gorgeous-accountant-60580
09/14/2022, 11:13 AMpulumi stack ls -a
using the Automation API?clever-hair-26722
09/17/2022, 4:38 PMgorgeous-accountant-60580
09/17/2022, 7:33 PMgorgeous-accountant-60580
09/26/2022, 3:21 PMcreamy-window-21036
09/29/2022, 7:26 PMproject_settings=auto.ProjectSettings(
name=project_name,
runtime="python",
backend={"url": "<s3://bucket-in-different-region-or-other-account>"})
stack = auto.create_or_select_stack(stack_name=stack_name,
project_name=project_name,
program=pulumi_program,
opts=auto.LocalWorkspaceOptions(project_settings=project_settings,
secrets_provider=secrets_provider}))
I am using pulumi_eks to provision a cluster
import pulumi_eks as eks
eks.Cluster(...)
Is there a way to to pass seperate credential to both of the context?
I mean separate creds for pulumi login and separate creds to provision EKS clusterrich-dress-42878
10/05/2022, 6:37 PMstack.up({ ... })
calls with different values for projectName
), even when forking the process or similarly calling the script multiple times with different stacks enabled, resources from all stacks except for the "current" stack end up being deleted. It seems to me like this is because of global stack state mentioned here, and possibly the Node.js parallel execution limitation mentioned here. The only way I have found to fix this is by providing a homogeneous projectName
parameter for every LocalWorkspace.selectStack
call.
I thought this might be unintended behavior due to the Go multi-stack orchestration example having two project names: inlineMultiStackWebsite
and inlineMultiStackObject
, however I might be doing something wrong/misunderstanding.
Is this PR a potential solution, or is that an unrelated issue? I am aware that LocalWorkspace
and the Node.js automation reference spec explicitly mention LocalWorkspace
support for a "single project", which I assume is why only one unique stack (by name) can exist in my testing. I also saw @little-cartoon-10569's message here which mentioned the ability to use multiple projects. However, I am not sure how to get this to work.rich-dress-42878
10/08/2022, 6:07 AMambitious-rocket-23091
10/14/2022, 7:04 PMconst provider = new aws.Provider(`${accountName}-account-provider`, {
accessKey: env.AWS_ACCESS_KEY_ID,
secretKey: env.AWS_SECRET_ACCESS_KEY,
region: "us-east-1",
assumeRole: {
roleArn: pulumi.interpolate`arn:aws:iam::${accountId}:role/OrganizationAccountAccessRole`,
},
});
bucket = aws.s3.BucketV2("bucket", {provider=provider})
apologies if there is an answer to this already I did some searches in this channel but didn't see anything that matched what I'm trying to do.gorgeous-accountant-60580
10/18/2022, 7:39 AMbrash-hairdresser-60389
10/25/2022, 12:39 PMbrash-hairdresser-60389
10/26/2022, 3:53 PMmagnificent-scientist-64889
10/31/2022, 8:25 AMPULUMI_CONFIG_PASSPHRASE=pass
PULUMI_ACCESS_TOKEN=token
PULUMI_BACKEND_URL=backend
const args: LocalProgramArgs = {
stackName: `bootstrap.${options.environment}`,
workDir: bootstrapRootPath
};
const stack = await LocalWorkspace.createOrSelectStack(args, {
secretsProvider: 'passphrase',
stackSettings: {
[args.stackName]: {
secretsProvider: 'passphrase',
config: {
['aws:profile']: {profile-name},
['aws:region']: `eu-west-1`,
},
},
}
});
const result = await stack.up();
output from the first stack is a KMS key alias, that directly after this can be accessed by
aws kms describe-key --key-id {key-id} --profile {profile-name}
On initialization of the second stack:
const newStack = await LocalWorkspace.createOrSelectStack(args,
{
secretsProvider: `awskms://${result.outputs.kmsKeyAliasName.value}?region=${options.awsRegion}`,
stackSettings: {
[options.environment]: {
['secretsProvider']: `awskms://${result.outputs.kmsKeyAliasName.value}?region=${options.awsRegion}`,
config: {
['aws:profile']: {profile-name},
['aws:region']: `eu-west-1`,
},
},
}
}
);
It fails with error: secrets (code=Unknown): NoCredentialProviders: no valid providers in chain. Deprecated.
.
My only guess so far, is that something is not cleared/properly set on the second LocalWorkspace.createOrSelectStack
, if i change the secretsProvider in the second stack to passphrase
, it runs through.
And i can then set the correct provider by using the cli pulumi stack change-secrets-provider
.
Anyone got an idea or a possible solution?white-chef-55657
11/03/2022, 11:06 AMfresh-minister-66960
11/03/2022, 6:33 PMlemon-agent-27707
11/07/2022, 11:25 PMRemoteWorkspace
which is available in all languages.
Join us in #pulumi-deployments to learn more and read the launch blog here: https://www.pulumi.com/blog/pulumi-deployments/
Here's an example of running a deployment via Automation API RemoteWorkspace
for nodejs: https://github.com/pulumi/automation-api-examples/blob/main/nodejs/remoteDeployment-tsnode/index.ts#L17-L29lively-crayon-44649
11/09/2022, 11:04 AMorg/project/stack
? So basically a StackReference
but outside Pulumi?
