great-breakfast-56601
10/07/2021, 10:06 AMgreat-breakfast-56601
10/07/2021, 10:06 AMworried-knife-31967
10/11/2021, 6:30 PMrhythmic-activity-46295
10/13/2021, 11:05 PMcurved-pencil-86122
10/15/2021, 6:08 AMfuture-kite-91191
10/15/2021, 10:00 AMTo sign in, use a web browser to open the page <https://microsoft.com/devicelogin> and enter the code CG*****QW to authenticate.
How can I ensure the pipeline can run without interactive logins?
Background:
• The AKS cluster has "local k8s account" feature disabled, only AAD accounts can authenticate
• The Azure Devops pipeline Service Principal is member of the AAD Group that has admin rights/roles assigned to it for the AKS clustermany-dress-54535
10/15/2021, 6:34 PMpulumi_azure_native.network.IpGroup()
by setting the ip_addresses
and I am getting AttributeError: can't set attribute
error, not sure if I am doing this right because it's the first time I try to set a property...steep-addition-26630
10/18/2021, 7:35 AM~ azure-native:web:WebApp foo-func update [diff: ~siteConfig]
~ azure-native:web:WebAppSlot foo-func update [diff: ~siteConfig]
It's worth mentioning that I'm currently pushing the code via another pipeline. I'd like to use WebAppSourceControl but it seems we need a bit more setup for that to work (and a documented example wouldn't hurt...)white-bear-32497
10/19/2021, 7:06 AMWEBSITE_RUN_FROM_ZIP
to deploy, is there any way to directly deploy from local disk?victorious-exabyte-70545
10/19/2021, 6:41 PMwet-noon-14291
10/20/2021, 10:01 PMchilly-magazine-4507
10/21/2021, 12:11 AMwitty-airport-81009
10/21/2021, 10:25 AMblue-hair-13625
10/21/2021, 3:25 PMmillions-journalist-34868
10/21/2021, 8:51 PMenough-butcher-66045
10/24/2021, 11:03 PMhallowed-traffic-28168
10/25/2021, 10:03 AMwooden-receptionist-75654
10/25/2021, 2:29 PMazure-native.containerservice
lib to create AKS cluster and I also would like deploy k8s RBAC objects with kubernetes
lib.
I have something like:
# Creating AKS
const cluster = new containerservice.ManagedCluster(...)
# Getting a kubectlconfig
const creds = pulumi.all([cluster.name, resourceGroup.name]).apply(([clusterName, rgName]) => {
return containerservice.listManagedClusterUserCredentials({
resourceGroupName: rgName,
resourceName: clusterName,
});
});
const encoded = creds.kubeconfigs[0].value;
const kubeconfig = encoded.apply(enc => Buffer.from(enc, "base64").toString());
# Creating provider
const aksProvider = new k8s.Provider("aks", {
kubeconfig: kubeconfig
})
# And deploying a role
const devsGroupRole = new k8s.rbac.v1.Role("pulumi-devs",{...}, {provider: aksProvider})
And it appears that kubeconfig
is required browser-based authentication
for first time. I got To sign in, use a web browser to open the page <https://microsoft.com/devicelogin>
I have tried it with user auth (az login) and got the same in CI with Service Principal.
