flat-australia-79845
06/23/2020, 2:48 PMconfig: gcp:region
and gcp:project
values from the configuration file?acoustic-leather-68121
06/23/2020, 2:58 PMcalm-pizza-15027
06/23/2020, 6:37 PMcalm-pizza-15027
06/23/2020, 6:44 PMconst myappV1 = new gcp.appengine.FlexibleAppVersion("myappV1", {
versionId: "v1",
project: gaeApi.project,
service: "default",
runtime: "java",
servingStatus: "STOPPED",
deployment: {
zip: {
sourceUrl: pulumi.interpolate`<https://storage.googleapis.com/${bucket.name}/${war.name}>`,
},
},
livenessCheck: {
path: "/v2b/recommendations/liveness_check",
timeout: "4s",
checkInterval: "30s",
failureThreshold: 4,
successThreshold: 2,
},
readinessCheck: {
path: "/v2b/recommendations/readiness_check",
timeout: "5s",
checkInterval: "8s",
failureThreshold: 3,
successThreshold: 2,
appStartTimeout: "300s",
},
handlers: [],
automaticScaling: {
maxTotalInstances: 1,
coolDownPeriod: "120s",
cpuUtilization: {
targetUtilization: 0.5,
},
},
noopOnDestroy: true,
});
sticky-kitchen-61063
06/23/2020, 6:58 PMimport { config } from "./config";
and const config = new pulumi.Config();
fairly often. The first seems to be for passing module outputs, and the second is for the stack config. Is there a best practice for how people combine those two? Obviously I could just rename one something else, but I'm curious as to common patterns that other users have found. Should I be loading pulumi.Config()
in my config.ts and combining other modules outputs into a merged config object?stocky-lion-56153
06/23/2020, 8:23 PMstocky-lion-56153
06/23/2020, 8:25 PMname: Provision and deploy
on: [push]
jobs:
deployment:
runs-on: ubuntu-latest
name: Deploy
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 1
- name: Make temp session on AWS
id: aws-session
uses: <docker://mowat27/aws-session-action>
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_ASSUME_ROLE_ARN: ${{ secrets.AWS_ASSUME_ROLE_ARN }}
AWS_DEFAULT_REGION: eu-west-1
- uses: <docker://pulumi/actions>
with:
args: up --yes
env:
AWS_ACCESS_KEY_ID: ${{ steps.aws-session.outputs.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ steps.aws-session.outputs.AWS_SECRET_ACCESS_KEY }}
AWS_SESSION_TOKEN: ${{ steps.aws-session.outputs.AWS_SESSION_TOKEN }}
AWS_REGION: eu-west-1
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_CI: up
stocky-lion-56153
06/23/2020, 8:25 PMstocky-lion-56153
06/23/2020, 8:26 PMmysterious-pilot-36551
06/23/2020, 8:35 PMrequire
is great if your configuration is small, but my configuration has multiple elements that can be nested two or three times. Just curious if there is something provided by the Pulumi library before I go off and write my own.few-pillow-1133
06/24/2020, 6:47 AMconfig looks like so
config:
aws:profile: ...
aws:region: eu-west-1
aws:sharedCredentialsFile: ...
aws:skipCredentialsValidation: "true"
aws:skipRequestingAccountId: "true"
clt-resource-base:data:
networks:
virtual_private_cloud:
name: mmawseuclientdevVPC
imp_res: true
id: ....
owner_id: ...
cidr_block: ...
enable_dns_support: true
enable_dns_hostnames: true
tags:
- ...
and the actual code
import pulumi
import pulumi_aws as aws
from pulumi import ResourceOptions
config = pulumi.Config()
config_data = config.require_object("data")
print (f'{config_data}')
mmawseuclientdev_vpc_config = config_data['networks']['virtual_private_cloud']
mmawseuclientdev_vpc_res_imp = ResourceOptions(import_=mmawseuclientdev_vpc_config['id']) if mmawseuclientdev_vpc_config['imp_res'] else None
mmawseuclientdev_vpc = aws.ec2.Vpc(
mmawseuclientdev_vpc_config['name'],
cidr_block=mmawseuclientdev_vpc_config['cidr_block'],
enable_dns_support=mmawseuclientdev_vpc_config['enable_dns_support'],
enable_dns_hostnames=mmawseuclientdev_vpc_config['enable_dns_hostnames'],
tags=mmawseuclientdev_vpc_config['tags'],
opts=mmawseuclientdev_vpc_res_imp
)
bitter-australia-87528
06/24/2020, 7:03 AMpolite-night-3633
06/24/2020, 8:54 AM===
rename a pulumi project ===
rhythmic-finland-36256
06/24/2020, 9:33 AMRandomPassword
resource, assigned it to a service principal for an ACR but forgot to set additionalSecretOutputs
in the first place. Performing this change afterwards doesn’t have an effect on the output (and thus also not on the pulumi state). Is there a way to trigger this without modifying the resource? (I’m aware that if the password was unencrypted once, it needs to be changed, too). Just wondering if this is intended, that adding the additionalSecretOutputs
doesn’t affect the state…nice-football-42636
06/24/2020, 12:02 PMCLI
itself, the authorization to pulumi service & to azure is targeted for the project.
