Hi, can anyone tell me if i’m doing something wron...
# kubernetes
Hi, can anyone tell me if i’m doing something wrong and point me to some docs? 🙏 Or it’s just not implemented? I’m trying to create service account API token:
Copy code
const secret = new k8s.core.v1.Secret("example", {
    metadata: {
        name: "example",
        annotations: {
            "<http://kubernetes.io/service-account.name|kubernetes.io/service-account.name>": "default",
    type: "<http://kubernetes.io/service-account-token|kubernetes.io/service-account-token>",
which works. But now how do I get the token since data is undefined?
secret.data.apply(v => v["token"]);
i’m really new to pulumi but it looks like we’d need some awaiter for that or similar stuff? Or am just missing something simple? :D
Can I ask, why do you need the token?
Hey, ofc. I have couple use-cases for multi-cluster deployments as described for example here: https://istio.io/latest/docs/setup/install/multicluster/multi-primary/#enable-endpoint-discovery or here: https://docs.solo.io/gloo-edge/master/guides/gloo_federation/cluster_registration/ I hope I am not abusing pulumi to do that 😅
Interesting use case. There's not really a nice way to handle that with Pulumi specific code - because there's no guarantees when the token will be added / the secret created. You can add a generic Kubernetes client and add a reflector though?
there’s no guarantees when the token will be added
actually, it’s immediate so it’s enough to fetch resource from API - for example this works in terraform because they always read created resource😅 So i was wondering if it’s possible to do some refresh or something similar also here. But yeah, gonna give a shot to kube client. Thank you :)
You should be able to run a
pulumi refresh
after the creation, but I can’t think of a way to do this in one step currently. Here’s the issue tracking this class of problems: https://github.com/pulumi/pulumi-kubernetes/issues/1260
👀 1