https://pulumi.com logo
Join Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • s

    stocky-spoon-28903

    04/02/2019, 2:43 AM
    There is actually:
  • s

    stocky-spoon-28903

    04/02/2019, 2:43 AM
    import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create an AWS resource (S3 Bucket)
const bucket = new aws.s3.Bucket("my-bucket");

const taskRolePolicy = new aws.iam.Policy('ecs-XXXXXX-task', {
    policy: pulumi.output({
        Version: "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Action": [
                    "s3:*"
                ],
                "Resource": [
                    bucket.arn,
                ]
            }
        ]
    }).apply(JSON.stringify)
});

// Export the name of the bucket
export const bucketName = bucket.id;
    b
    • 2
    • 1
  • i

    incalculable-diamond-5088

    04/02/2019, 10:07 AM
    Hi, is there a way to move a stack from a personal account to an organization? Just started a subscription and would like the organization to take ownership of the stacks
    o
    g
    • 3
    • 2
  • c

    cold-coat-35200

    04/02/2019, 12:44 PM
    Hi, something really strange happening since aws 0.18.0 release, currently we use these versions: 
    ➜  pulumi (master) yarn list --pattern "@pulumi"
yarn list v1.15.2
├─ @pulumi/aws@0.17.1
├─ @pulumi/kubernetes@0.21.1
├─ @pulumi/pulumi@0.17.2
└─ @pulumi/random@0.5.1                        
➜  pulumi (master) pulumi version
v0.17.4
➜  pulumi (master) pulumi plugin ls
NAME        KIND      VERSION  SIZE    INSTALLED  LAST USED
aws         resource  0.18.0   158 MB  n/a        11 minutes ago
aws         resource  0.17.1   157 MB  n/a        1 week ago
kubernetes  resource  0.22.0   45 MB   n/a        11 minutes ago
kubernetes  resource  0.21.1   45 MB   n/a        1 week ago
random      resource  0.5.1    28 MB   n/a        1 week ago
    when trying to update one of our stack, without any modification in the code, the preview dies with: 
    error: aws:elasticloadbalancingv2/listener:Listener resource 'dlv-dev-lbg-rtmp-listener' has a problem: default_action: should be a list
    I found this comment: https://github.com/pulumi/pulumi-aws/issues/418#issuecomment-455917061 Based on that it was an issue in the past and it was solved, but looks like it's still exist somehow. I updated our stack to versions: 
    ➜  pulumi (master) yarn list --pattern "@pulumi"
yarn list v1.15.2
├─ @pulumi/aws@0.18.0
├─ @pulumi/kubernetes@0.22.0
├─ @pulumi/pulumi@0.17.4
└─ @pulumi/random@0.5.1
    The "default_action" issue is now gone, but still, without any change in the code pulumi want to recreate a lot of our resources, including the eks cluster, which has a lot of dependent resource
    s
    f
    • 3
    • 14
  • e

    early-family-43281

    04/02/2019, 3:01 PM
    hi guys
  • e

    early-family-43281

    04/02/2019, 3:02 PM
    i need some wisdom from the pulumi community
  • e

    early-family-43281

    04/02/2019, 3:02 PM
    😄
  • e

    early-family-43281

    04/02/2019, 3:02 PM
    i need to create a json file when running a pulumi script. that file includes values that are outputs of pulumi objects
  • e

    early-family-43281

    04/02/2019, 3:03 PM
    i've got 2 issues. first is my function gets called on preview and the file that gets created just contains an error message about output not being able to be converted to string
  • e

    early-family-43281

    04/02/2019, 3:04 PM
    i've read the section about outputs, but i still can't figure out the best way to tackle the issue
  • e

    early-family-43281

    04/02/2019, 3:05 PM
    i guess i need 2 things: - be able to run the function to create the json file only when doing the deployment (not on preview) - get the actual outputs in the json file instead of an error about Output being an Output 🙂
  • e

    early-family-43281

    04/02/2019, 3:05 PM
    any suggestions?
    w
    • 2
    • 13
  • b

    billowy-laptop-45963

    04/02/2019, 3:52 PM
    When will ComponentResources be supported in python?
  • b

    billowy-garage-68819

    04/02/2019, 3:56 PM
    @billowy-laptop-45963 I don't know the answer to your question, and someone in here will probably answer you here, however, I'm going to point out that there's a #python channel
  • b

    billowy-laptop-45963

    04/02/2019, 4:10 PM
    @billowy-garage-68819 Ahh thanks, had no idea
  • b

    big-potato-91793

    04/02/2019, 5:11 PM
    Hey, it’s possible to have a configs that is a list of values?
  • s

    stocky-spoon-28903

    04/02/2019, 5:18 PM
    @big-potato-91793 That’s on the backlog still - right now people are commonly making the config value a JSON string and parsing it, or delimiting a list somehow
    b
    • 2
    • 1
  • d

    damp-book-35965

    04/02/2019, 10:11 PM
    I'm getting this error: 
    Diagnostics:
  pulumi:pulumi:Stack (xxx):
    error: update failed
 
  kubernetes:core:Service (kube-system/prometheus-operator-prometheus):
    error: Plan apply failed: 2 errors occurred:
    
