we started to split stuff into 'layers' so that e.g. deploying apps to kube didnt involve checking or refreshing any of the infrastructure around it

also less risk of accidentally nuking everything

Learning about ComponentResource, I checked https://github.com/pulumi/pulumi-eks/blob/master/nodejs/eks/cluster.ts as an example. Class have multiple public properties, but only one of them is

pulumi.Output<>

and it is the only passed to

this.registerOutputs()

, why is that?

how can I configure ambient provider from index.ts itself without reparenting all resources under ComponentResource? I have bootstrap pulumie project with a single stack which creates GCP projects and service accounts with key made available in stack output. Idea is that individual pulumi projects should then reference that stack get key from it's output and then configure ambient provider to use it

I can probably do that with bash, but would prefer to do it natively

checks time in Seattle

0704 😉

Any ideas on how to import a regionless (global) static ip? I tried with a custom provider but still hitting this:

Cannot determine region: set in this resource, or set provider-level 'region' or 'zone'

@bitter-island-28909 https://www.pulumi.com/docs/reference/organizing-stacks-projects/

We break up our infrastructure per application (basically per github repo), but contain all of the pulumi projects in a single git repo called

infrastructure

We’re having an issue with a k8s deployment being stuck on updating though it isn’t actually updating anything. This is critically breaking us from being able to deploy updated applications because it’s breaking CI with it being stuck.

we're having weird issues with that too, it constantly wants to redeploy a set of pods but there are no changes so it never completes

How would I get something like this to work, the aws.route53.Records don't seem to get executed:

const cert = new aws.acm.Certificate("cert", {
        domainName             : opts.domainName,
        subjectAlternativeNames: opts.sans,
        validationMethod       : "DNS",
    });
    const certValidations = cert.domainValidationOptions.apply((validationOptions) => {
        return validationOptions.map((validationOption, i) => {
            const resourceName = `cert_validation${i}`;
            return new aws.route53.Record(resourceName, {
                records: [validationOption.resourceRecordValue],
                ttl: 60,
                type: validationOption.resourceRecordType,
                zoneId: zone.id,
            })
        });
    });

    const certValidation = new aws.acm.CertificateValidation("cert", {
        certificateArn: cert.arn,
        validationRecordFqdns: certValidations.apply((validations) => {
            return validations.map(validation => validation.fqdn);
        })
    })

Can anyone recommend the best way to import TypeScript code (i.e. a an Obiect that contains several methods) into a lambda definition?

The graph view on the Pulumi platform is nice, but the Pulumi component view is not what I am (mainly) interested in: I would like to know the dependencies between the individual resources, with only the Pulumi components as a bounding box around the set of resources it contains. As an example, I drew part of an

awsx.ec2.Vpc

component resource. The outer box is the

awsx.ec2.Vpc

, the nested boxes are (left-to-right) an

awsx.ec2.NatGateway

and 2

awsx.ec2.Subnet

components. But the arrows show the dependency over all the individual resources.

Hi,

pulumi up

crashes with

Error: spawnSync /bin/sh ENOBUFS

when provisioning a big chart (prometheus-operator). Is it a known issue?

https://github.com/pulumi/examples/tree/master/azure-ts-aks-helm Trying this example and get the error:

error: update failed
azuread:index:Application (aks):
    error: Plan apply failed: graphrbac.ApplicationsClient#Create: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="Unknown" Message="Unknown service error" Details=[{"odata.error":{"code":"Authorization_RequestDenied","date":"2019-08-11T21:19:24","message":{"lang":"en","value":"Insufficient privileges to complete the operation."},"requestId":"4d94460c-0c44-42bc-bb90-aa64422d33fa"}}]

There is a high-level diagram of how the pulumi runtime processes fit together on https://www.pulumi.com/docs/reference/how/ Is there any more detailed diagram available somewhere? Just to gain more knowledge on the internals... 😉

