search

pulumi / esc

Pulumi ESC is a centralized, secure service for environments, secrets, and configuration management, optimized for multi-cloud infrastructures and applications.
https://www.pulumi.com/product/esc/
Apache License 2.0
225 stars 9 forks source link

Error when enabling 1Password as a Provider #294

Open dalssaso opened 7 months ago

dalssaso commented 7 months ago

What happened?

I followed the documentation as mentioned here: https://www.pulumi.com/docs/esc/providers/1password-secrets/ to enable the 1Password Provider into Pulumi ESC.

I created a new environment via the UI and called it home as i'm managing my homelab with it.

In this environment I setup the the integration (more in the example below) and I got the following error when trying to open the Environment via the UI

home:4:7 - values["1password"].secrets:
        Error: error creating client

CleanShot 2024-04-24 at 01 30 24

Example

Here's the environment config

values:
  1password:
    secrets:
      fn::open::1password-secrets:
        login:
          serviceAccountToken:
            fn::secret: "op_asdf"
        get:
          personal-public-key:
            ref: "op://Infrastructure/SSH - Personal/public key"

Output of pulumi about

Version      3.113.1
Go Version   go1.22.2
Go Compiler  gc

Plugins
NAME       VERSION
go         unknown
proxmoxve  5.10.0

Host
OS       darwin
Version  14.2.1
Arch     arm64

This project is written in go: executable='/Users/henrique.dalssaso/.asdf/installs/golang/1.21.3/go/bin/go' version='go version go1.21.3 darwin/arm64'

Current Stack: dalssaso/setup-proxmox/home

Found no resources associated with home

Found no pending operations associated with home

Backend
Name           pulumi.com
URL            https://app.pulumi.com/dalssaso
User           dalssaso
Organizations  dalssaso
Token type     personal

Dependencies:
NAME                                         VERSION
github.com/muhlba91/pulumi-proxmoxve/sdk/v5  v5.10.0
github.com/pulumi/pulumi/sdk/v3              v3.76.1
github.com/ryanwholey/go-pihole              v0.0.4

Pulumi locates its logs in /var/folders/8g/b590qbh52gzdc_b1qn39hk340000gp/T/ by default
❯ esc version
v0.8.3

Additional context

No response

Contributing

No response

pgavlin commented 6 months ago

Generally that error indicates that the provided service account token is invalid. We need to do a better job of surfacing that error. Have you checked to ensure that your service account credentials are valid?

pavelbinar commented 4 months ago

Hi, I had a similar issue related to the use of an SSH “file.” I saved the “file” in 1Password and referenced it. I was unable to load this file into the ECS configuration until I saved the content of the file as a text field in 1Password.

seanyeh commented 3 months ago

@pavelbinar We rely on the official 1password go sdk, which as of now does not yet support "SSH public keys, fingerprint and key type". Once that gets supported we will make sure that it works in ESC.