    * Resource operation was cancelled for 'prometheus-operator-prometheus'
    * Service was not allocated an IP address; does your cloud provider support this?
    What's really happening ? There are enough IPs in the VPC to provision
    c
    w
    • 3
    • 40
  • c

    cool-egg-852

    04/02/2019, 10:19 PM
    Anyone know if we can change the GitHub bot to make the checks per project/stack instead of stack? Each project is overriding the previous projects status
    w
    c
    • 3
    • 9
  • f

    faint-vegetable-61837

    04/03/2019, 1:55 PM
    Are there plans to support the new AWS MSK (managed Kafka) service that will be GA soon?
    w
    • 2
    • 1
  • a

    abundant-monitor-15855

    04/03/2019, 3:05 PM
    Are there any examples of using pulumi to set up a static site stored in S3 distributed through cloudfront? specifically I’m interested in seeing how to use pulumi to manage deploying the static files to s3
    g
    • 2
    • 3
  • i

    important-leather-28796

    04/03/2019, 5:48 PM
    @stocky-spoon-28903 Trying to create a pulumi/gcp@0.18.2 regional cluster but encountering: 
    error: gcp:container/cluster:Cluster resource 'production' has a problem: : invalid or unknown key: node_locations
    error: gcp:container/cluster:Cluster resource 'production' has a problem: : invalid or unknown key: location
    s
    f
    c
    • 4
    • 48
  • a

    aloof-spoon-46068

    04/03/2019, 6:36 PM
    Is there a mechanism for azure to recreate generating a service principle like what you would get if you do 
    az ad sp create-for-rbac"
    ? I tried following the example from: https://pulumi.io/reference/pkg/nodejs/@pulumi/azure/ad/#example-usage-1 but I’m not able to pull out a Tenant ID. I also see the warnings about deprecated API, but the links just take me to terraform docs and I don’t see how to use the 
    azuread
    provider from within pulumi. Basically I want to create a SP then grab all the AAD stuff to use.
  • c

    cool-egg-852

    04/04/2019, 12:08 AM
    Is there any way to have pulumi wait until a job is run before it executes any other changes?
    i
    • 2
    • 10
  • m

    millions-camera-36633

    04/04/2019, 4:20 AM
    hey all I just have a question about Pulumi outputs. If i create a 'pure' output via 
    pulumi.output
    , then export it as a stack output, it doesn't seem to appear in the stack outputs, where as outputs that are a side effects of creating a resource do
    w
    • 2
    • 7
  • f

    flaky-continent-74538

    04/04/2019, 5:52 AM
    Hey say I'm creating an 
    azure.search.Service
    and an 
    azure.appservice.AppService
    . I want to create my app service such that its 
    appSettings
    has my search service's Query Key. I can get this Query Key one of two ways: 1. Through an API: https://docs.microsoft.com/en-us/rest/api/searchmanagement/querykeys/listbysearchservice 2. Using the CLI: 
    az search query-key list -g <my-resource-group> --service-name <my-service>
    How should I integrate one of these into a Pulumi script? Thanks! 🙂
  • i

    important-leather-28796

    04/04/2019, 1:48 PM
    If you want GKE 
    vertical pod autoscaling
    sooner than later please add your 👍 to the terraform issue https://github.com/terraform-providers/terraform-provider-google/issues/3200
  • p

    plain-businessperson-30883

    04/04/2019, 4:02 PM
    Hello. Is this subreddit official? https://www.reddit.com/r/pulumi/
  • b

    better-rainbow-14549

    04/04/2019, 6:48 PM
    all my outstanding issues and workarounds are gone now from 3 pretty different and relatively complicated stacks. pulumi's been amazing for ages but it's really starting to get easy 😄
    🤓 1
    🎉 8
  • i

    important-leather-28796

    04/04/2019, 8:17 PM
    Who is the circleci pulumi orb person? getting 
    plugin 'kubernetes' found in the workspace or on your $PATH
    c
    b
    • 3
    • 56
Title
i

