https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • m

    many-psychiatrist-74327

    09/10/2020, 3:27 PM
    👋 hello! Is there a recommended approach to modularizing one’s Pulumi-managed resources into separate groups or systems? As in.. say, in Terraform, you can create different “modules”, and one module can have a “data source” that reads the output of another module. I’m guessing with Pulumi I’d want to have different “projects”. But how do I get one project to read the output from another project? Or is a different approach recommended altogether? Use case: I want to separate my “core infrastructure” (compute, kubernetes, some shared kubernetes resources) from the services that are running on top of it.
    c
    • 2
    • 2
  • w

    worried-umbrella-80893

    09/10/2020, 3:54 PM
    So Pulumi has effectively been unusable for the past 30-60 minutes, because of this slowness.
  • g

    gentle-diamond-70147

    09/10/2020, 3:55 PM
    Hi all, we're investigating the slowness. Stay tuned...
  • f

    faint-table-42725

    09/10/2020, 4:15 PM
    @worried-umbrella-80893 @important-appointment-55126 @loud-battery-37784 Are you still seeing this slowness? We’re not seeing any latency impacts in our dashboards. One thing that would be helpful for us is to eliminate the possibility of network to us-west-2 (where app.pulumi.com and api.pulumi.com are hosted) vs. something specific to our stack. Let’s use this thread to discuss. Could you please run mtr against ec2.us-west-2.amazonaws.com and api.pulumi.com — do you see similar results?
    l
    w
    +3
    • 6
    • 32
  • e

    early-intern-90238

    09/10/2020, 8:23 PM
    Is there a way to define a BackendConfig in Kubernetes? I don't see the type anywhere
  • i

    incalculable-dream-27508

    09/11/2020, 11:40 AM
    Is there a way to get stack name from within the program (python in my case)? I wanted to use it in some names to help ensure uniqueness
    b
    • 2
    • 4
  • s

    steep-angle-29984

    09/11/2020, 11:53 AM
    Is it possible to copy a config from a stack in project A to another stack in project B. I've found
    pulumi stack init --copy-config-from stack
    but can that handle different projects somehow?
    c
    • 2
    • 1
  • i

    incalculable-dream-27508

    09/11/2020, 12:12 PM
    In python I have
    ips = []
    hostnames = []
    (...)
    INSTANCES = {
      i: openstack.compute.Instance(...)
      for i in range(COUNT)
    }
    for srv in INSTANCES:
      ips.append(INSTANCES[srv].access_ip_v4)
      hostnames.append(INSTANCES[srv].name)
    pulumi.export('ips', ips)
    pulumi.export('hostnames', hostnames)
    and that works. I tried adding to it
    exported = {}
    (...)
      exported[INSTANCES[srv].name] = INSTANCES[srv].access_ip_v4
    pulumi.export('nodes', exported)
    to have a dictionary mapping hostname to IP instead of having separate lists, but it very much doesn't like that. Any ideas what I'm doing wrong?
    m
    • 2
    • 2
  • b

    bitter-dentist-28132

    09/11/2020, 2:26 PM
    are there any plans to have a community module registry like what terraform has?
    l
    w
    m
    • 4
    • 4
  • o

    orange-electrician-25669

    09/11/2020, 4:30 PM
    Hi any one can direct me what is the deferent between "github.com/pulumi/pulumi-aws/sdk/v2/" to "github.com/pulumi/pulumi-aws/sdk/v3/" any upgrade path ?
    b
    • 2
    • 6
  • a

    adamant-advantage-95831

    09/11/2020, 4:47 PM
    Hm. It seems as though my Secrets Provider is messed up. Commenting out my
    secretsprovider:
    and
    encryptedkey:
    entries from my stack configuration file seems to fix my
    pulumi preview
    and
    pulumi up
    being stuck commands. if I run
    pulumi stack change-secrets-provider "azurekeyvault://<my-url>.net/keys/<my key>"
    doesn't seem to do anything. -- Alright I'm dumb. Turns out I needed to add
    AZURE_TENANT_ID, AZURE_CLIENT_ID, and AZURE_CLIENT_SECRET
    to my Environment Variables 😛
  • t

