I'm having a bad time with referencing output from another stack in a k8s configmap as part of a string. The result is that pulumi includes an error in my configmap. How can I pull this off?

Is there an easy way to move state from one project:stack to another project:stack?

@broad-dog-22463 How come some

get

resource type methods don’t have optional results? That means you can’t query it to check the response is null before proceeding to create it.

Btw the github bot doesn't work if you do a PR from a branch on a fork. Using Github/Azure Pipelines.

GroupPolicy

for instance has a

get

method but it doesn’t return optional. Neither does

aws.route53.getZone()

.

Also this part of the docs is outdated. https://www.pulumi.com/docs/guides/crosswalk/aws/iam/#iam-users

new aws.iam.AccessKey("webmasterKey", { user });

Should be

new aws.iam.AccessKey("webmasterKey", { user: user.name });

how do you handle errors in a dynamic resource please? i've tried rejecting the promise but the stack just sits at deploying forever and get a warning about unhandled promise rejection

Any idea to solve this?

is there a way to get a provider's config? e.g. to get a provider's

token

if I have a list of aws account outputs and want to map that to an array of account IDs, is

pulumi.all

the right way to do that?

can i upload objects to s3-compatible APIs with

@pulumi/aws

? (so long as i change the endpoint, of course)

Hi everyone, Narendra Sisodiya here. I have 12+ years of rich experience in JavaScript world. I love JS/Node.js. Right now I work for Syngenta as Technical Manager and having team of 15+ developer. Our total dept developer strength is 150+. I am pushing Pulumi in our company. I am really really very impressed by Pulumi and really looking forward to submerge myself into Pulumi world. We are right now doing JS in all 5 levels. 1. css - using js 2. frontend - react 3. backend - nodejs, fastify, mongoose 4. db - mongo 5. infra - EKS with pulumi js Thanks everybody for making Pulumi great. recently I made a quick demo in internal team but in 1-2 week going to present in tech-leads meetings.

I am looking forward for contribution to Pulumi world.

Hi All, I have few questions. we are setting up EKS AWS cluster. 1. What you suggest for monitoring and alerts. 2. What you suggest for Dashboard or generating arch diagrams for cluster. 3. Routing ? example I have cluster with 5 micro-service. earlier each deployed using

'type: 'LoadBalancer'

I got the url using ELB automatically. those urls are very long url. I want to connect using Route53. so, I want to have this kind of urls. https://api.mydomain.com/service1 , https://api.mydomain.com/service2 , after looking some example, I changed type. it is now

type: NodePort

. I may need to create

k8s.networking.v1beta1.Ingress

and use

aws-alb-ingress-controller

and route traffic. I tried and didn't worked because example was not having Route53 specific code. I don't know if it do automatically internally. all micro-services are working fine. deployed successfully. only the routing part is now remaining. So, please help me. 1. All services need

NodePort

or

LoadBalancer

2. What is good url scheme ? https://api_service1.mydomain.com or https://api.mydomain.com/service1 ? Kindly help and suggest. + Also, people suggest me to add API Gateway. where API Gateway comes into this picture?

Does Pulumi provide a arbitrary way to call a custom REST api to create custom resources which then can be managed or would this be a good use case to create a dynamic provider in my project?

@late-printer-99022 I’d suggest CloudWatch insight for monitoring. You can always setup Prometheus and Grafana but that’s one more thing to manage, so I suggest letting AWS manage that.

Curious if there are any plans to integrate Pulumi with the cost side of resource provisioning? i.e. ways to predict cost changes when rolling out a new infrastructure deployment. I've been thinking about ways to manage this as part of our IaC-based deployments.

One thing Pulumi needs to do better at that’s a low hanging fruit, is clear up what type of reference arguments are used between objects. Sometimes it uses arn, sometimes the name, and sometimes the id. Like for

BucketPublicAccessBlockArgs

I tested first using the name and then the arn but it expected the id.

It’s unclear with stringly typed references.

@white-balloon-205 I found a bug. aws:cloudfront/distribution:Distribution Is always pending. I can’t tear down my resources without exporting and manually removing the pending.

-  aws:cloudfront:Distribution s3Distribution deleting

always fails

Hello there, is there a way to store certs in pulumi project without exposing a file with plaintext?

I'm a bit confused about Pulumi's role in "refreshing" resources : for example updating a Lambda, its LambdaLayer or redeploying an API Gateway Isn't that what a CI/CD system is supposed to do ? Where does Pululmi's role stop here ? In my case, I'd like Pulumi to configure Machine Learning services like SageMaker, which involve complex, intertwined configuration (S3 bucket for training data, S3 bucket for outputs, etc.) Should I also use a hashing system in order to determine wether Pulumi should refresh resources, same as the hash uses for Lambda ?