Is there any way to skip it?narrow-helmet-6313
10/25/2021, 5:44 PMnarrow-helmet-6313
10/25/2021, 5:45 PMproud-appointment-22284
10/27/2021, 6:56 PMI want to take the subnets part outside of the virtualnetwork resource but the pulumi is not able to handle such extractions, so I end up with this configuration. const VirtualNetwork = new network.VirtualNetwork("VirtualNetwork-test", {
  addressSpace: {
    addressPrefixes: ["10.49.184.0/23"],
  },
  enableDdosProtection: false,
  location: "westeurope",
  resourceGroupName: "rsg-network",
  subnets: [{
    addressPrefix: "10.49.185.0/27",
    name: "subnet-test",
    privateEndpointNetworkPolicies: "Enabled",
    privateLinkServiceNetworkPolicies: "Enabled",
    type: "Microsoft.Network/virtualNetworks/subnets",
  }],
  virtualNetworkName: "VirtualNetwork-test",
},); Â Â
const subnet = new network.Subnet("subnet-test", {
  addressPrefix: "10.49.185.0/27",
  name: "subnet-test",
  privateEndpointNetworkPolicies: "Enabled",
  privateLinkServiceNetworkPolicies: "Enabled",
  resourceGroupName: "rsg-network",
  subnetName: "subnet-test",
  type: "Microsoft.Network/virtualNetworks/subnets",
  virtualNetworkName: "VirtualNetwork-test",
}, {
  parent: VirtualNetwork,
});
My goal is to achieve that the subnets part information would be just removed from the virtaulnetwork resource and I will have only standalone subnet resource, so the code should look like: const VirtualNetwork = new network.VirtualNetwork("VirtualNetwork-test", {
  addressSpace: {
    addressPrefixes: ["10.49.184.0/23"],
  },
  enableDdosProtection: false,
  location: "westeurope",
  resourceGroupName: "rsg-network",
  virtualNetworkName: "VirtualNetwork-test",
},); Â Â
const subnet = new network.Subnet("subnet-test", {
  addressPrefix: "10.49.185.0/27",
  name: "subnet-test",
  privateEndpointNetworkPolicies: "Enabled",
  privateLinkServiceNetworkPolicies: "Enabled",
  resourceGroupName: "rsg-network",
  subnetName: "subnet-test",
  type: "Microsoft.Network/virtualNetworks/subnets",
  virtualNetworkName: "VirtualNetwork-test",
}, {
  parent: VirtualNetwork,
});
brash-quill-35776
10/28/2021, 2:28 AMstring
, so I can't put input
type to that
then output
type is string
, which I think should be output
type
Please take a look
If it's a legit issue, I can then create issue in Githubgreat-breakfast-56601
10/28/2021, 9:35 AMgreat-breakfast-56601
10/28/2021, 9:35 AM{ "KubeDashboard", new ManagedClusterAddonProfileArgs
{
Enabled = false,
}
},
{ "Azurepolicy", new ManagedClusterAddonProfileArgs
{
Enabled = true,
Config = new InputMap<string>{ {"version", "v2"} }
}
},
{ "omsagent", new ManagedClusterAddonProfileArgs
{
Enabled = true,
Config = new InputMap<string>{ {"logAnalyticsWorkspaceResourceID", partnerAnalyticsWorkspace.Id} }
}
},
great-breakfast-56601
10/28/2021, 9:36 AMgreat-breakfast-56601
10/28/2021, 9:37 AMproud-dusk-33872
10/28/2021, 11:35 PMPulumi.Deployment.Instance.InvokeAsync<ListConfigurationStoreKeysResult>("azure-native:appconfiguration:listConfigurationStoreKeys", ...)
, where is azure-native:appconfiguration:listConfigurationStoreKeys
coming from? Is there a config/manifest file somewhere that is used to generate all the code that would contain those references? I couldn't find the string reference outside of code files.proud-dusk-33872
10/28/2021, 11:54 PMpowerful-football-81694
10/31/2021, 12:07 PMPulumi.AzureNative.Web.ListWebAppHostKeys
but I cannot seem to find how to create new one, neither during the initial deployment (using some options on WebAppArgs
or SiteConfigArgs
) nor as any kind of separate resource.
It seems very easy to do this using ARM (see https://blog.eldert.net/create-and-retrieve-azure-functions-function-keys-in-arm-template/) so I’m guessing there’s a simple way also through Pulumi and I’m just struggling to find it… thankful for any help!powerful-football-81694
10/31/2021, 6:25 PMApiManagementService
and configures it to have a system-assigned managed identity
2. must specify the custom hostname at creation time in the HostnameConfigurationArgs
property, which references a certificate in key vault
3. but APIM fails to create because to read the cert from key vault, it needs an access policy…
4. but the KeyVaultAccessPolicy
to give the APIM managed identity access to read secrets from key vault can only be created after the APIM service has been created, which can’t happen…
So, APIM resource creation depends on the key vault access policy, which depends on the APIM resource… deadlock. Any advice on what do do in this situation?