icy-jordan-58549
11/17/2020, 4:02 PMazure.network.FirewallNatRuleCollection
azure.network.FirewallApplicationRuleCollection
azure.network.FirewallNetworkRuleCollection
but not inside nextgen
? Is it due to the structure of ARM templates? Is it possible to decouple those components outside from the large https://www.pulumi.com/docs/reference/pkg/azure-nextgen/network/azurefirewall/ ?colossal-school-15171
11/19/2020, 5:23 AMlet coreLabels = { app: "core" };
let coreDeployment = new k8s.apps.v1.Deployment("core", {
spec: {
selector: { matchLabels: coreLabels },
replicas: 1,
template: {
metadata: { labels: coreLabels },
spec: {
containers: [{
name: "core",
image:"<http://mappeddev.azurecr.io.blob.core.windows.net|mappeddev.azurecr.io.blob.core.windows.net>",
ports: [{ containerPort: 80 }]
}],
},
},
},
});
which gives this error diagnostic:
Type Name Status Info
pulumi:pulumi:Stack mapped_infrastructure-aks **failed** 1 error
~ ├─ kubernetes:apps/v1:Deployment core **updating failed** 1 error
~ ├─ azure-nextgen:containerregistry/v20190501preview:ScopeMap acrScopeMap **updating failed** [diff: ~actions]; 1 error
~ └─ azure:containerservice:KubernetesCluster aksCluster updated [diff: ~addonProfile]
Diagnostics:
kubernetes:apps/v1:Deployment (core):
error: 5 errors occurred:
* the Kubernetes API server reported that "core-1je2id4a" failed to fully initialize or become live: 'core-1je2id4a' timed out waiting to be Ready
* [MinimumReplicasUnavailable] Deployment does not have minimum availability.
* [ProgressDeadlineExceeded] ReplicaSet "core-1je2id4a-cd7d9599d" has timed out progressing.
* Minimum number of live Pods was not attained
* [Pod core-1je2id4a-cd7d9599d-k4n9v]: containers with unready status: [core] -- [ImagePullBackOff] Back-off pulling image "<http://mappeddev.azurecr.io.blob.core.windows.net|mappeddev.azurecr.io.blob.core.windows.net>"
I’ve tried creating a token using the example code here: https://www.pulumi.com/docs/reference/pkg/azure-nextgen/containerregistry/token/
it gives me this error
azure-nextgen:containerregistry/v20190501preview:Token (token):
error: Code="CertificateAuthNotSupported" Message="Certificate authentication is not yet supported. For more information on repository permissions, please visit <https://aka.ms/acr/repo-permissions>."
sparse-dream-33326
11/19/2020, 11:23 AMsparse-dream-33326
11/19/2020, 11:23 AMerror: graphrbac.ApplicationsClient#Create: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="Unknown" Message="Unknown service error" Details=[{"odata.error":{"code":"Authorization_RequestDenied","date":"2020-11-19T11:21:33","message":{"lang":"en","value":"Insufficient privileges to complete the operation."},"requestId":"06ba91b6-f8dd-4c13-ad44-3edd92d780b9"}}]
sparse-dream-33326
11/19/2020, 11:24 AMsparse-dream-33326
11/19/2020, 4:19 PMancient-painter-14846
11/19/2020, 4:29 PMerror: 1 error occurred: updating urn:pulumi:dev::*****-infrastructure::azure:cosmosdb/sqlContainer:SqlContainer::dev: ID was missing the 'sqlDatabases' element
Using CLI 2.13.2. Dependencies:
"dependencies": {
"@pulumi/azure": "^3.30.1",
"@pulumi/kubernetes": "^2.7.1",
"@pulumi/pulumi": "^2.14.0"
}
early-sugar-1496
11/22/2020, 2:49 PMManagedClusterArgs.AgentPoolProfiles
calm-motorcycle-72397
11/23/2020, 8:36 PMcalm-motorcycle-72397
11/24/2020, 2:22 PMearly-television-40911
11/24/2020, 4:46 PMconst plan = new web.AppServicePlan("plan", {
resourceGroupName: resourceGroup.name,
name: "linux-asp",
location: resourceGroup.location,
kind: "Linux",
sku: selectedSku,
});
const cpuAlert = new insights.MetricAlert(
"cpuAlertName",
{
actions: [],
autoMitigate: false,
criteria: cpuCriteria,
description: "description",
enabled: true,
evaluationFrequency: "Pt1m",
location: "global",
resourceGroupName: resourceGroup.name,
ruleName: "cpuAlertName",
scopes: [plan.id],
severity: 3,
tags: {},
windowSize: "Pt15m",
},
{ dependsOn: plan },
);
if I try to create them together I get the error on the preview:
panic: fatal: A failure has occurred: Unrecognized structpb value kind in RPC[Provider[azure-nextgen, 0xc00052d7a0]
