Currently I am developing Infrastructure as Code (IaC) to deploy Amazon EKS using Pulumi with typescript. My CI/CD pipeline is set up with GitHub Actions.
Although I am able to create the EKS cluster smoothly through my pipeline, I am facing challenges in obtaining the resulting kubeconfig file seamlessly.
The commonly cited example suggests exporting the cluster.kubeconfig value and then running the stack output kubeconfig subcommand to retrieve the kubeconfig:
# code snippet
export const kubeconfig = cluster.kubeconfig;
# command
pulumi stack output kubeconfig > kubeconfig.yml
To work around this issue temporarily, I am creating the kubeconfig file in GitHub Actions and utilizing an aws s3 cli command to upload it to S3.
In my Pulumi IaC, I have already configured a private S3 bucket with KMS encryption and defined the kubeconfig output. Is there a way to directly push this output to my S3 bucket without these interim steps?
UPDATE1: After multiple attempts, here is my current approach:
const keksAdminBucket = new aws.s3.Bucket("keksAdminBucket", {acl: "private"});
const keksAdminBucketObject = new aws.s3.BucketObject("keksAdminBucketObject", {
key: "kubeconfig",
bucket: keksAdminBucket.id,
source: new pulumi.asset.StringAsset(String(cluster.kubeconfig)),
serverSideEncryption: "aws:kms",
});
However, implementing this method and its variations lead to errors like:
index.ts(45,42): error TS2345: Argument of type 'Output<any>' is not assignable to parameter of type 'string | Promise<string>'.
Type 'OutputInstance<any>' is not assignable to type 'string | Promise<string>'.
Type 'OutputInstance<any>' is missing properties such as 'then', 'catch', [Symbol.toStringTag], finally