My use case is I want to load the outputs of another stack, without having to know its relative path in my monorepo, before doing some setup (SSH tunnel) and then running another stack, all using Pulumi Automation. If that makes sense.thousands-engineer-52020
11/16/2022, 8:07 AMstack.set_config("roleToAssumeARN", auto.ConfigValue(value="arn:aws:iam::11111111:role/myrole"))
thousands-engineer-52020
11/16/2022, 10:29 AMcreate_or_select_stack()
seems to crash but I don't have any error. I know it because log just after this function is not printed. Is there a way to print pulumi debug log on python ?few-carpenter-12885
11/16/2022, 4:32 PMCommandError
? I'm running into this right now. Here is an example output of resources being created but logging an error related to getting the stack outputs. Worth noting, the exit code overall is a success.lively-crayon-44649
11/18/2022, 10:44 AMlively-crayon-44649
11/18/2022, 10:46 AMpulumi preview on <stack>
in the code that produces PR comments, whereas if you have the app you end up with somelike The Update (preview) for stack <stack> was successful
etc.mysterious-hamburger-19066
11/18/2022, 2:58 PMYou have not accepted the legal terms on this subscription: '****' for this plan
sparse-intern-71089
11/20/2022, 2:09 AMfew-carpenter-12885
12/08/2022, 7:35 PMError: The default VPC does not have any private subnets. Set `assignPublicIp` to `true`, provide `networkConfiguration`, or add private subnets to the default VPC
high-translator-37096
12/09/2022, 8:37 AMconfig-map
property.
I tried to set it with: "some-key":{"value":["some-value-a","some-value-b"]}
which leads to a comma-separated string some-value-a,some-value-b
in the Pulumi.stack.yaml.
I also tried to send: {"some-other-key":[{"value":"some-other-value-a"},{"value":"some-other-value-b"}]}
which leads to a string undefined
in the Pulumi.stack.yaml.
What I would like to see is:
<pulumi-project>:some-key:
- some-value-a
- some-value-b
This could be defined via cli with pulumi config set --path "some-key[0]" "some-value-a"
but how do you do it via automation api?few-carpenter-12885
12/12/2022, 2:51 PMrefresh
call works fine, but I'm getting one of 2 errors each time an inline application 'up' is attempted:
• `awsecsCluster error: connection error: desc = "transport: Error while dialing dial tcp 127.0.0.132825 connect: connection refused`` I've received this on resources other than ECS within the stack as well.
• Or a generic: Command was killed with SIGKILL (Forced termination): pulumi up --yes --skip-preview --client=127.0.0.1:36833 --exec-kind auto.inline --stack dev --non-interactive\n
Initially, I thought it had to do with the Pulumi not being able to write to the workDir. I'm mounting a /tmp
volume to the container and passing the workDir accordingly into the createOrSelectStack
call.
Any ideas what either of these could mean? Searching slack for the connection refused
doesn't turn up any specific solutions - seems to be different for each case.lemon-lamp-41193
12/12/2022, 8:50 PMpulumi.InvokeOptions
within a stack transformation? I have the following working for setting an explicit provider on all my resources using pulumi.ResourceOptions
, but trying to do the same with InvokeOptions for functions such as aws.s3.get_bucket
seems to have no effect, making me wonder if transformations affect functions at all.
def stackTransformations(args):
args.opts = pulumi.ResourceOptions.merge(args.opts, pulumi.ResourceOptions(
provider = self.deploymentProvider
))
return pulumi.ResourceTransformationResult(args.props, args.opts)
pulumi.runtime.register_stack_transformation(lambda args: stackTransformations(args))
happy-garage-50771
12/15/2022, 12:36 AMsquare-laptop-45713
12/20/2022, 9:20 PMpulumi/actions
repo that starts it off. I updated it w latest testing.
The gist is:
• have 3 projects inside of a monorepo for our Infrastructure
• each project is within its own folder at the root and contains its own Pulumi.yaml
and Pulumi.dev.yaml
(folder name = project name, e.g. ./base
contains kettleos/base
project)
• all projects are namespaced to be part of our org (kettleos
)
• last successful run of pulumi/actions@v3
in a job was Oct 26, 2022
• first failed run of pulumi/actions@v3
in a job was Nov 14, 2022
• there were no runs in between those dates
Problem: despite configuring the stack-name
param to the job as kettleos/{project}/{stack}
(e.g. kettleos/base/dev
) the command run throws an error that the Stack Cannot be found with the error output missing the Project Name in the output, e.g.:
Logging into the Pulumi Service backend.
Error: code: -2
stdout:
stderr: Command failed with exit code 255: pulumi stack select --stack kettleos/base/dev --non-interactive
error: no stack named 'kettleos/dev' found
err?: Error: Command failed with exit code 255: pulumi stack select --stack kettleos/base/dev --non-interactive
error: no stack named 'kettleos/dev' found
steep-spoon-11901
12/21/2022, 11:00 AMdef create_user():
example = pagerduty.User("example_pulumi", email="<mailto:125.pulumi.earline@graham.name|125.pulumi.earline@graham.name>")
def create():
stack_name = auto.fully_qualified_stack_name(PULUMI_ORG_NAME, PULUMI_PROJECT_NAME, PULUMI_STACK_NAME)
stack = auto.create_or_select_stack(
stack_name=stack_name,
project_name=PULUMI_PROJECT_NAME,
program=create_user
)
stack.set_config("pagerduty:token", auto.ConfigValue(value="pagerduty_token"))
stack.refresh(on_output=print)
up_res = stack.up(on_output=print)
create()
and that is error pulumi. I am using the same pagerduty access token with terraform and it works. So I think that there might be something bad with code. Thanks for your help!!