important-leather-28796

04/04/2019, 8:17 PM
Who is the circleci pulumi orb person? getting 
plugin 'kubernetes' found in the workspace or on your $PATH
c

colossal-beach-47527

04/04/2019, 8:20 PM
🙋‍♂️🏽 that’s me.
You are using CircleCI and Pulumi, and it is failing with that error? Could you include more of it for context? e.g. is that coming from Pulumi, or e.g. 
npm
?
i

important-leather-28796

04/04/2019, 8:21 PM
thoughts here? I was going to add 
yarn list @pulumi/gcp @pulumi/pulumi
to ensure they were installed with a 
pulumi plugin ls
coming from: 
- pulumi/preview:
          stack: alienfast/production
          working_directory: ~/project/cloud/app
after 
pulumi/login
c

colossal-beach-47527

04/04/2019, 8:22 PM
Gotcha. So yeah, that sounds like Pulumi is failing for some reason. I know that the CLI will download your dependencies in many situations, but perhaps you need to explicitly call 
yarn install
to get all of the prerequisites?
i

important-leather-28796

04/04/2019, 8:23 PM
it’s a monorepo, so everything
should be installed
c

colossal-beach-47527

04/04/2019, 8:24 PM
Hrm, let me think about it. Since that’s odd. Essentially the 
pulumi/preview
orb just shells out to 
pulumi preview ...
So it is probably something with how/where the plugins are being loaded/located.
i

important-leather-28796

04/04/2019, 8:25 PM
I added debug and made 
working_directory: ~/project/cloud/app
instead of 
working_directory: cloud/app
c

colossal-beach-47527

04/04/2019, 8:32 PM
I can’t think of any reason why you’d get into this state. Could you confirm that the plugin is actually installed? Like you said earlier, if you run 
pulumi plugin ls
it should appear in the output.
i

important-leather-28796

04/04/2019, 8:39 PM
#!/bin/bash -eo pipefail
yarn list --pattern @pulumi && pulumi plugin ls
yarn list v1.12.3
warning Resolution field "react-apollo@2.5.2" is incompatible with requested version "react-apollo@^2.5.3"
warning Resolution field "react-apollo@2.5.2" is incompatible with requested version "react-apollo@^2.5.3"
├─ @pulumi/gcp@0.18.2
├─ @pulumi/kubernetes@0.22.0
├─ @pulumi/pulumi@0.17.4
└─ @pulumi/random@0.5.1
Done in 1.14s.
NAME  KIND  VERSION  SIZE  INSTALLED  LAST USED

TOTAL plugin cache size: 0 B
Ok, I have an idea
our yarn runs in a 
prepare
job
then files are propagated via 
persist_to_workspace
and 
attach_workspace
where are the plugins installed? file path
@colossal-beach-47527 looks like I need to add the pulumi plugin file path to the 
persist_to_workspace
, I just need to know which path.
c

colossal-beach-47527

04/04/2019, 8:44 PM
This isn’t a part of the code I am super familiar with. But that sounds cromulent. @incalculable-sundown-82514 or @bitter-oil-46081 might have more specifics about where plug-ins are stored and what not.
b

bitter-oil-46081

04/04/2019, 8:44 PM
All of the plugins are stored in 
~/.pulumi/plugins
There is a sub-folder for each plugin.
So I would recommend that you just persist that entire folder.
i

