pulumi-kubernetes-operator

What is pulumi-kubernetes-operator?

The pulumi-kubernetes-operator image runs the Pulumi Kubernetes Operator, a Kubernetes controller that watches Stack custom resources and drives Pulumi stack lifecycle operations (update, refresh, destroy) from inside the cluster. This brings a GitOps model to Pulumi-managed infrastructure: changes pushed to a Git repository trigger reconciliation, and the operator handles running pulumi up automatically.

It supports any cloud or infrastructure provider that Pulumi supports, including AWS, Azure, GCP, and Kubernetes itself. The operator is used by teams that want to manage cloud resources declaratively from Kubernetes without running Pulumi CLI in external pipelines.

How to use this image

The operator is deployed as a Kubernetes Deployment and watches for Stack CRs in the cluster.

Deploy the operator with kubectl:

# Apply the official operator manifests
kubectl apply -f https://raw.githubusercontent.com/pulumi/pulumi-kubernetes-operator/main/deploy/deploy-operator-ns.yaml

Define a Stack custom resource:

apiVersion: pulumi.com/v1
kind: Stack
metadata:
  name: my-infra-stack
spec:
  stack: org/project/dev
  projectRepo: https://github.com/my-org/my-pulumi-project
  branch: refs/heads/main
  destroyOnFinalize: false
  envRefs:
    PULUMI_ACCESS_TOKEN:
      type: Secret
      secret:
        name: pulumi-access-token
        key: accessToken

Apply the Stack resource:

kubectl apply -f stack.yaml
kubectl get stacks -w

Check operator logs:

kubectl logs -n pulumi-kubernetes-operator \
  deployment/pulumi-kubernetes-operator -f

Image variants

pulumi/pulumi-kubernetes-operator:latest

The latest stable operator release. Built on a minimal base and includes the operator binary only.

pulumi/pulumi-kubernetes-operator:<version>

Pinned version tags such as pulumi/pulumi-kubernetes-operator:1.14.0. Recommended for production to ensure consistent behavior across cluster upgrades.