make build_sdks

sdk/dotnet/AppRole/AuthBackendRoleSecretId.cs

@@ -161,7 +161,7 @@ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions?
                 Version = Utilities.Version,
                 Aliases =
                 {
-                    new global::Pulumi.Alias { Type = "vault:appRole/authBackendRoleSecretID:AuthBackendRoleSecretID"},
+                    new global::Pulumi.Alias { Type = "vault:appRole/authBackendRoleSecretID:AuthBackendRoleSecretID" },
                 },
                 AdditionalSecretOutputs =
                 {

sdk/nodejs/certAuthBackendRole.ts

@@ -19,7 +19,7 @@ import * as utilities from "./utilities";
  *     type: "cert",
  * });
  * const certCertAuthBackendRole = new vault.CertAuthBackendRole("certCertAuthBackendRole", {
- *     certificate: fs.readFileSync("/path/to/certs/ca-cert.pem"),
+ *     certificate: fs.readFileSync("/path/to/certs/ca-cert.pem", "utf8"),
  *     backend: certAuthBackend.path,
  *     allowedNames: [
  *         "foo.example.org",

sdk/nodejs/gcp/authBackend.ts

@@ -17,7 +17,7 @@ import * as utilities from "../utilities";
  * import * as vault from "@pulumi/vault";
  *
  * const gcp = new vault.gcp.AuthBackend("gcp", {
- *     credentials: fs.readFileSync("vault-gcp-credentials.json"),
+ *     credentials: fs.readFileSync("vault-gcp-credentials.json", "utf8"),
  *     customEndpoint: {
  *         api: "www.googleapis.com",
  *         iam: "iam.googleapis.com",

