Add a "strict mode" configuration option #2425
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The Kubernetes provider selects a target cluster based on information in a `kubeconfig` file, which contains one or more context settings. If these options are not explicitly specified in a Pulumi stack, the provider will attempt to load ambient configuration similarly to most Kubernetes CLI tooling. While this behavior makes it easier to get started quickly, it is not always desirable in production stacks. In "strict mode", the default Kubernetes provider is disabled, and the `kubeconfig` and `context` settings are required for Provider configuration. These settings unambiguously ensure that every Kubernetes resource is associated with a particular cluster. These options are already available individually, but "strict mode" makes it more convenient to enforce across a project or stack.
|
I realized that this is fine since the Provider is expected to fail before it connects to the cluster anyway. |
Does the PR have any schema changes?Looking good! No breaking changes found. |
lblackstone
force-pushed
the
lblackstone/strict-mode
branch
from
7f78a35
to
1528c26
Compare
kpitzen
reviewed
May 24, 2023
kpitzen
approved these changes
May 24, 2023
rquitales
reviewed
May 24, 2023
rquitales
reviewed
May 24, 2023
rquitales
approved these changes
May 24, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed changes
The Kubernetes provider selects a target cluster based on information in a
kubeconfigfile, which contains one or more context settings. If these options are not explicitly specified in a Pulumi stack, the provider will attempt to load ambient configuration similarly to most Kubernetes CLI tooling. While this behavior makes it easier to get started quickly, it is not always desirable in production stacks.In "strict mode", the default Kubernetes provider is disabled, and the
kubeconfigandcontextsettings are required for Provider configuration. These settings unambiguously ensure that every Kubernetes resource is associated with a particular cluster.These options are already available individually, but "strict mode" makes it more convenient to enforce across a project or stack.
Related issues (optional)
Fix #2423