Hello!
- Vote on this issue by adding a 👍 reaction
- If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Issue details
I find it very hard to translate my Pulumi.stack.yaml into Stack spec.config... Well, the configuration works perfectly fine but my original stack config has secrets inside, like this:
cat Pulumi.stack.yaml
encryptionsalt: v1:something==
config:
deploy-cluster:config:
openstack:
cloud:
OS_APPLICATION_CREDENTIAL_ID:
secure: snip
OS_AUTH_URL: https://keystone.url:5000/v3/
cluster:
availability_zone: DC1
...and this is where the problems start...
Can there please be some more examples or documentation?
Working with the secretsRef did NOT work correctly for me. I have trouble with setting the correct key. It does not seem possible to merge the secrets into the configuration this way?
secretsRef:
deploy-cluster:config:openstack.cloud.OS_APPLICATION_CREDENTIAL_ID:
type: Secret
secret:
name: stack-secrets
key: secret_key
i resorted into not using the spec.config and putting the stack file into the repo for now. From the Stack CRD documentation: "If this is omitted, configuration is assumed to be checked in and taken from the source repository."
Affected area/feature
Secrets handling
Hello!
Issue details
I find it very hard to translate my Pulumi.stack.yaml into Stack spec.config... Well, the configuration works perfectly fine but my original stack config has secrets inside, like this:
...and this is where the problems start...
Can there please be some more examples or documentation?
Working with the secretsRef did NOT work correctly for me. I have trouble with setting the correct key. It does not seem possible to merge the secrets into the configuration this way?
i resorted into not using the spec.config and putting the stack file into the repo for now. From the Stack CRD documentation: "If this is omitted, configuration is assumed to be checked in and taken from the source repository."
Affected area/feature
Secrets handling