But we want to be absolutely sure, that nobody can touch the production except our deployment pipelines. But we find having 6 different projects in codebase quite ugly to accomplish only that one thing.
Am I missing something? Can we achieve the restriction for given stack in some other way? Through some special environment variable or something?ambitious-father-68746
06/24/2020, 3:55 PMgray-city-50684
06/24/2020, 5:31 PMfamous-kite-69533
06/24/2020, 8:15 PMcontroller.metrics.serviceMonitor.additionalLabels
to one label in particular, but I don't know in which format. If I try just setting that property to an object with the label as a property, pulumi fails because the manifest is not in the expected format or something like that. If I set is as a string, like "{ release: 'prometheus-operator' }"
it errors with error converting YAML to JSON: yaml: line 12: could not find expected ':'
. You can see how additionalLabels
is used in the service monitor template at https://github.com/helm/charts/blob/master/stable/nginx-ingress/templates/controller-servicemonitor.yaml. Any idea of how to get it working? Thanks!wet-egg-6347
06/24/2020, 10:14 PMpanic: fatal: An assertion has failed: Expected diff to not require deletion or replacement during Update of urn:pulumi:production::bos::aws:msk/cluster:Cluster::kafka
goroutine 30 [running]:
<http://github.com/pulumi/pulumi/sdk/v2/go/common/util/contract.failfast(...)|github.com/pulumi/pulumi/sdk/v2/go/common/util/contract.failfast(...)>
/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi/sdk/v2@v2.1.1-0.20200508232528-aa313aecf8a0/go/common/util/contract/failfast.go:23
<http://github.com/pulumi/pulumi/sdk/v2/go/common/util/contract.Assertf(0xc0008d3200|github.com/pulumi/pulumi/sdk/v2/go/common/util/contract.Assertf(0xc0008d3200>, 0x69d26e0, 0x48, 0xc00066f728, 0x1, 0x1)
/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi/sdk/v2@v2.1.1-0.20200508232528-aa313aecf8a0/go/common/util/contract/assert.go:33 +0x197
<http://github.com/pulumi/pulumi-terraform-bridge/v2/pkg/tfbridge.(*Provider).Update(0xc000501680|github.com/pulumi/pulumi-terraform-bridge/v2/pkg/tfbridge.(*Provider).Update(0xc000501680>, 0x73307c0, 0xc000fbd200, 0xc000212000, 0xc000501680, 0x5d1e201, 0xc000282440)
/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi-terraform-bridge/v2@v2.3.1/pkg/tfbridge/provider.go:825 +0x81d
<http://github.com/pulumi/pulumi/sdk/v2/proto/go._ResourceProvider_Update_Handler.func1(0x73307c0|github.com/pulumi/pulumi/sdk/v2/proto/go._ResourceProvider_Update_Handler.func1(0x73307c0>, 0xc000fbd200, 0x67272a0, 0xc000212000, 0x671dca0, 0xaec2240, 0x73307c0, 0xc000fbd200)
/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi/sdk/v2@v2.1.1-0.20200508232528-aa313aecf8a0/proto/go/provider.pb.go:1920 +0x89
<http://github.com/grpc-ecosystem/grpc-opentracing/go/otgrpc.OpenTracingServerInterceptor.func1(0x73307c0|github.com/grpc-ecosystem/grpc-opentracing/go/otgrpc.OpenTracingServerInterceptor.func1(0x73307c0>, 0xc000fbc1e0, 0x67272a0, 0xc000212000, 0xc000ef8240, 0xc000ef8260, 0x0, 0x0, 0x72785e0, 0xc0003eb220)
/home/travis/gopath/pkg/mod/github.com/grpc-ecosystem/grpc-opentracing@v0.0.0-20180507213350-8e809c8a8645/go/otgrpc/server.go:57 +0x2f9
<http://github.com/pulumi/pulumi/sdk/v2/proto/go._ResourceProvider_Update_Handler(0x67d2d80|github.com/pulumi/pulumi/sdk/v2/proto/go._ResourceProvider_Update_Handler(0x67d2d80>, 0xc000501680, 0x73307c0, 0xc000fbc1e0, 0xc0004641e0, 0xc000858060, 0x73307c0, 0xc000fbc1e0, 0xc000c7ca80, 0x952)