but if create the app service plan first then add the metric alert it works. Does anyone have any ideas on how to create them together?ancient-painter-14846
11/25/2020, 3:37 PM/subscriptions/*********-****-****-****-************/resourceGroups/rg-dev/providers/Microsoft.DocumentDB/databaseAccounts/regionalcosmos/apis/sql/databases/regionaldb/containers/dev
But if I do an az cosmos sql container list
, now this resource have the following ID:
/subscriptions/*********-****-****-****-************/resourceGroups/rg-dev/providers/Microsoft.DocumentDB/databaseAccounts/regionalcosmos/sqlDatabases/regionaldb/containers/dev
Because if this, I have the following error when trying to do a `pulumi up`:
ID was missing the 'sqlDatabases' element
Is there any way of fixing it? Maybe deleting from the state and re-importing it?calm-motorcycle-72397
11/27/2020, 7:13 AMbillowy-carpenter-15652
11/27/2020, 6:31 PMbitter-policeman-94135
11/28/2020, 1:41 AMred-lighter-44012
11/28/2020, 2:32 PMPostgresAdminLogin = dbServer.AdministratorLogin;
PostgresAdminPassword = dbServer.AdministratorLoginPassword;
PostgresFqdn = dbServer.Fqdn;
Edit: I fell in my own trap, the output properties were static 😄 the method creating the DB is static so people return the new resource and not assign Output<> in the methods all over the place but only in the constructor. So yeah, I just shot myself in the foot. "senior dev" hahaprehistoric-nail-50687
11/30/2020, 10:30 AMnextgen
? The cli command is this:
az webapp log config --name "$APP_NAME" --resource-group "$RG_NAME" --docker-container-logging filesystem
But I can’t find any equivalent for it in pulumifuture-kite-91191
11/30/2020, 11:04 AMearly-sugar-1496
11/30/2020, 11:22 AMmissing required property 'properties.principalId'
, is it because i'm using apply?
using AzureAuth = Pulumi.AzureNextGen.Authorization.Latest;
new AzureAuth.RoleAssignment(
$"NetworkContributor",
new AzureAuth.RoleAssignmentArgs
{
Scope = _cluster.NodeResourceGroup!,
RoleAssignmentName = "Network Contributor",
Properties = new AzureAuth.Inputs.RoleAssignmentPropertiesArgs
{
PrincipalId = _cluster.Identity.Apply(identity => identity!.PrincipalId),
RoleDefinitionId = "",
},
});
clever-byte-21551
12/01/2020, 7:48 AMkeyvault
with azure-nextgen
plugin and I couldn’t find how I can create secrets, the keyvault
module only has methods for creating the actual vault but there’s no way to interact with it. (I’m using golang)nice-oyster-71086
12/01/2020, 9:44 PMtall-needle-56640
12/02/2020, 10:09 PMicy-jordan-58549
12/04/2020, 11:37 AMerror: building auth config: Authenticating using the Azure CLI is only supported as a User (not a Service Principal).
adorable-cricket-58611
12/05/2020, 6:54 PMadorable-cricket-58611
12/05/2020, 6:54 PMwet-noon-14291
12/05/2020, 9:01 PMcool-jewelry-33023
12/06/2020, 11:23 PMprehistoric-nail-50687
12/07/2020, 10:13 AMWebAppHostNameBinding
from azure-nextgen
to add new domains to a WebApp
. This works fine, as long as I only have one domain to add, but if I add multiple domains, then it does not work, because the previous WebAppHostNameBinding
must be finished before I can add a new one. I currently have this:
const subdomains = ["aa", "bb", "cc"];
for (var subd of subdomains) {
var nameBinding = newHostNameBinding(subd, app.name, "<http://topdomain.com|topdomain.com>");
}
function newHostNameBinding(subdomain: string, appName: Input<string>, topdomain: string) {
return new nextgen.WebAppHostNameBinding(
`${environment}-web-host-name-binding-${subdomain}`,
{
name: appName,
resourceGroupName: resourceGroup.name,
hostName: `${subdomain}.${topdomain}`,
},
{ parent: app }
);
}
Ho can I ensure the calls to create a WebAppHostNameBinding
are finished on the Azure site before creating the next one?
The error I currently get is this:
Cannot modify this site because another operation is in progress. Details: Id: 79e4dbe5-ae0e-44a2-9006-13b3e85e4e23, OperationName: Update, CreatedTime: 12/7/2020 9:53:20 AM, RequestId: d371a3b1-9503-4635-8289-2477a33ac7aa, EntityType: 3
boundless-airport-99052
12/07/2020, 12:54 PMterraform azurerm - v2.34.0
provider.
