Is there a concept of data sources in pulumi? e.g., I have deployed k8s in GCP with the istio add-on and I would like to get access the

istio-ingressgateway

external IP address. In terraform I would use https://www.terraform.io/docs/providers/kubernetes/d/service.html but can't figure out how to do the same in pulumi

It's just code, so you can just go and ask it?

it's only a problem if it's being managed by pulumi, then it might not exist in all contexts your stack runs in (eg,

pulumi preview

when it hasn't been created)

but if it's assumed to exist already, you can just grab a client library and query it

there's also a handful of functions in the pulumi libraries to do this kind of thing (eg, there's a function in pulumi aws to query route53 for a zone)

@high-translator-22614 Yep you're right, thanks. Was able to get it using:

import * as k8s from '@kubernetes/client-node'
import { devKubeconfig } from '../cluster'

export const ingressIpAddress = devKubeconfig.apply(config => {
    const kc = new k8s.KubeConfig()
    kc.loadFromString(config)
    const api = kc.makeApiClient(k8s.CoreV1Api)
    return api.readNamespacedService('istio-ingressgateway', 'istio-system').then(svc => {
        let ipAddress = ''
        if (svc.body.status) {
            const status = svc.body.status
            if (status.loadBalancer) {
                const lb = status.loadBalancer
                if (lb.ingress) {
                    const ingress = lb.ingress
                    if (ingress[0].ip) {
                        ipAddress = ingress[0].ip
                    }
                }
            }
        }
        return ipAddress
    })
})

Hi, is there a built in flag that allows you to turn resources on and off easily or do we just need to wrap if in an if statement? I know you can do this in terraform with the count function. Just wondered if Pulumi has something similar

Why do fully qualified stack names not include the project name? On the website it's

{org-name}/{project-name}/{stack-name}

in the UI and URLs. On the CLI it's

{org-name}/{stack-name}

. This gets confusing when you have two projects in the same org with the same

{stack-name}

.

I’m trying to interact with pulumi-cloudflare, though it is not clear to me how the pulumi lib maps to the api. Specifically I’m looking to purge cache by url after a pulumi deployment (https://api.cloudflare.com/#zone-purge-files-by-url). Neither the reference docs nor github have given me a clue here how to essentially

POST zones/:identifier/purge_cache

. What am I missing? Any pointers to samples or docs?

Hi fokls! I'm trying to create an

aws.route53.Record

but it creates a sufixed record (e.g my-api-<RANDOM_IDENTIFIER>.mysite.com) which is wrong, I created it according the docs (https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/route53/#alias-record) and I don't see an option to create it without the sufix, my code is almost the same of the docs:

new aws.route53.Record('my-api', {
    aliases: [
      {
        evaluateTargetHealth: false,
        name: loadBalancer.dnsName,
        zoneId: loadBalancer.zoneId,
      },
    ],
    type: aws.route53.RecordTypes.A,
    zoneId: zone.zoneId,
  });

Any clues on it?

@creamy-potato-29402 I want to run a piece of imperative code to purge cache after k8 Deployment/Service/Ingress ready. I saw your writeup on kubespy and I’m interested in doing something with similar conditions at the end of a

pulumi up

. I was thinking a polling call to

pulumi.all

on each resource’s status. Is there already some sample code out there I can look at perhaps? Or any thoughts for/against this approach?

How might one access the value of an Output inside an explicit Function? In that case does the Pulumi library need to be imported into that Function?

Hey all! Facing some issues with pulumi and kubernetes. Currently trying to set up rbac in pulumi for a cluster but in clusterrolebinding setting subjects according to the format mentioned in the documentation doesn't seem to work. Does anyone know the correct way to specify subjects ?

Hey, I need to move 2 off my project from pulumi backend to s3. Could someone help me with that?

Hey folks, we are experiencing some issues combinating pulumi and recent releases of

knative-eventing

. In detail they include a legacy kubernetes deployment with a defined replica of

0

. Unfortunately this fails the stack since

pulumi-kubernetes

executes a readiness probe after applying the resource which never fulfills. Is there any solution to this, e.g. to disable the readiness probe for a certain resource?

If I want to imperatively poll for an updated manifest, would I call

k8s.apps.v1beta1.Deployment.get('myapp', myWebDeployment.id)

to get latest/fresh values?

Is there any way to get Pulumi to perform a sanity check about which AWS account it is interacting with? We use several different AWS accounts for security reasons. While I definitely want to be able to apply different stacks to different accounts, accidentally applying a stack to a different account than where it was created causes a big mess.

Anybody else done a cloud migration and had to translate iam permissions from one to the other? Asking for a friend

I'm getting this when running

pulumi logs -f

on a beefy machine while following logs from 2 lambda functions in one stack.

To create an AWS Organizations OU (https://www.pulumi.com/docs/reference/pkg/python/pulumi_aws/organizations/#pulumi_aws.organizations.OrganizationalUnit) I have to provide the

parent_id

property, which in a lot of cases is the root of the Organization. I can't find a way, native to pulumi, to get information about the Organization if the Organization has already been created by someone outside of pulumi.

same as ⬆️ about getting kubernetes information

but using boto3 instead of kubernetes client

Is there any way to make pulumi wait for a Job to complete before deploying a Deployment?