/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi/sdk/v2@v2.1.1-0.20200508232528-aa313aecf8a0/proto/go/provider.pb.go:1922 +0x14b
<http://google.golang.org/grpc.(*Server).processUnaryRPC(0xc0002d56c0|google.golang.org/grpc.(*Server).processUnaryRPC(0xc0002d56c0>, 0x7355b00, 0xc000501b00, 0xc000214300, 0xc00090d860, 0xae94738, 0x0, 0x0, 0x0)
/home/travis/gopath/pkg/mod/google.golang.org/grpc@v1.28.0/server.go:1082 +0x4fd
<http://google.golang.org/grpc.(*Server).handleStream(0xc0002d56c0|google.golang.org/grpc.(*Server).handleStream(0xc0002d56c0>, 0x7355b00, 0xc000501b00, 0xc000214300, 0x0)
/home/travis/gopath/pkg/mod/google.golang.org/grpc@v1.28.0/server.go:1405 +0xd23
<http://google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc0008dd100|google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc0008dd100>, 0xc0002d56c0, 0x7355b00, 0xc000501b00, 0xc000214300)
/home/travis/gopath/pkg/mod/google.golang.org/grpc@v1.28.0/server.go:746 +0xbb
created by <http://google.golang.org/grpc.(*Server).serveStreams.func1|google.golang.org/grpc.(*Server).serveStreams.func1>
/home/travis/gopath/pkg/mod/google.golang.org/grpc@v1.28.0/server.go:744 +0xa1
error: update failed
any clue what might be happening?kind-mechanic-53546
06/24/2020, 10:56 PMOutput<string>
is to apply
it?modern-fish-59364
06/24/2020, 11:26 PMlittle-cartoon-10569
06/24/2020, 11:27 PMapply
the entire stack?many-jordan-46874
06/25/2020, 12:19 AMupdating urn:pulumi:dev::infra::awsx:x:ecs:FargateService$aws:ecs/service:Service::backend: timeout while waiting for state to become 'true' (last state: 'false', timeout: 10m0s)
All other steps run just fine, and ultimately the service does finish deploying in AWS and end up on the right state.best-lifeguard-91445
06/25/2020, 12:21 AMcold-iron-6673
06/25/2020, 12:07 PMcold-iron-6673
06/25/2020, 12:10 PMcold-iron-6673
06/25/2020, 12:11 PMsparse-intern-71089
06/25/2020, 2:12 PMbest-lifeguard-91445
06/25/2020, 3:10 PMconst loadbalancer_sg = new awsx.ec2.SecurityGroup(`lb-${region}-${environment}-${service.name}-sg`, {
vpc: vpc,
ingress: [],
egress: [],
})
listener = new awsx.elasticloadbalancingv2.ApplicationLoadBalancer(`lb-${region}-${environment}-${service.name}`, {
name: `lb-use1-${environment}-${service.name}`,
vpc: vpc,
subnets: vpc.getSubnetsIds('public'),
external: true,
securityGroups: [loadbalancer_sg.id]
})
cool-egg-852
06/25/2020, 3:23 PMcool-egg-852
06/25/2020, 3:23 PMbroad-dog-22463
06/25/2020, 3:25 PMcool-egg-852
06/25/2020, 3:26 PMbroad-dog-22463
06/25/2020, 3:27 PMcool-egg-852
06/25/2020, 3:27 PMbroad-dog-22463
06/25/2020, 3:29 PMcool-egg-852
06/25/2020, 3:30 PMUsage
in the README says that there is no CMD, but the Dockerfile
does have CMD
set. Not sure which is correct.broad-dog-22463
06/25/2020, 3:31 PMcool-egg-852
06/25/2020, 3:33 PMpulumi/pulumi:nodejs
, pulumi/pulumi:nodejs-slim
makes a lot more sense to me.pulumi/pulumi:nodejs
then becomes the same as the main image, but with only nodejs
, not .net and python and such. And the -slim
variant is what you have currently built.broad-dog-22463
06/25/2020, 3:37 PMcool-egg-852
06/25/2020, 3:38 PMbroad-dog-22463
06/25/2020, 3:42 PMcool-egg-852
06/25/2020, 3:45 PMbroad-dog-22463
06/25/2020, 3:48 PMbillowy-army-68599
06/25/2020, 4:18 PMCMD
erroneously, I'll get that fixed up
I'll respond to the comment about the extra tooling in the GitHub issue