What is recommended way to deal with .getOutput("...") result in typescript? For now I do

.getOutput("...") as pulumi.Output<InterfaceIExpect>

which is probably not very change safe. I am not sure it is possible, I am not fluent with TypeScript, but it would be really nice if Pulumi exported type definitions too and did

require

them inside

getOutput

, this way result would by typed and any breaking changes in shape of exported object would be caught at plan stage

Just sharing some typesafety tricks I am learning along the way. Lets say you create resources in a table-driven way. Resources have

*Args

argument some fields of which are mandatory and it just happens so that you want to some mandatory fields come from default set and some to be specified in each row of your "table". There is a

Partial<T>

type in Typescript, but it doesn't allow you to assemble 2 partials back into

T

, because it can't verify at compile time that all required fields are going to be there. Here is how I solved it with

PartialExcept<T,E>

, where it makes T's fields all partial, except for those listed in `E`:

type PartialExcept<T,E extends keyof T> = Partial<T> & Pick<T,E>;

Hey, Wondered if anyone new a way to actually capture errors from pulumi

try{
      NatGw = aws.ec2.getNatGateway({
        tags: {
          Name: "RCS-CDR"
        }
      });
    } catch(err){
      // Craete a New NAT GW here ... 
    }

The error is not caught but it's thrown in my terminal after pulumi up. I'd like to catch the error and create a new resource if the gatway with the name

RCS-CDR

does not exist

We created trial org and selected "Monthly" payment plan, I'd like to switch to annual billing plan before adding payment info, but "switch to annual billing" gives me 500 error, please help 🙂

X-Pulumi-RequestId: 7fe7fe79-c8ae-4467-8cad-e52b111e09f3

is there any way to debug a 'promise leak' the stack output doesnt show anything interesting

does

pulumi plugins install

call home? we have CI with no internet access it takes 2.5 minutes, while actual file fetch takes <1 second:

+ date
+ pulumi plugin install resource gcp v0.18.15 --server <http://local-proxy.corp:8000/api.pulumi.com/releases/plugins> --verbose --logtostderr
Mon Aug 12 16:09:38 UTC 2019
[resource plugin gcp-0.18.15] installing
[resource plugin gcp-0.18.15] downloading from <http://local-proxy.corp:8000/api.pulumi.com/releases/plugins>

Downloading plugin:  0 B / 27.96 MiB    0.00%[resource plugin gcp-0.18.15] installing tarball ...

Downloading plugin:  6.12 MiB / 27.96 MiB   21.89%
Downloading plugin:  12.03 MiB / 27.96 MiB   43.03%
Downloading plugin:  21.53 MiB / 27.96 MiB   77.01%
Downloading plugin:  27.96 MiB / 27.96 MiB  100.00% 0s
Moving plugin... done.
+ date
Mon Aug 12 16:12:10 UTC 2019

hmm, this one succeeds during plan , but fails during apply where resource is created for the first time 😞 I'd expect it to fail during compilation due to missing field or at least at preview:

const vpc = new gcp.compute.Network("main", {
    autoCreateSubnetworks: false
});

+  gcp:compute:Network main creating 
 +  gcp:compute:Network main creating error: Plan apply failed: project: required field is not set
 +  gcp:compute:Network main **creating failed** error: Plan apply failed: project: required field is not set

is there a way to use a kubernetes service's load balancer ip for creating a dns record? i'm using typescript and i'm getting an

Output<string>

is not an

Input<string>

error.

Hello I am running Pulumi with GitlabCI and I noticed that the pulumi/pulumi:v0.17.10 image does not have a docker daemon. Is this expected? Did anyone encounter the error.

Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

I brought down my stack with

pulumi destroy

, and now i can't bring it up any more, i just get

Error: Unexpected struct type.

any idea what the problem might be? diagnostic messages are unhelpful, it only shows points in pulumi libraries.

(it seems to be failing some protobuf stuff)