sdk/nodejs/gcp/secretBackend.ts

@@ -12,7 +12,7 @@ import * as utilities from "../utilities";
  * import * as fs from "fs";
  * import * as vault from "@pulumi/vault";
  *
- * const gcp = new vault.gcp.SecretBackend("gcp", {credentials: fs.readFileSync("credentials.json")});
+ * const gcp = new vault.gcp.SecretBackend("gcp", {credentials: fs.readFileSync("credentials.json", "utf8")});
  * ```
  */
 export class SecretBackend extends pulumi.CustomResource {

sdk/nodejs/gcp/secretImpersonatedAccount.ts

@@ -21,7 +21,7 @@ import * as utilities from "../utilities";
  * const _this = new gcp.serviceaccount.Account("this", {accountId: "my-awesome-account"});
  * const gcp = new vault.gcp.SecretBackend("gcp", {
  *     path: "gcp",
- *     credentials: fs.readFileSync("credentials.json"),
+ *     credentials: fs.readFileSync("credentials.json", "utf8"),
  * });
  * const impersonatedAccount = new vault.gcp.SecretImpersonatedAccount("impersonatedAccount", {
  *     backend: gcp.path,

sdk/nodejs/gcp/secretRoleset.ts

@@ -21,7 +21,7 @@ import * as utilities from "../utilities";
  * const project = "my-awesome-project";
  * const gcp = new vault.gcp.SecretBackend("gcp", {
  *     path: "gcp",
- *     credentials: fs.readFileSync("credentials.json"),
+ *     credentials: fs.readFileSync("credentials.json", "utf8"),
  * });
  * const roleset = new vault.gcp.SecretRoleset("roleset", {
  *     backend: gcp.path,

sdk/nodejs/gcp/secretStaticAccount.ts

@@ -23,7 +23,7 @@ import * as utilities from "../utilities";
  * const _this = new gcp.serviceaccount.Account("this", {accountId: "my-awesome-account"});
  * const gcp = new vault.gcp.SecretBackend("gcp", {
  *     path: "gcp",
- *     credentials: fs.readFileSync("credentials.json"),
+ *     credentials: fs.readFileSync("credentials.json", "utf8"),
  * });
  * const staticAccount = new vault.gcp.SecretStaticAccount("staticAccount", {
  *     backend: gcp.path,

sdk/nodejs/kubernetes/getServiceAccountToken.ts

@@ -16,8 +16,8 @@ import * as utilities from "../utilities";
  *     path: "kubernetes",
  *     description: "kubernetes secrets engine description",
  *     kubernetesHost: "https://127.0.0.1:61233",
- *     kubernetesCaCert: fs.readFileSync("/path/to/cert"),
- *     serviceAccountJwt: fs.readFileSync("/path/to/token"),
+ *     kubernetesCaCert: fs.readFileSync("/path/to/cert", "utf8"),
+ *     serviceAccountJwt: fs.readFileSync("/path/to/token", "utf8"),
  *     disableLocalCaJwt: false,
  * });
  * const role = new vault.kubernetes.SecretBackendRole("role", {
@@ -146,8 +146,8 @@ export interface GetServiceAccountTokenResult {
  *     path: "kubernetes",
  *     description: "kubernetes secrets engine description",
  *     kubernetesHost: "https://127.0.0.1:61233",
- *     kubernetesCaCert: fs.readFileSync("/path/to/cert"),
- *     serviceAccountJwt: fs.readFileSync("/path/to/token"),
+ *     kubernetesCaCert: fs.readFileSync("/path/to/cert", "utf8"),
+ *     serviceAccountJwt: fs.readFileSync("/path/to/token", "utf8"),
  *     disableLocalCaJwt: false,
  * });
  * const role = new vault.kubernetes.SecretBackendRole("role", {

sdk/nodejs/kubernetes/secretBackend.ts

@@ -18,8 +18,8 @@ import * as utilities from "../utilities";
  *     defaultLeaseTtlSeconds: 43200,
  *     maxLeaseTtlSeconds: 86400,
  *     kubernetesHost: "https://127.0.0.1:61233",
- *     kubernetesCaCert: fs.readFileSync("/path/to/cert"),
- *     serviceAccountJwt: fs.readFileSync("/path/to/token"),
+ *     kubernetesCaCert: fs.readFileSync("/path/to/cert", "utf8"),
+ *     serviceAccountJwt: fs.readFileSync("/path/to/token", "utf8"),
  *     disableLocalCaJwt: false,
  * });
  * ```

sdk/nodejs/kubernetes/secretBackendRole.ts

@@ -18,8 +18,8 @@ import * as utilities from "../utilities";
  *     path: "kubernetes",
  *     description: "kubernetes secrets engine description",
  *     kubernetesHost: "https://127.0.0.1:61233",
- *     kubernetesCaCert: fs.readFileSync("/path/to/cert"),
- *     serviceAccountJwt: fs.readFileSync("/path/to/token"),
+ *     kubernetesCaCert: fs.readFileSync("/path/to/cert", "utf8"),
+ *     serviceAccountJwt: fs.readFileSync("/path/to/token", "utf8"),
  *     disableLocalCaJwt: false,
  * });
  * const sa_example = new vault.kubernetes.SecretBackendRole("sa-example", {
@@ -50,8 +50,8 @@ import * as utilities from "../utilities";
  *     path: "kubernetes",
  *     description: "kubernetes secrets engine description",
  *     kubernetesHost: "https://127.0.0.1:61233",
- *     kubernetesCaCert: fs.readFileSync("/path/to/cert"),
- *     serviceAccountJwt: fs.readFileSync("/path/to/token"),
+ *     kubernetesCaCert: fs.readFileSync("/path/to/cert", "utf8"),
+ *     serviceAccountJwt: fs.readFileSync("/path/to/token", "utf8"),
  *     disableLocalCaJwt: false,
  * });
  * const name_example = new vault.kubernetes.SecretBackendRole("name-example", {
@@ -82,8 +82,8 @@ import * as utilities from "../utilities";
  *     path: "kubernetes",
  *     description: "kubernetes secrets engine description",
  *     kubernetesHost: "https://127.0.0.1:61233",
- *     kubernetesCaCert: fs.readFileSync("/path/to/cert"),
- *     serviceAccountJwt: fs.readFileSync("/path/to/token"),
+ *     kubernetesCaCert: fs.readFileSync("/path/to/cert", "utf8"),
+ *     serviceAccountJwt: fs.readFileSync("/path/to/token", "utf8"),
  *     disableLocalCaJwt: false,
  * });
  * const rules_example = new vault.kubernetes.SecretBackendRole("rules-example", {