    thousands-planet-11416

    09/11/2020, 5:00 PM
    Hello all, I have a general architecture question for the group. I work on many projects but with a similar formula for the stack (cloud infrastructure + kubernetes platform). I love the idea that Pulumi can manage both, but my issue is that I would like to use Kubernetes-as-a-Service tool (i.e. oneinfra, gardener) to quickly bootstrap and setup platforms for the projects in a more automated/robotic approach. Usually KaaS tools already have their deployment engine and api built in with no clear option to drop in a replacement. Is there a known KaaS tool that can use pulumi as the engine for creating and managing K8s clusters/and cloud infrastructure resources out of the box?
    g
    • 2
    • 3
  • w

    worried-city-86458

    09/11/2020, 7:08 PM
    Just had a thought re pulumi config ... the api is read-only which is quite limiting, especially when there are some better language / framework options for composing config, so can we please add a “write” api?
    l
    b
    • 3
    • 22
  • c

    cold-car-67614

    09/11/2020, 7:14 PM
    Hello, I'm trying to manually decrypt some data in a Pulumi state file. I was able to decrypt the encryption key just fine (AWS KMS). Now that I have that is there a way to decrypt data outside of the Pulumi CLI? I was checking docs but couldn't find anything.
    • 1
    • 1
  • d

    damp-elephant-82829

    09/12/2020, 8:21 AM
    Hello guys, I am trying to implement a “get or else create” for a resource which is shared across multiple stack. Has anyone done anything like that before?
    l
    b
    • 3
    • 2
  • c

    calm-agent-81076

    09/12/2020, 2:10 PM
    Is there a convenient way to stop Pulumi from including node_modules when creating aws.lambda.CallbackFunction? My lambda does not require any modules. I can exclude specific modules using codePathOptions.extraExcludePackage, but listing all packages there is a bit inconvenient.
    b
    • 2
    • 1
  • b

    bitter-alligator-63874

    09/12/2020, 4:21 PM
    If I deploy an Azure resource with a base name, and the actual full name is picked by Pulumi (with a suffix), how do I later use the GetXXX function to get the resource? The Get function requires the full name. How do I get that name so I can pass it to the function? I figure there is some helper function I can use to transform the base name into the full name.
    s
    • 2
    • 1
  • v

    victorious-xylophone-55816

    09/12/2020, 5:41 PM
    I have a (probably) basic question, because I don't understand networking concepts very well: If I have multiple ECS/Fargate services, and I want to add HTTPS to some of them, what's the most efficient way of doing this? Currently, I've achieved it for one service like this (where I had created the Route53 hosted zone/domain by hand already):
    aws.acm.Certificate() -> aws.route53.getZone() -> aws.route53.Record() -> aws.acm.CertificateValidation() ->  awsx.lb.NetworkLoadBalancer({ certificateArn: certCertificate.arn })
    But feels like I probably shouldn't repeat this for every service, creating
    CertificateValidation
    and new
    NetworkLoadBalancer
    . What's the best way to do this? Or could I use something like Caddy for automatic HTTPS without all the other steps? (not sure how it works) Grateful for any input 🙏
    b
    c
    • 3
    • 9
  • d

    damp-table-85095

    09/12/2020, 8:50 PM
    What is the recommended approach for splitting deployment scripts into multiple files? Say I am using typesafe, do I just dump one part of my script into step1.ts and "import" it? I am afraid that "unused" imports will get stripped. What is the preferred approach here?
    s
    c
    • 3
    • 4
  • c

    creamy-vr-86450

    09/13/2020, 12:58 AM
    Are there any examples of using
    github.Team
    from
    @pulumi/github
    ? A regular account’s
    PAT
    doesn’t work nor does there seem to be a way to authorize as an organization. This is the error I get:
    This resource can only be used in the context of an organization
    • 1
    • 3
  • d

    damp-table-85095

    09/13/2020, 1:21 AM
    I figured out how to build and push a Docker image from pulumi, but how do I make the pushed image private? Currently it's making the image public.
    s
    • 2
    • 3
  • d

    damp-table-85095

    09/13/2020, 3:01 AM
    Guys, how is pulumi.interpolate meant to work? I am invoking:
    const startupScript = pulumi.interpolate`
    #!/usr/bin/env sh
    
    echo ${something}`;
    Where
    something
    is defined as:
    const something = config.requireSecret("mySecret");
    But this fails with
    Calling [toString] on an [Output<T>] is not supported.
  • d