Hello, I'm trying to import existing helm chart resources into Pulumi with:

const redis = new k8s.helm.v2.Chart(
...
    transformations: [
      addNamespace(redisNamespace.metadata.name),
      args => {
        if (args.props.metadata && args.props.metadata.name) {
          return {
            props: args.props,
            opts: pulumi.mergeOptions(args.opts, {
              import: args.props.metadata.name
            })
          };
        }
        return undefined;
      }
    ]
  }
);

However, this fails with

$ pulumi up

 +   ├─ kubernetes:helm.sh:Chart        redis                  create
 =   │  ├─ kubernetes:core:Service      redis-headless         import     1 error
 =   │  ├─ kubernetes:core:ConfigMap    redis                  import     [diff: +data~metadata]; 1 warning
 =   │  ├─ kubernetes:core:ConfigMap    redis-health           import     1 error
 =   │  ├─ kubernetes:core:Service      redis-master           import     1 error
 =   │  ├─ kubernetes:core:Secret       redis                  import     1 error
 =   │  └─ kubernetes:apps:StatefulSet  redis-master           import     1 error
 =   └─ kubernetes:core:Namespace       redis                  import

Diagnostics:
  kubernetes:core:Service (redis-master):
    error: Preview failed: resource 'redis-master' does not exist

  kubernetes:core:Service (redis-headless):
    error: Preview failed: resource 'redis-headless' does not exist

  kubernetes:core:ConfigMap (redis):
    warning: inputs to import do not match the existing resource; importing this resource will fail
...

Errors stating that resource does not exist are wrong - resources are here. The thing is that pulumi checks resources under

default

namespace - I verified it by creating cm

default/redis

and it shows different error for the resource. Another concern is "warning: inputs to import do not match the existing resource; importing this resource will fail" - how do I force pulumi to take over this resource? For now I have to deploy chart into a different namespace, export stack state into a file, edit it by replacing namespace name, destroy resources, and reimport modified state. I.e. I can't just use this import feature of pulumi.

quite frustrated with following problem this is not working

--cluster-name=${synPlatformCluster.eksCluster.name}`

this is also not working.

--cluster-name=${synPlatformCluster.eksCluster.name.apply((v) => `${v}`)}`

getting following notice.

containers                   : [
                        [0]: {
                            args                  : [
                                [0]: "--ingress-class=alb"
                                [1]: "--cluster-name=Calling [toString] on an [Output<T>] is not supported.\n\nTo get the value of an Output<T> as an Output<string> consider either:\n1: o.apply(v => `prefix${v}suffix`)\n2: pulumi.interpolate `prefix${v}suffix`\n\nSee <https://pulumi.io/help/outputs> for more details.\nThis function may throw in a future version of @pulumi/pulumi."
                            ]
                            image                 : "<http://894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-alb-ingress-controller:v1.0.0|894847497797.dkr.ecr.us-west-2.amazonaws.com/aws-alb-ingress-controller:v1.0.0>"
                            imagePullPolicy       : "Always"
                            name                  : "server"
                            terminationMessagePath: "/dev/termination-log"
                        }
                    ]
                    dnsPolicy                    : "ClusterFirst"
                    restartPolicy                : "Always"
                    serviceAccount               : "alb-ingress"
                    serviceAccountName           : "alb-ingress"
                    terminationGracePeriodSeconds: 30
                }
            }

Questions: How I can modify subnet tags using Pulumi ? https://kubernetes-sigs.github.io/aws-alb-ingress-controller/guide/controller/config/#subnet-auto-discovery

@ - it is possible that Pulumi forget to remove some resources ? I have tried https://www.pulumi.com/blog/kubernetes-ingress-with-aws-alb-ingress-controller-and-pulumi-crosswalk/ multiple times and removed resources using deletion of code. Today I found there are 2 ALB load-balancer. So, I think. It forget to remove some load-balancer . I assume, If I comment out the code and run pulumi up, it should remove all resources.

Hello, trying to spin up a digitalocean kubernetes cluster and install a helm chart:

"use strict";
const pulumi = require("@pulumi/pulumi");
const digitalocean = require("@pulumi/digitalocean");
const kubernetes = require("@pulumi/kubernetes");

const region = "sfo2";

const kubernetesVersion = "1.16.2-do.2";

const nodeSize = "s-1vcpu-2gb";
const nodeCount = 1;

const cluster = new digitalocean.KubernetesCluster(
    "kubernetes-cluster",
    {
        region: region,
        version: kubernetesVersion,
        nodePool: {name: "default", size: nodeSize, nodeCount: nodeCount}
    }
);

const kubeconfig = cluster.kubeConfigs[0].rawConfig;

const provider = new kubernetes.Provider("kubernetes-provider", {cluster, kubeconfig});

const chart = new kubernetes.helm.v2.Chart(
    "nginx-ingress-chart",
    {
        repo: "stable",
        chart: "nginx-ingress",
        version: "1.28.3"
    },
    {providers: {kubernetes: provider}});

const controllerStatus = chart.getResourceProperty(
    "v1/Service",
    "nginx-ingress-chart-nginx-ingress-controller",
    "status");

const ipAddress = controllerStatus.apply(status => status.loadBalancer.ingress[0].ip);

module.exports = {ipAddress};

I get

TypeError: Cannot read property 'status' of undefined

. I think it might have something to do with pulumi trying to install the chart before the cluster/provider is created (?). The resource tree shows the chart but not its "contents":

Type                                     Name                 Plan       Info
 +   pulumi:pulumi:Stack                      test-do-k8s-do-k8s   create     1 error
 +   ├─ kubernetes:helm.sh:Chart              nginx-ingress-chart  create     
 +   ├─ digitalocean:index:KubernetesCluster  kubernetes-cluster   create     
 +   └─ pulumi:providers:kubernetes           kubernetes-provider  create