyre plaintext.
for the above question, i can put the variables as system environment variables on my machine. the bit im confused about is does any config variable defined in my stack need to be in yaml file too?
m
miniature-musician-31262
02/02/2022, 11:29 PM@witty-vegetable-61961 If you want to use the Pulumi Config API, then yes, they’ll need to be in your Pulumi.stackname.yaml file. If you’d rather access them from your program as environment variables, you should be able to do that through your language’s built-in facilities (e.g.,
process.env.SOME_VAR--secretIt’s considered safe to check these values into source control as well.
w
witty-vegetable-61961
02/02/2022, 11:33 PMthats hepful cnunciato, let me re-review. in that case, i will use config variables and chck in cipher text. That will be the most straightforward way, nice and easy!
m
miniature-musician-31262
02/02/2022, 11:38 PMAwesome, sounds good! I generally think so too. 🙂
a
agreeable-eye-87399
02/03/2022, 3:28 AMFun fact - I did a livestream with pulumi/Auth0 a few weeks ago, and it included adding auth0 secrets to the stack config as encrypted values :)
w
witty-vegetable-61961
02/03/2022, 4:31 PMThanks Matt! @miniature-musician-31262 you said "they’ll need to be in your Pulumi.stackname.yaml file". Presumably this is a manual process for a program already made. How would I still get the encrypted value? (I'll check that vid tonight).
m
miniature-musician-31262
02/03/2022, 6:11 PMIt’d be “manual” in that you’d run
pulumi config set someKey someSecretValue --secret Copy code
const config = new pulumi.Config();
const mySecret = config.requireSecret("someKey");mySecretAnd when you read the value into the program with
requireSecretmySecretw
witty-vegetable-61961
02/03/2022, 8:45 PM@miniature-musician-31262 that all makes sense. I should clarify my question - what I was wondering is if the pulumi config command creates the addition in the yaml file as well as the pulumi UI. The former I am not sure about. I ran the config command but i am not seeing any change in pulumi. going to troubleshoot...
m
miniature-musician-31262
02/03/2022, 8:53 PMYes, there’s a nuance here, you’re right:
pulumi config setYeah, I’m not finding it — which is doubly frustrating because I’m pretty sure I wrote it! Will post back here if I do. But that’s basically how it works — you can
pulumi config setpulumi upw
witty-vegetable-61961
02/03/2022, 9:25 PMah gotcha! and just to be sure, pulumi up will also add the addition to the config file? i will get my pulumi program in order and do an up.
l
little-cartoon-10569
02/03/2022, 9:27 PMpulumi config setYou should be able to find changes that various tools make to your files by using
git statusgit diffw
witty-vegetable-61961
02/03/2022, 10:34 PMsorted it, was in the wrong stack! i have a stack called dev and one called organisationname/dev. The ui only lists the dev stack however. How do I see the other stack in the ui?
I made some amendments to my code, used standard c# constructs like loops etc. In seconds created myself a bunch of apps in Auth0! Really like Pulumi! I will treat this program as a learning curve I think and make a new one with everything I've learnt above. Thanks guys!
🍻 2
l
little-cartoon-10569
02/03/2022, 11:15 PMThe organisationname/dev stack is probably in your org account and the dev one is in your personal. There's a dropdown at the top of the page to switch.
w
witty-vegetable-61961
02/03/2022, 11:18 PMah yes i saw that! ok thanks for that tip. ive deleted the program, will recreate and check.
ok so recreatd my program. I get this error: error: could not validate provider configuration: 1 error occurred:
* : invalid or unknown key: test
when i have created a config variable.
l
little-cartoon-10569
02/03/2022, 11:49 PMWithout code, it didn't happen... 😉
w
witty-vegetable-61961
02/03/2022, 11:49 PMha, i ran this command: pulumi config set test XXXXXXXXXXXXXX
and then do a pulumi up.
e
echoing-dinner-19531
02/03/2022, 11:51 PMYour code needs to look up the config value with the key "<project-name>:test"
w
witty-vegetable-61961
02/03/2022, 11:52 PMyup, just got it sorted. seems to work now.
all good now. thanks guys. this has been very educational, i understand the pulumi workflow quite well and enough to write production ready code. liking it!
👍 3
4 Views