    damp-table-85095

    09/13/2020, 3:09 AM
    Hmm, the
    metadataStartupScript
    parameter expects types
    string | Promise<string> | pulumi.OutputInstance<string> | undefined
    and interpolate returns
    pulumi.Output<string>
    . Is that a problem?
  • b

    best-france-51653

    09/14/2020, 10:16 AM
    Hello All, anyone know if this possible to create network policy, like that using pulumi? apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: disable-link-local-network namespace: default spec: selector: all() egress: - action: Deny protocol: TCP destination: nets: - 169.254.169.254/32 ... and when I try to create itm there is no Action field for NetworkPolicyEgressRuleArgs Spec: netv1.NetworkPolicySpecArgs{                 Egress: netv1.NetworkPolicyEgressRuleArray{                     netv1.NetworkPolicyEgressRuleArgs{                         Action:   pulumi.String("Deny"),                         Protocol: pulumi.String("TCP"),                         Destination: pulumi.StringArrayMap{ #golang #pulumi #egress
  • i

    incalculable-dream-27508

    09/14/2020, 11:52 AM
    Apparently there's something called
    promise
    that's related to outputs, but I wasn't yet able to find documentation regarding this, any links?
  • i

    incalculable-dream-27508

    09/14/2020, 11:53 AM
    Oh, apparently it's a javascript thing? Is there a way to use with python an output that hasn't been created yet? Namely, a security group with IPs of machines that will be created in same run, but weren't created yet since security groups are created before the machines are?
    • 1
    • 1
  • i

    incalculable-dream-27508

    09/14/2020, 11:59 AM
    Apparently the answer is `async`/`await` from
    asyncio
    (or maybe
    aiostream
    )
    l
    • 2
    • 2
  • i

    incalculable-portugal-13011

    09/14/2020, 9:43 PM
    is there a way to prevent pulumi from appending the random string to the end of each resource name?
    i
    s
    • 3
    • 3
  • w

    worried-city-86458

    09/14/2020, 10:00 PM
    Similarly, is there a nice way to always inject a prefix for each resource name? I'm always specifying at least the environment name everywhere since it often ends up in external resource names for say aws and it makes them easier to categorize...
    l
    • 2
    • 2
  • m

    many-psychiatrist-74327

    09/15/2020, 1:08 AM
    👋 I’m following the “Organizing Projects and Stacks” inter-stack dependencies example to modularize my Pulumi resources. I’m basically doing exactly this:
    const env = pulumi.getStack();
    const infra = new pulumi.StackReference(`acmecorp/infra/${env}`);
    const provider = new k8s.Provider("k8s", { kubeconfig: infra.getOutput("kubeConfig") });
    const service = new k8s.core.v1.Service(..., { provider: provider });
    But I’m seeing an error on line 3 whenever I do `pulumi preview`:
    Diagnostics:
      pulumi:pulumi:Stack (services-dev):
        panic: interface conversion: interface {} is resource.PropertyMap, not string
        goroutine 27 [running]:
        <http://github.com/pulumi/pulumi/sdk/v2/go/common/resource.PropertyValue.StringValue(...)|github.com/pulumi/pulumi/sdk/v2/go/common/resource.PropertyValue.StringValue(...)>
        	/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi/sdk/v2@v2.9.3-0.20200902150941-d583bcb9153e/go/common/resource/properties.go:362
        <http://github.com/pulumi/pulumi-kubernetes/provider/v2/pkg/provider.parseKubeconfigPropertyValue(0x289d6c0|github.com/pulumi/pulumi-kubernetes/provider/v2/pkg/provider.parseKubeconfigPropertyValue(0x289d6c0>, 0xc000436630, 0x29b6e3e, 0xa, 0xc0003b7a68)
    ...truncated...
    The stacktrace doesn’t trace back to line 3, but if I comment out line 3, the error goes away. It also makes sense because the other stack’s
    kubeConfig
    output is a String. Now, even though
    preview
    and
    up
    throw that error, I can still apply the update and it actually works properly. But of course I’d rather not have random errors show up whenever I run pulumi. Is there a way to avoid this error? Thanks!
    l
    g
    b
    • 4
    • 14
Powered by Linen
Title
m