important-leather-28796

04/04/2019, 8:47 PM
this is unfortunate
* In step 8 (persist_to_workspace): Path ~/.pulumi/plugins is not relative to the workspace root (.)
ah, I’ll try without the magic ~
yeah, I’m encountering a bunch of issues trying to get the persist to work without specifying potentially differing docker user home paths
I’ll figure out something
can I set that with 
PULUMI_HOME
or something like that pre-yarn?
So this behavior is also messing with yarn caching on ci
cached modules don’t reinstall so the native plugins are not there on subsequent builds
#!/bin/bash -eo pipefail
ls -la /home/circleci/.pulumi/plugins || true
ls: cannot access '/home/circleci/.pulumi/plugins': No such file or directory
#!/bin/bash -eo pipefail
ls -la /home/circleci/.pulumi || true
total 20
drwxr-xr-x  3 circleci circleci 4096 Apr  4 21:17 .
drwxr-xr-x 11 circleci circleci 4096 Apr  4 21:17 ..
-rw-------  1 circleci circleci   59 Apr  4 21:17 .cachedVersionInfo
drwx------  2 circleci circleci 4096 Apr  4 21:17 bin
-rw-------  1 circleci circleci  149 Apr  4 21:17 credentials.json
#!/bin/bash -eo pipefail
echo $HOME
/home/circleci
@colossal-beach-47527 @bitter-oil-46081 I am ssh’d into the server. We have eliminated the yarn cache. Simply put, plugins are not installed.
pulumi login
Logging in using access token from PULUMI_ACCESS_TOKEN
Logged into <http://pulumi.com|pulumi.com> as rosskevin (<https://app.pulumi.com/rosskevin>)
circleci@122be95f3249:~/project$ ls -la ~/.pulumi/
total 20
drwxr-xr-x  3 circleci circleci 4096 Apr  4 22:00 .
drwxr-xr-x 11 circleci circleci 4096 Apr  4 21:55 ..
-rw-------  1 circleci circleci   59 Apr  4 22:00 .cachedVersionInfo
drwx------  2 circleci circleci 4096 Apr  4 21:55 bin
-rw-------  1 circleci circleci  149 Apr  4 22:00 credentials.json
circleci@122be95f3249:~/project$ yarn list --pattern @pulumi 
yarn list v1.12.3
warning Resolution field "react-apollo@2.5.2" is incompatible with requested version "react-apollo@^2.5.3"
warning Resolution field "react-apollo@2.5.2" is incompatible with requested version "react-apollo@^2.5.3"
├─ @pulumi/gcp@0.18.2
├─ @pulumi/kubernetes@0.22.0
├─ @pulumi/pulumi@0.17.4
└─ @pulumi/random@0.5.1
Done in 1.11s.
I have deleted 
node_modules
and yarned, still no plugins
are they installed on first use?
b

bitter-oil-46081

04/04/2019, 10:03 PM
are they installed on first use?
Right now, no. They are installed via a npm post install script which calls 
pulumi plugin install
Can you run 
pulumi plugin install resource gcp 0.18.2
and let me know happens?
i

important-leather-28796

04/04/2019, 10:04 PM
so that is part of the problem (with instructions at least), as 
pulumi
is not available from the orb until 
pulumi/login
I have confirmed after adding pulumi to the path and re-yarn they are there
b

bitter-oil-46081

04/04/2019, 10:05 PM
Ahh, okay, we need to fix that. I believe you should be able to run 
pulumi plugin install
from the root of your project and it will try to install all plugins you need.
i

important-leather-28796

04/04/2019, 10:05 PM
I’ll try to use the orb login pre-yarn and see if it will work
I have 4 stacks
so not keen on that
using 
pulumi/login
before 
yarn
confirmed to have plugins now
c

colossal-beach-47527

04/04/2019, 10:18 PM
Catching up on this thread, I guess I understand what’s going on here. Obviously we need to better document (and warn if possible), since the “must install Pulumi CLI before running `yarn`” isn’t intuitive at all.
i

important-leather-28796

04/04/2019, 10:19 PM
you will need to warn that users depending on caching will also need to cache ~/.pulumi/plugins
So @colossal-beach-47527 onto the next thing. cwd problems with the orb
pulumi preview --stack alienfast/production --cwd ~/project/cloud/app
Previewing update (alienfast/production):
@ Previewing update...| /                       
@ Previewing update...|                           pulumi:pulumi:Stack advisorintake-app-production running 
@ Previewing update...| / - \                           pulumi:pulumi:Stack advisorintake-app-production  error: Running program '/home/circleci/project/cloud/app' failed with an unhandled exception:
    pulumi:pulumi:Stack advisorintake-app-production  error: Error: Cannot find module '@alienfast/pulumi'
it does not appear to change to that dir before running, otherwise it would use the tsconfig from that cwd and would find the shared code module
orb use: 
- pulumi/preview:
          stack: alienfast/production
          working_directory: ~/project/cloud/app
If I actually cd to the dir, it works 
~/p/a/c/app ❯❯❯ pulumi preview --stack alienfast/production
Previewing update (alienfast/production):

     Type                             Name                                               Plan     Info
     pulumi:pulumi:Stack              advisorintake-app-production                                4 messages
 >   ├─ pulumi:pulumi:StackReference  alienfast/advisorintake-infrastructure/production  read     
 >   └─ pulumi:pulumi:StackReference  alienfast/advisorintake-identity/production        read
I’m going to bail on the orb and do it manually
yikes, at every turn a problem with ci
curl -L <https://get.pulumi.com/> | bash -s
under the circleci user account yields 
+ Extracting to /home/circleci/.pulumi/bin
mktemp: failed to create directory via template 'pulumi.XXXXXXXXXX': Permission denied
I’m simply trying to add pulumi via the install script to a circleci base image
I must have an issue with my script, using it direct in the dockerfile works fine as 
RUN curl -L <https://get.pulumi.com/> | bash -s
View count: 1