Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Registry auth shows changes on every run #952

Open
jtmarmon opened this issue Jan 19, 2024 · 5 comments · May be fixed by #986
Open

Registry auth shows changes on every run #952

jtmarmon opened this issue Jan 19, 2024 · 5 comments · May be fixed by #986
Labels
area/auth area/config area/diff awaiting-upstream The issue cannot be resolved without action in another repository (may be owned by Pulumi). impact/usability Something that impacts users' ability to use the product easily and intuitively kind/enhancement Improvements or new features

Comments

@jtmarmon
Copy link

Hello!

  • Vote on this issue by adding a 👍 reaction
  • If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

Related to #498

We use AWS ECS with the pulumi docker provider like so:

const creds = aws.ecr.getAuthorizationToken({
  registryId: accountId,
})

export const dockerProvider = new docker.Provider("docker-provider", {
  registryAuth: [
    {
      username: creds.apply((c) => c.userName),
      password: creds.apply((c) => c.password),
      address: creds.apply((c) => c.proxyEndpoint),
    },
  ],
});

Because the password changes every time, and the entire registryAuth object is a secret, pulumi up shows a change on every run. Not sure if there's a way to work around this, but it would be great to be able to ignore the password changes (which is what I believe is actually changing each time, where the address and username are static)

@jtmarmon jtmarmon added kind/enhancement Improvements or new features needs-triage Needs attention from the triage team labels Jan 19, 2024
@mjeffryes mjeffryes added area/docs Improvements or additions to documentation area/config area/diff impact/usability Something that impacts users' ability to use the product easily and intuitively and removed needs-triage Needs attention from the triage team labels Jan 20, 2024
@jtmarmon
Copy link
Author

Hey @mjeffryes - I see this got tagged area/docs - is this a user error that I can easily fix somehow?

@mjeffryes mjeffryes added area/auth and removed area/docs Improvements or additions to documentation labels Feb 8, 2024
@mjeffryes
Copy link
Member

alas, no, I just fat fingered the labels

@blampe blampe linked a pull request Feb 9, 2024 that will close this issue
@blampe blampe added the blocked The issue cannot be resolved without 3rd party action. label Apr 30, 2024
@blampe
Copy link
Contributor

blampe commented Apr 30, 2024

@jtmarmon for what it's worth, if your use case is limited to only building images the new docker-build provider doesn't have this problem.

@jtmarmon
Copy link
Author

Thanks @blampe - in our case it's for fetching the latest image sha for setting the docker image on our K8s deployments using getRegistryImage so I think we'd have to stick with the docker provider

@mjeffryes mjeffryes added awaiting-upstream The issue cannot be resolved without action in another repository (may be owned by Pulumi). and removed blocked The issue cannot be resolved without 3rd party action. labels Jul 3, 2024
@flostadler
Copy link

Depends on pulumi/pulumi#17667.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/auth area/config area/diff awaiting-upstream The issue cannot be resolved without action in another repository (may be owned by Pulumi). impact/usability Something that impacts users' ability to use the product easily and intuitively kind/enhancement Improvements or new features
Projects
None yet
4 participants