fresh-summer-65887
08/13/2019, 12:33 PMpendingOperations
section.
- pulumi refresh
states "No resources will be modified as part of this refresh"
- pulumi preview
wants to delete
then create
with a knock effect for other resources
- pulumi up
hangs trying to complete the delete operation so I have to do a pulimi cancel
Really scratching my head with this one. Any ideas?best-xylophone-83824
08/13/2019, 2:12 PMthankful-optician-22583
08/13/2019, 3:21 PMconst repository = new awsx.ecr.Repository(config.require("ecr-server"));
const image = repository.buildAndPushImage("../../");
const provider = env == "dev" ?
new k8s.Provider("myk8s", {context: kubernetesConfig.get("context")}) :
new k8s.Provider("myk8s", {
kubeconfig: new terraform.state.RemoteStateReference("eks", {
backendType: "s3",
bucket: "XXXXXXXt",
key: "XXXXXXX",
workspace: "XXXXX",
region: "us-east-1"
}).getOutput("kubectl_config")});
My Pulumi preview stage looks like this:
image:
name: pulumi/pulumi:v0.17.10
entrypoint:
- '/usr/bin/env'
- 'PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
services:
- docker:stable-dind
variables:
DOCKER_HOST: <tcp://localhost:2375/>
DOCKER_DRIVER: overlay2
DOCKER_TLS_CERTDIR: "/certs"
before_script:
- printenv
- docker info
script:
- cd $working_dir
- echo $DOCKER_HOST
- npm install
- pulumi stack select staging
- pulumi preview
only:
refs:
- branches
- tags
When I run CI pipeline it fails here:
Diagnostics:
awsx:ecr:Repository (<http://XXXXXXXXX.dkr.ecr.us-east-1.amazonaws.com/python-building-block|XXXXXXXXX.dkr.ecr.us-east-1.amazonaws.com/python-building-block>):
error: read tcp 127.0.0.1:33706->127.0.0.1:2376: use of closed network connection
2019/08/13 15:12:14 http2: server: error reading preface from client 127.0.0.1:2376: bogus greeting "Client sent an HTTP requ"
error: Error: 'docker build ../../ -t 7cb86392-container' failed with exit code 1
at /builds/karauctionservices/traderev/python-building-block/python_building_block/pulumi/node_modules/@pulumi/docker.ts:536:15
at Generator.next (<anonymous>)
at fulfilled (/builds/karauctionservices/traderev/python-building-block/python_building_block/pulumi/node_modules/@pulumi/docker/docker.js:17:58)
Permalink: <https://app.pulumi.com/calvin.raveenthran/python-building-block/staging/previews/f7fb9ae7-4f1a-4361-b831-56dd49b0c51e>
Did anyone encounter this error? Client sent a http request to a https server
best-xylophone-83824
08/13/2019, 3:23 PMorange-policeman-59119
08/13/2019, 4:01 PMk8s.scope.resource.get
behave if the resource specified is absent? Is it a fallible operation?
I ask because I would like to deploy an operator in one (shared) place, which defines CRDs.
Then, if and only if the CRDs exist, in other stacks use them to deploy additional components.
Example:
Prometheus Operator chart defines a ServiceMonitor CRD, the service monitor object defines a set of targets to scrape for metrics. Other stacks should deploy ServiceMonitor resources in their namespaces, but only if the CRD exists.bitter-dentist-28132
08/13/2019, 5:05 PMk8s.helm.v2.Chart
, what's the "best" way to grab the ip for the service?bitter-dentist-28132
08/13/2019, 5:12 PMgetResource
function.... i guess that's how 🙂orange-tailor-85423
08/13/2019, 5:23 PMorange-tailor-85423
08/13/2019, 5:23 PMbitter-dentist-28132
08/13/2019, 5:32 PMgetResourceProperty
results in errors 😞modern-bear-85657
08/13/2019, 6:02 PMelegant-crayon-4967
08/13/2019, 6:19 PMaws.secretsmanager
but the documentation has me confused on how I actually pass the secret into my resource. Anybody have an example?thankful-optician-22583
08/13/2019, 7:35 PMCould not create watcher for ReplicaSet objects associated with Deployment
bitter-island-28909
08/13/2019, 8:44 PMbitter-dentist-28132
08/13/2019, 8:46 PMdependsOn
for thatbitter-dentist-28132
08/13/2019, 10:10 PMbitter-dentist-28132
08/13/2019, 10:10 PMworried-engineer-33884
08/13/2019, 11:16 PMsquare-ability-48831
08/14/2019, 12:51 AMaws.dynamodb.getTable({name: 'mytablename'})
is what i need to get the resource. tried wrapping in an async function but it seems to just not build the resource at all.cool-egg-852
08/14/2019, 4:53 AMbillions-fall-36374
08/14/2019, 9:50 AMhelpful-afternoon-80621
08/14/2019, 11:13 AMconst allowTls = new aws.ec2.SecurityGroup('allowTls', {
description: 'Allow TLS inbound traffic',
ingress: [
{
cidrBlocks: '',
fromPort: 443,
protocol: 'tcp',
toPort: 443
}
],
tags: {
Name: 'allowAll'
}
});
I'm getting a long cryptic typescript error that isn't much use in indicating what is actually wrong.