many-psychiatrist-74327

09/15/2020, 1:08 AM
👋 I’m following the “Organizing Projects and Stacks” inter-stack dependencies example to modularize my Pulumi resources. I’m basically doing exactly this:
const env = pulumi.getStack();
const infra = new pulumi.StackReference(`acmecorp/infra/${env}`);
const provider = new k8s.Provider("k8s", { kubeconfig: infra.getOutput("kubeConfig") });
const service = new k8s.core.v1.Service(..., { provider: provider });
But I’m seeing an error on line 3 whenever I do `pulumi preview`:
Diagnostics:
  pulumi:pulumi:Stack (services-dev):
    panic: interface conversion: interface {} is resource.PropertyMap, not string
    goroutine 27 [running]:
    <http://github.com/pulumi/pulumi/sdk/v2/go/common/resource.PropertyValue.StringValue(...)|github.com/pulumi/pulumi/sdk/v2/go/common/resource.PropertyValue.StringValue(...)>
    	/home/travis/gopath/pkg/mod/github.com/pulumi/pulumi/sdk/v2@v2.9.3-0.20200902150941-d583bcb9153e/go/common/resource/properties.go:362
    <http://github.com/pulumi/pulumi-kubernetes/provider/v2/pkg/provider.parseKubeconfigPropertyValue(0x289d6c0|github.com/pulumi/pulumi-kubernetes/provider/v2/pkg/provider.parseKubeconfigPropertyValue(0x289d6c0>, 0xc000436630, 0x29b6e3e, 0xa, 0xc0003b7a68)
...truncated...
The stacktrace doesn’t trace back to line 3, but if I comment out line 3, the error goes away. It also makes sense because the other stack’s
kubeConfig
output is a String. Now, even though
preview
and
up
throw that error, I can still apply the update and it actually works properly. But of course I’d rather not have random errors show up whenever I run pulumi. Is there a way to avoid this error? Thanks!
l

little-cartoon-10569

09/15/2020, 1:27 AM
StackReference.getOutput returns an Output. Provider's kubeConfig property takes a string. You're going to need to do some conversion..
I can't see how that example would work. I would have thought you'd need to
await
a
getOutputValue
to make that example work...
m

many-psychiatrist-74327

09/15/2020, 6:50 PM
well, it looks like
kubeconfig
takes a
string | pulumi.OutputInstance<string> | Promise<string> | undefined
I thought a
pulumi.Output
was a promise too, but I guess not im trying out
StackReference.getOutputValue()
instead (and
requireOutputValue()
)
still seeing the same error, even when using the -Value() methods, which return
Promise<any>
. 😞
g

gentle-diamond-70147

09/15/2020, 7:21 PM
@many-psychiatrist-74327 can you share your code?
m

many-psychiatrist-74327

09/15/2020, 7:22 PM
yup!
const stack = pulumi.getStack()
const infra = new pulumi.StackReference(`jetpack/infra/${stack}`)
const provider = new k8s.Provider('infra-cluster-provider', {
    kubeconfig: infra.getOutput("kubeconfig")
})
i also tried
infra.getOutputValue("kubeconfig")
(same error) and
infra.getOutput("kubeconfig").get()
(different error, cannot call .get() during preview/up
tried using
await
, but it requires target of
es2017
or higher.
pulumi new
sets the target to
es2016
, presumably for good reason (haven’t tried changing it yet)
g

gentle-diamond-70147

09/15/2020, 8:00 PM
And you're getting
interface conversion: interface {} is resource.PropertyMap, not string
as the error?
m

many-psychiatrist-74327

09/15/2020, 9:33 PM
correct
pulumi version
v2.10.0
b

bitter-toddler-22112

10/01/2020, 11:47 AM
Hi guys, I've got the same issue. For my case, it only happens on an update. When I do a freshly creation of the stack resources (e.g. after destroy) the error does not show up. It only happens when the resources already exist. And it even happens, when I use a plain string for kubeconfig, e.g. new k8s.Provider('my-provider', { kueconfig: "hard-coded-kubeconfig" }) Any ideas?
m

many-psychiatrist-74327

10/12/2020, 11:06 PM
🎉 good observation, @bitter-toddler-22112! I confirm the same behavior: after I did a
pulumi destroy
and re-creation, without changing any of the code, the error went away.
View count: 1