sdk/nodejs/utilities.ts

@@ -2,6 +2,9 @@
 // *** Do not edit by hand unless you're certain you know what you are doing! ***
 
 
+import * as runtime from "@pulumi/pulumi/runtime";
+import * as pulumi from "@pulumi/pulumi";
+
 export function getEnv(...vars: string[]): string | undefined {
     for (const v of vars) {
         const value = process.env[v];
@@ -64,3 +67,29 @@ export function lazyLoad(exports: any, props: string[], loadModule: any) {
         });
     }
 }
+
+export async function callAsync<T>(
+    tok: string,
+    props: pulumi.Inputs,
+    res?: pulumi.Resource,
+    opts?: {property?: string},
+): Promise<T> {
+    const o: any = runtime.call<T>(tok, props, res);
+    const value = await o.promise(true /*withUnknowns*/);
+    const isKnown = await o.isKnown;
+    const isSecret = await o.isSecret;
+    const problem: string|undefined =
+        !isKnown ? "an unknown value"
+        : isSecret ? "a secret value"
+        : undefined;
+    // Ingoring o.resources silently. They are typically non-empty, r.f() calls include r as a dependency.
+    if (problem) {
+        throw new Error(`Plain resource method "${tok}" incorrectly returned ${problem}. ` +
+            "This is an error in the provider, please report this to the provider developer.");
+    }
+    // Extract a single property if requested.
+    if (opts && opts.property) {
+        return value[opts.property];
+    }
+    return value;
+}

sdk/python/pulumi_vault/_utilities.py

@@ -3,6 +3,7 @@
 # *** Do not edit by hand unless you're certain you know what you are doing! ***
 
 
+import asyncio
 import importlib.util
 import inspect
 import json
@@ -13,6 +14,7 @@
 
 import pulumi
 import pulumi.runtime
+from pulumi.runtime.sync_await import _sync_await
 
 from semver import VersionInfo as SemverVersion
 from parver import Version as PEP440Version
@@ -246,5 +248,44 @@ def lifted_func(*args, opts=None, **kwargs):
 
     return (lambda _: lifted_func)
 
+
+def call_plain(
+    tok: str,
+    props: pulumi.Inputs,
+    res: typing.Optional[pulumi.Resource] = None,
+    typ: typing.Optional[type] = None,
+) -> typing.Any:
+    """
+    Wraps pulumi.runtime.plain to force the output and return it plainly.
+    """
+
+    output = pulumi.runtime.call(tok, props, res, typ)
+
+    # Ingoring deps silently. They are typically non-empty, r.f() calls include r as a dependency.
+    result, known, secret, _ = _sync_await(asyncio.ensure_future(_await_output(output)))
+
+    problem = None
+    if not known:
+        problem = ' an unknown value'
+    elif secret:
+        problem = ' a secret value'
+
+    if problem:
+        raise AssertionError(
+            f"Plain resource method '{tok}' incorrectly returned {problem}. "
+            + "This is an error in the provider, please report this to the provider developer."
+        )
+
+    return result
+
+
+async def _await_output(o: pulumi.Output[typing.Any]) -> typing.Tuple[object, bool, bool, set]:
+    return (
+        await o._future,
+        await o._is_known,
+        await o._is_secret,
+        await o._resources,
+    )
+
 def get_plugin_download_url():
 	return None