Eron Wright

icon indicating a website link https://www.linkedin.com/in/eronwright icon indicating an email [email protected]

icon location Portland icon location Developer at Pulumi, focusing on Kubernetes support.

Results 247 comments of Eron Wright

Abilities to skip install dependencies

Sounds like we need a flag in the workspace template to tell the system to skip running `pulumi install`. I was of the impression that the install command was harmless...

Document mocking capabilities for v4 Helm Chart

Here's a revised example that shows how to provide fake children, to be able to exercise more of a complex resource graph. In this example, the code to be tested...

Document mocking capabilities for v4 Helm Chart

I posted a PR to add an example to the examples repository.

Resource Ids should be compared case-insensitively

Some interesting links: - https://github.com/hashicorp/terraform-provider-azurerm/tree/main/internal/tools/generator-resource-id - https://github.com/hashicorp/go-azure-helpers/tree/main/resourcemanager/commonids

Use audience-scoped access token

A positive side-effect of this would be that, in a dev environment, there'll be no need to provision a long-lived service account token for the operator.

Use audience-scoped access token

An example token: ```json { "aud": [ "random-yaml-workspace.default" ], "exp": 1739306657, "iat": 1739303057, "iss": "https://kubernetes.default.svc.cluster.local", "jti": "190a47cf-8963-44b4-b77c-18ece58bc4af", "kubernetes.io": { "namespace": "pulumi-kubernetes-operator", "serviceaccount": { "name": "controller-manager", "uid": "f48ad504-695a-4775-ba52-d66cd7ffdbb8" } }, "nbf":...

Deploy a stack using STS tokens instead of fixed credentials to access aws resource

With PKO v2, the architecture has changed in a way that mostly addresses this issue. Each stack now has a dedicated pod and associated Kubernetes service account. One may also...

Add the `transformations` parameter to `v4.Chart`

Meanwhile here's some examples using Pulumi transforms: https://www.pulumi.com/blog/kubernetes-chart-v4/#new-style-pulumi-transformations

Add support for Azure Pipelines credential

Unfortunately #4242 will not address this issue, which I read as a feature request for the Azure DevOps Pipeline OIDC authentication method, akin to this: - https://github.com/hashicorp/go-azure-sdk/pull/1139 - https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/service_principal_oidc

Add support for Azure Pipelines credential

@AndreasMWalter a new release of azure-native (3.8) is out with support for a new mode called DefaultAzureCredential. https://www.pulumi.com/blog/azure-native-defaultazurecredential-and-private-cloud/ I'm wondering whether DefaultAzureCredential would be effective here.