I am getting an error that subnets cannot be empty with the following

new awsx.ecs.FargateService(imageName, {
    name: imageName,
    cluster,
    subnets: ['subnet-1', 'subnet-2, 'subnet-3'],
    securityGroups: ['sg-x'],
    taskDefinitionArgs: {
      container: {
        image: `<http://myaccount.dkr.ecr.us-west-2.amazonaws.com/${imageName}|myaccount.dkr.ecr.us-west-2.amazonaws.com/${imageName}>`,
        cpu: compute || 512 /*10% of 1024*/,
        memory: memory || 512 /*MB*/,
        portMappings: [targetGroupListener],
        environment: environment || [
          { name: 'NODE_ENV', value: 'production' },
          { name: 'PORT', value: '80' },
        ],
      },
    },
    desiredCount: desiredCount || 2,
  });

My Callback Functions' package size is getting quite large as I have several in a project that contains many dependencies. The explicitly defined functions are much smaller and independent, but I really like the convenience of callback/magic functions. Is there a recommended practice for limiting/isolating dependencies included in inline functions?

I've just published https://github.com/timmyers/pulumi-k8s-metrics-server, a pulumi native module for deploying

metrics-server

on

kubernetes

, and an alternative to using the helm chart. It is in an early stage, but I believe it can be useful already. Feedback and PR's welcome!

Is the Pulumi backend having issues? My stack was working this morning, but all my attempts to

pulumi up

this afternoon hang forever in this state:

Hello. Is there any limitation when exporting a provider? If I try to use a k8s provider from a stack reference I get this error:

error: Running program '/Volumes/Projects/Credijusto/infra/applications/prometheus-operator' failed with an unhandled exception:
    TypeError: provider.getPackage is not a function
        at convertToProvidersMap (/Volumes/Projects/Credijusto/infra/node_modules/@pulumi/pulumi/resource.js:198:25)
        at new Resource (/Volumes/Projects/Credijusto/infra/node_modules/@pulumi/pulumi/resource.js:147:19)
        at new ComponentResource (/Volumes/Projects/Credijusto/infra/node_modules/@pulumi/pulumi/resource.js:335:9)
        at new CollectionComponentResource (/Volumes/Projects/Credijusto/infra/node_modules/@pulumi/kubernetes/yaml/yaml.js:60:9)
        at new Chart (/Volumes/Projects/Credijusto/infra/node_modules/@pulumi/kubernetes/helm/v2/helm.js:62:9)
        at Object.<anonymous> (/Volumes/Projects/Credijusto/infra/applications/prometheus-operator/index.ts:8:1)
        at Module._compile (internal/modules/cjs/loader.js:776:30)
        at Module.m._compile (/Volumes/Projects/Credijusto/infra/node_modules/ts-node/src/index.ts:439:23)
        at Module._extensions..js (internal/modules/cjs/loader.js:787:10)
        at Object.require.extensions.<computed> [as .ts] (/Volumes/Projects/Credijusto/infra/node_modules/ts-node/src/index.ts:442:12)

    (node:99408) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

I can get around this one defining the

providers

in the ComponentResourceOptions param (

providers: { kubernetes: myProvider }

), but then the following happens:

error: Running program '/Volumes/Projects/Credijusto/infra/applications/prometheus-operator' failed with an unhandled exception:
    TypeError: provider.urn.promise is not a function
        at /Volumes/Projects/Credijusto/infra/node_modules/@pulumi/pulumi/runtime/resource.js:226:52
        at Generator.next (<anonymous>)
        at fulfilled (/Volumes/Projects/Credijusto/infra/node_modules/@pulumi/pulumi/runtime/resource.js:17:58)
    error: Running program '/Volumes/Projects/Credijusto/infra/applications/prometheus-operator' failed with an unhandled exception:
    TypeError: provider.urn.promise is not a function
        at /Volumes/Projects/Credijusto/infra/node_modules/@pulumi/pulumi/runtime/resource.js:226:52
        at Generator.next (<anonymous>)
        at fulfilled (/Volumes/Projects/Credijusto/infra/node_modules/@pulumi/pulumi/runtime/resource.js:17:58)
    error: Running program '/Volumes/Projects/Credijusto/infra/applications/prometheus-operator' failed with an unhandled exception:
    TypeError: provider.urn.promise is not a function
        at /Volumes/Projects/Credijusto
.
.
.
// It happens recursively.

Any clues on this?

In our ci that runs on our

develop

branch, we execute

pulumi preview

as a sanity check before it is merged to

master

. Generally speaking, our gcloud credentials are provided via env

GOOGLE_CLOUD_KEYFILE_JSON

. Is there a recent pulumi update that could be causing:

error: Get <https://35.226.191.153/openapi/v2?timeout=32s>: error executing access token command "gcloud config config-helper --format=json": err=exit status 1 output= stderr=ERROR: (gcloud.config.config-helper) You do not currently have an active account selected.
Please run:

  $ gcloud auth login

I haven’t any idea why a gcloud config would be called here in our ci.