Error:(12, 56) TS2345: Argument of type '{ description: string; ingress: { cidrBlocks: string; fromPort: number; protocol: string; toPort: number; }[]; tags: { Name: string; }; }' is not assignable to parameter of type 'SecurityGroupArgs'.
Types of property 'ingress' are incompatible.
Type '{ cidrBlocks: string; fromPort: number; protocol: string; toPort: number; }[]' is not assignable to type 'Input<{ cidrBlocks?: Input<string>[] | Promise<Input<string>[]> | OutputInstance<Input<string>[]> | undefined; description?: string | Promise<string> | OutputInstance<string> | undefined; ... 6 more ...; toPort: Input<...>; }>[] | Promise<...> | OutputInstance<...> | undefined'.
Type '{ cidrBlocks: string; fromPort: number; protocol: string; toPort: number; }[]' is not assignable to type 'Input<{ cidrBlocks?: Input<string>[] | Promise<Input<string>[]> | OutputInstance<Input<string>[]> | undefined; description?: string | Promise<string> | OutputInstance<string> | undefined; ... 6 more ...; toPort: Input<...>; }>[]'.
Type '{ cidrBlocks: string; fromPort: number; protocol: string; toPort: number; }' is not assignable to type 'Input<{ cidrBlocks?: Input<string>[] | Promise<Input<string>[]> | OutputInstance<Input<string>[]> | undefined; description?: string | Promise<string> | OutputInstance<string> | undefined; ... 6 more ...; toPort: Input<...>; }>'.
Type '{ cidrBlocks: string; fromPort: number; protocol: string; toPort: number; }' is not assignable to type '{ cidrBlocks?: Input<string>[] | Promise<Input<string>[]> | OutputInstance<Input<string>[]> | undefined; description?: string | Promise<string> | OutputInstance<string> | undefined; ... 6 more ...; toPort: Input<...>; }'.
Types of property 'cidrBlocks' are incompatible.
Type 'string' is not assignable to type 'Input<string>[] | Promise<Input<string>[]> | OutputInstance<Input<string>[]> | undefined'.
Running v0.17.28.
Thanksbest-xylophone-83824
08/14/2019, 1:01 PMbusy-pizza-73563
08/14/2019, 1:06 PMFound incompatible versions of @pulumi/pulumi. Differing major or minor versions are not supported.
Version 0.17.28 referenced at node_modules\@pulumi\kubernetes\node_modules\@pulumi\pulumi\package.json
Version 1.0.0-beta.2 referenced at node_modules\@pulumi\pulumi\package.json
Is this known / expected?best-xylophone-83824
08/14/2019, 1:22 PMPreviewing update ($NEWORG/prod):
error: could not deserialize deployment: decrypting secret value: [404] Not Found: Organization '$OLDORG' not found
best-xylophone-83824
08/14/2019, 3:59 PMpulumi.output(new gcp.compute.Subnetwork("z", {ipCidrRange: "111", network: "zzz"})).name;
Error on `tsc --noEmit`:
Property 'name' does not exist on type 'OutputInstance<Subnetwork>'.
