maxmustermann/pulumi

1843 commits 380 branches 480 tags 70 MiB

Author SHA1 Message Date

Author	SHA1	Message	Date
Matt Ellis	3f1197ef84	Move .pulumi to root of a repository Now, instead of having a .pulumi folder next to each project, we have a single .pulumi folder in the root of the repository. This is created by running `pulumi init`. When run in a git repository, `pulumi init` will place the .pulumi file next to the .git folder, so it can be shared across all projects in a repository. When not in a git repository, it will be created in the current working directory. We also start tracking information about the repository itself, in a new `repo.json` file stored in the root of the .pulumi folder. The information we track are "owner" and "name" which map to information we use on pulumi.com. When run in a git repository with a remote named origin pointing to a GitHub project, we compute the owner and name by deconstructing information from the remote's URL. Otherwise, we just use the current user's username and the name of the current working directory as the owner and name, respectively.	2017-10-27 11:46:21 -07:00
Matt Ellis	ade366544e	Encrypt secrets in Pulumi.yaml We now encrypt secrets at rest based on a key derived from a user suplied passphrase. The system is designed in a way such that we should be able to have a different decrypter (either using a local key or some remote service in the Pulumi.com case in the future). Care is taken to ensure that we do not leak decrypted secrets into the "info" section of the checkpoint file (since we currently store the config there). In addtion, secrets are "pay for play", a passphrase is only needed when dealing with a value that's encrypted. If secure config values are not used, `pulumi` will never prompt you for a passphrase. Otherwise, we only prompt if we know we are going to need to decrypt the value. For example, `pulumi config <key>` only prompts if `<key>` is encrypted and `pulumi deploy` and friends only prompt if you are targeting a stack that has secure configuration assoicated with it. Secure values show up as unecrypted config values inside the language hosts and providers.	2017-10-24 16:48:12 -07:00
Matt Ellis	22c9e0471c	Use `Stack` over `Environment` to describe a deployment target Previously we used the word "Environment" as the term for a deployment target, but since then we've started to use the term Stack. Adopt this across the CLI. From a user's point of view, there are a few changes: 1. The `env` verb has been renamed to `stack` 2. The `-e` and `--env` options to commands which operate on an environment now take `-s` or `--stack` instead. 3. Becase of (2), the commands that used `-s` to display a summary now only support passing the full option name (`--summary`). On the local file system, we still store checkpoint data in the `env` sub-folder under `.pulumi` (so we can reuse existing checkpoint files that were written to the old folder)	2017-10-16 13:04:20 -07:00

Matt Ellis

3f1197ef84

Move .pulumi to root of a repository

Now, instead of having a .pulumi folder next to each project, we have
a single .pulumi folder in the root of the repository. This is created
by running `pulumi init`.

When run in a git repository, `pulumi init` will place the .pulumi
file next to the .git folder, so it can be shared across all projects
in a repository. When not in a git repository, it will be created in
the current working directory.

We also start tracking information about the repository itself, in a
new `repo.json` file stored in the root of the .pulumi folder. The
information we track are "owner" and "name" which map to information
we use on pulumi.com.

When run in a git repository with a remote named origin pointing to a
GitHub project, we compute the owner and name by deconstructing
information from the remote's URL. Otherwise, we just use the current
user's username and the name of the current working directory as the
owner and name, respectively.

2017-10-27 11:46:21 -07:00

Matt Ellis

ade366544e

Encrypt secrets in Pulumi.yaml

We now encrypt secrets at rest based on a key derived from a user
suplied passphrase.

The system is designed in a way such that we should be able to have a
different decrypter (either using a local key or some remote service
in the Pulumi.com case in the future).

Care is taken to ensure that we do not leak decrypted secrets into the
"info" section of the checkpoint file (since we currently store the
config there).

In addtion, secrets are "pay for play", a passphrase is only needed
when dealing with a value that's encrypted. If secure config values
are not used, `pulumi` will never prompt you for a
passphrase. Otherwise, we only prompt if we know we are going to need
to decrypt the value. For example, `pulumi config <key>` only prompts
if `<key>` is encrypted and `pulumi deploy` and friends only prompt if
you are targeting a stack that has secure configuration assoicated
with it.

Secure values show up as unecrypted config values inside the language
hosts and providers.

2017-10-24 16:48:12 -07:00

Matt Ellis

22c9e0471c

Use Stack over Environment to describe a deployment target

Previously we used the word "Environment" as the term for a deployment
target, but since then we've started to use the term Stack. Adopt this
across the CLI.

From a user's point of view, there are a few changes:

1. The `env` verb has been renamed to `stack`
2. The `-e` and `--env` options to commands which operate on an
environment now take `-s` or `--stack` instead.
3. Becase of (2), the commands that used `-s` to display a summary now
only support passing the full option name (`--summary`).

On the local file system, we still store checkpoint data in the `env`
sub-folder under `.pulumi` (so we can reuse existing checkpoint files
that were written to the old folder)

2017-10-16 13:04:20 -07:00

Renamed from cmd/env_ls.go (Browse further)

3 commits