I downgraded to @pulumi/azure - v3.28.0
which uses terraform azurerm v2.33.0
according to https://github.com/pulumi/pulumi-azure/blob/master/CHANGELOG.md
But I still got the same error message
error: azure:operationalinsights/analyticsWorkspace:AnalyticsWorkspace resource 'log-f-stack-s-a-sb' has a problem: expected daily_quota_gb to be at least (0.000000), got -1.000000
The daily_quota_gb
property was not present before`terraform azurerm v2.34.0` so I wonder why I still got this error.
Terraform changelog: https://github.com/terraform-providers/terraform-provider-azurerm/releases/tag/v2.34.0
I can also confirm this with this commit which in only present in v2.34- support for theazurerm_log_analytics_workspace
property (#8861)daily_quota_gb
tall-needle-56640
12/07/2020, 6:44 PMtall-needle-56640
12/07/2020, 6:44 PMPulumi.Azure
, this could be done by something like:
public class ResourceFactory
{
public Account StorageAccount(string name, AccountArgs? args = null)
{
args ??= new AccountArgs();
args.ResourceGroupName = _resourceGroupName;
args.Location ??= _locationInput;
args.AccountKind ??= "StorageV2";
args.AccountReplicationType ??= "LRS";
args.AccountTier ??= "Standard";
return new Account(name, args);
}
}
But in order to do this with Pulumi.AzureNextGen
, the developer now has to create an overload for every version? And even if they did, when a new API version was released, the library would be broken until the developer add additional overloads.tall-librarian-49374
12/07/2020, 7:04 PMtall-needle-56640
12/07/2020, 8:28 PMPulumi.AzureNextGen.Web
represent the latest stable releases, but drop the identifier since it should be obvious now (and ideally is dropped from the namespace as well).
Pulumi.AzureNextGen.Web
Pulumi.AzureNextGen.Web.V20180201
Pulumi.AzureNextGen.Web.V20200601
Pulumi.AzureNextGen.Storage
Pulumi.AzureNextGen.Storage.V20190601
Pulumi.AzureNextGen.Storage.V20200801Preview
Pulimi.AzureNextGen - Contains the latest packages
- Pulumi.AzureNextGen.Storage
- Pulumi.AzureNextGen.Web
- ...
Pulumi.AzureNextGen.All - Contains all old and new sub-packages
- Pulumi.AzureNextGen.Web
- Pulumi.AzureNextGen.Web.V20180201
- Pulumi.AzureNextGen.Web.V20200601
- Pulumi.AzureNextGen.Storage
- Pulumi.AzureNextGen.Storage.V20190601
- Pulumi.AzureNextGen.Storage.V20200801Preview
- ...
Versioning:
[Update]
The major version of "latest" packages corresponds to the newest API version
20200601.0.0
20210601.0.0
Pulumi.AzureNextGen.Web
as an examplePulumi.AzureNextGen.Web.V20180201
, maybe continue to use the same versioning scheme in place.
Results
- Removing .Latest
makes it much easier to migrate from Pulumi.Azure
- Users who just want to use the latest can easily do so
- Users are not blindly updated to a new version
- Users who want to pin versions can easily do so
- Users are not forced to upgrade
- Old version-named packages do not need to be republished every time
- arm2pulumi can continue as-is without any significant changetall-librarian-49374
12/07/2020, 8:48 PMtall-needle-56640
12/07/2020, 9:23 PM1.0.0
is not for naming, that is just a potential versioning scheme as 1.0.0
seems more digestible version than 20180201
. But having 20180201
as the major version number is fine too.Web.Latest
represents V20200601
in some package version x.1, I would not expect Web.Latest
to represent V20210601
in version x.2. The APIs are (potentially) now incompatible. (On a side note, I thought SemVer was pretty industry standard.)early-sugar-1496
12/08/2020, 12:04 AMtall-needle-56640
12/08/2020, 1:13 AM20200601
is fine as a major version number.tall-librarian-49374
12/08/2020, 7:11 AMa resource only exists in latest and not in a dated namespaceCan you point me to an example? I’m relatively sure that’s not possible and happy to take a look.
tall-needle-56640
12/08/2020, 3:07 PMLatest
from the namespace as it makes migration easier and seems unnecessary for a package that only represents the latest, but that's just my opinion. And ignoring that suggestion doesn't eliminate the other benefits.tall-librarian-49374
12/08/2020, 3:12 PMUsers who just want to use the latest can easily do soa bit more straightforward but I’m not sure I see other benefits.
tall-needle-56640
12/08/2020, 3:29 PMtall-librarian-49374
12/08/2020, 3:32 PMtall-needle-56640
12/08/2020, 4:23 PM