16 pulumi.output(new gcp.compute.Subnetwork("z", {ipCidrRange: "111", network: "zzz"})).name;
little-energy-64187
08/14/2019, 5:55 PMconst dbUser = new gcp.sql.User("myuser", {
instance: dbInstance.name,
name: "project/instancename/myuser"
}, { import: "project/instancename/myuser" })
ends up in Preview failed: reading resource urn:pulumi:projectname::stackname::gcp:sql/user:User::project/instancename/myuser yielded an unexpected ID; expected project/instancename/myuser, got myuser//instancename
little-energy-64187
08/14/2019, 5:59 PMbillowy-laptop-45963
08/14/2019, 6:13 PMadamant-dress-73325
08/14/2019, 7:48 PMpulumi new
but now the project name is not showing up on the dashboard. I made sure that the project name in Pulumi.yaml was set correct, any reason why stack init
wouldn't name these correctly?adamant-dress-73325
08/14/2019, 7:48 PMpulumi new
but now the project name is not showing up on the dashboard. I made sure that the project name in Pulumi.yaml was set correct, any reason why stack init
wouldn't name these correctly?cool-egg-852
08/14/2019, 8:05 PMclever-sunset-76585
08/14/2019, 9:07 PMSo if you do not have repository integration, I believe it will be empty like thatYes, I believe this is the case. cc @colossal-beach-47527 to keep me honest here.
colossal-beach-47527
08/14/2019, 9:12 PMpulumi stack init
, but will be available after you run pulumi up
. (Since as part of the update, we look if you are running within a git
repo, and if so, inspect the origin if it is a GitHub repo, etc.)
So it makes sense that the repo would be blank for a newly created stack.
The project name and stack name should be set when you run pulumi stack init
. The project name is what is found in Pulumi.<stack-name>.yaml
, and is at the top of the “card with a white background”. The individual stack name is the label on each of those “purple rectangles” found on the project-card.adamant-dress-73325
08/14/2019, 9:59 PMPulumi.yaml
location for the repo? because for 1 of those shown, I've already run an update and it is located inside a git repocolossal-beach-47527
08/14/2019, 10:52 PMdoes the tool lookup recursively fromYes, I believe that is the case. Depending on the specific repo is configured though, we may not be pulling your repository information. We only check for a remote namedlocation for the repo?Pulumi.yaml
origin
, and only then IFF the URI matches certain well-known forms. (i.e. we err on the side of only persisting data we can parse/extract rather than just including the raw remote URI.)
The specific code is here. If something seems amiss, and we should be pulling the repo information but are not, please file an issue and I can update the logic to detect your specific SCC provider, etc.
https://github.com/pulumi/pulumi/blob/952b6d0d89f73c41bba57cf08f81847c0295c22d/cmd/util.go#L424
https://github.com/pulumi/pulumi/blob/952b6d0d89f73c41bba57cf08f81847c0295c22d/pkg/util/gitutil/git.go#L133best-xylophone-83824
08/15/2019, 9:24 AMadamant-dress-73325
08/15/2019, 4:06 PMorigin
remotes on those. We are switching to github either way so no big deal just have to change our origin remotes there.colossal-beach-47527
08/15/2019, 5:25 PMorigin
of your git
remote (change the domain/values if they are sensitive). Knowing the domain and/or URL structure, I can add support for those systems in Pulumi so things “just work” for you in the future.
As far as what you are missing out on, only two things come to mind.
- Like you called out at the beginning of this thread, we won’t be able to group your Pulumi Projects by their source repo when on your organization’s dashboard. That can be helpful to filter stacks, e.g. just hone in on the projects/stacks within your “website” or “data-tier” repository.
- On the “stack activity page”, we link to the repo commit that the update was deployed at in some cases. (Since e.g. for GitHub repos, if we know the branch, repo, and commit we can build the right URL to send you to.) So it’s possible we could do something similar and link to a private GitLab instance or Phabricator instance.best-xylophone-83824
08/15/2019, 5:29 PMSo it’s possible we could do something similar and link to a private GitLab instance or Phabricator instance.you can see gitlab URL structure on Gitlab itself it matches private Gitlab URLs, for instance
<https://gitlab.com/gitlab-org/gitlab-ce>
. You probably wont be able to reliably detect SCM , so if it was exposed somehow for us to set it can helpadamant-dress-73325
08/15/2019, 5:41 PMRepo Name > Project Name > Stack Name
to Project Name > Stack Name
and keep the repo icon around as a nice to have for common SCMs.