Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secrets concepts page engineering review #11320

Closed
4 tasks done
Tracked by #11228
, #11197
...
toriancrane opened this issue Apr 22, 2024 · 2 comments · May be fixed by #11861
Closed
4 tasks done
Tracked by #11228
, #11197
...

Secrets concepts page engineering review #11320

toriancrane opened this issue Apr 22, 2024 · 2 comments · May be fixed by #11861
Assignees
@justinvp @toriancrane
Labels
area/docs Improvements or additions to documentation kind/enhancement Improvements or new features resolution/fixed This issue was fixed size/S Estimated effort to complete (1-2 days).
Milestone
0.104

Comments

@toriancrane
Copy link
Contributor

toriancrane commented Apr 22, 2024
edited by justinvp

Regarding the Secrets concept page:

  • Is the doc representative of the facts? Are the topics covered on the page accurate?
  • Are there features of this topic not covered in the guide? Is there anything missing?
  • Are there features listed in the guide that no longer exist?
  • Are we covering the right concepts and providing relevant use cases/ examples?
@toriancrane toriancrane mentioned this issue Apr 22, 2024
Open
@github-actions github-actions bot added the needs-triage Needs attention from the triage team label Apr 22, 2024
@toriancrane toriancrane added area/docs Improvements or additions to documentation size/S Estimated effort to complete (1-2 days). kind/enhancement Improvements or new features and removed needs-triage Needs attention from the triage team labels Apr 22, 2024
@toriancrane toriancrane added this to the 0.103 milestone Apr 22, 2024
@toriancrane toriancrane self-assigned this Apr 22, 2024
@toriancrane toriancrane modified the milestones: 0.103, 0.104 Apr 29, 2024
@justinvp
Copy link
Member

Some things that should be updated as I was reading through the page:

https://github.com/pulumi/pulumi-hugo/blob/ec2b6fed8fd7c58cc8d397ac1fed3f20ec170f79/themes/default/content/docs/concepts/secrets.md?plain=1#L82-L83

- Setting `configuration.${KEY}.Secret: true` when reading a value from the config.
- Calling `Fn::Secret` to construct a secret from an existing value.

Should be

- Setting `config.${KEY}.secret: true` when reading a value from the config.
- Calling `fn::secret` to construct a secret from an existing value.

https://github.com/pulumi/pulumi-hugo/blob/ec2b6fed8fd7c58cc8d397ac1fed3f20ec170f79/themes/default/content/docs/concepts/secrets.md?plain=1#L179-L181

configuration:
  mySecretValue:
    secret: true

Should be:

config:
  mySecretValue:
    type: string
    secret: true

https://github.com/pulumi/pulumi-hugo/blob/ec2b6fed8fd7c58cc8d397ac1fed3f20ec170f79/themes/default/content/docs/concepts/secrets.md?plain=1#L236

Similarly, if our program attempts to print the value of `dbPassword` to the console-either intentionally or accidentally-Pulumi will mask it out:

I don't know if we want to get into it at all, but it may be worth noting in a note that only config values marked as secrets are masking out. Marking a secret via pulumi.secret("foo") isn't going to mask out "foo" from log console output unless the value "foo" was also a secret config value. I've seen folks be confused over this.

https://github.com/pulumi/pulumi-hugo/blob/ec2b6fed8fd7c58cc8d397ac1fed3f20ec170f79/themes/default/content/docs/concepts/secrets.md?plain=1#L610

With Pulumi ESC, you can manage secrets wherever they live. [...]

Should we have "Pulumi ESC" link to a main page on ESC that explains what it actually is? Maybe https://www.pulumi.com/docs/concepts/environments/ ?

@toriancrane toriancrane linked a pull request May 18, 2024 that will close this issue
Update Secrets Concept Page #11861
Open
@pulumi-bot pulumi-bot reopened this May 18, 2024
@pulumi-bot
Copy link
Collaborator

Cannot close issue:

  • does not have required labels: resolution/

Please fix these problems and try again.

@github-actions github-actions bot added the needs-triage Needs attention from the triage team label May 18, 2024
@toriancrane toriancrane added resolution/fixed This issue was fixed and removed needs-triage Needs attention from the triage team labels May 18, 2024
@interurban interurban mentioned this issue May 28, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@justinvp justinvp

@toriancrane toriancrane

Labels
area/docs Improvements or additions to documentation kind/enhancement Improvements or new features resolution/fixed This issue was fixed size/S Estimated effort to complete (1-2 days).
Projects
Docs 📚
Status: 🏁 Done
Milestone
0.104
Development

Successfully merging a pull request may close this issue.

Update Secrets Concept Page pulumi/docs
3 participants
@justinvp @toriancrane @pulumi-bot