Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
general
- f
fast-magician-55948
09/15/2020, 9:34 PMOK I think I found https://github.com/pulumi/examples/tree/master/gcp-py-serverless-raw that does what I want. I'll see if I can make it work. - r
red-area-47037
09/15/2020, 10:16 PMQuick question, is there a way to configure the retry behaviour in Pulumi … e.g. I am currently setting up a GKE environment and from time to time a api service is not available for the first 90s… I would like to configure Pulumi to backoff later retires to ensure that later retries happen after a longer time once the env has stablized - k
kind-mechanic-53546
09/16/2020, 3:13 AMis there any way to
a resource creation? I have to render a helm chart to a directory viaawait
ofrenderYamlToDirectory
and then take the output of that directory filtered viak8s.Provider
filtered then passed tofs.promises.readdir
The issue is that my readdir will be processed before the provider has finished rendering I could do it via a custom component but it's more workk8s.yaml.ConfigGroupg- 2
- 8
- c
chilly-rainbow-79265
09/16/2020, 10:03 AMHi all I am trying to have my backend as azureexport AZURE_STORAGE_ACCOUNT=XXXXX export AZURE_STORAGE_KEY=XXXXX
This is a new project all togetherpulumi new --force error: Sorry, could not create stack 'dev': could not create stack: An IO error occurred while writing the new snapshot file: blob (key ".pulumi/stacks/dev.json") (code=NotFound): -> <http://github.com/Azure/azure-storage-blob-go/azblob.newStorageError|github.com/Azure/azure-storage-blob-go/azblob.newStorageError>, /home/travis/gopath/pkg/mod/github.com/!azure/azure-storage-blob-go@v0.9.0/azblob/zc_storage_error.go:42 ===== RESPONSE ERROR (ServiceCode=ResourceNotFound) ===== Description=The specified resource does not exist. RequestId:69f212d5-801e-001a-1910-8c2575000000 Time:2020-09-16T10:02:29.5219649Z, Details: Code: ResourceNotFound PUT <https://pulumicloud.blob.core.windows.net/pulumistate/.pulumi/stacks/dev.json?timeout=61> Content-Length: [70] User-Agent: [go-cloud/blob/0.1.0 Azure-Storage/0.9 (go1.14.7; linux)] X-Ms-Blob-Cache-Control: [] X-Ms-Blob-Content-Disposition: [] X-Ms-Blob-Content-Encoding: [] X-Ms-Blob-Content-Language: [] X-Ms-Blob-Content-Md5: [WDyPMum8QM5L4bgdHF8ieA==] X-Ms-Blob-Content-Type: [text/plain; charset=utf-8] X-Ms-Blob-Type: [BlockBlob] X-Ms-Client-Request-Id: [ba87d3af-02c7-45e0-6b1e-550c44d0adcd] X-Ms-Version: [2018-11-09] -------------------------------------------------------------------------------- RESPONSE Status: 404 The specified resource does not exist. Content-Length: [223] Content-Type: [application/xml] Date: [Wed, 16 Sep 2020 10:02:29 GMT] Server: [Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0] X-Ms-Error-Code: [ResourceNotFound] X-Ms-Request-Id: [69f212d5-801e-001a-1910-8c2575000000] X-Ms-Version: [2018-11-09]b- 2
- 17
- i
incalculable-dream-27508
09/16/2020, 10:17 AMAh, and now that i'm trying to use outputs directly in other resources I got one of those errors discussed yesterday that don't really mention where the issue is. - i
incalculable-dream-27508
09/16/2020, 10:21 AMThat's the snippet of code where I'm trying to use the outputs, and that to my understanding produces the above error. - c
chilly-rainbow-79265
09/16/2020, 10:26 AM@broad-dog-22463 Hi, is there any support from
for self managed states like blob ? i was trying to do a CD with pulumi and state in blob<docker://pulumi/actions>b- 2
- 4
- i
incalculable-dream-27508
09/16/2020, 1:41 PMHuh.
and laterINSTANCES_API = [ openstack.compute.Instance( ... __opts__=pulumi.ResourceOptions(provider=REGIONS[dc])) for i in range(COUNT_API) for dc in REGIONS ]
So far so good, andexported_api = { srv.name.apply: srv.access_ip_v4.apply for srv in INSTANCES_API }
works with this. But, when I addpulumi preview
suddenly I get this error.pulumi.export('nodes_api', exported_api) - i
incalculable-dream-27508
09/16/2020, 3:59 PM
results in names like"WebADM internal traffic: %s %s from %s" % (dc, port, srv.name)
so how should I be accessing this? https://www.pulumi.com/docs/intro/concepts/programming-model/#outputs wasn't very helpful regarding thatWebADM internal traffic: ams rsignd from <pulumi.output.Output object at 0x7eff0ad30100>g- 2
- 5
- s
silly-address-30441
09/16/2020, 5:18 PMI'm just getting started with Pulumi, so I might not be headed in the right direction at all. Do people generally use different AWS accounts for their prod vs dev stacks? If so, how do you associate a particular AWS account with a particular stack?ig- 3
- 8
- f
faint-dress-91709
09/16/2020, 5:31 PMhello folks, I’m just getting started with Pulumi. I have experience with Cloudformation, Terraform, and CDK, so some concepts are familiar 🙂 I’m trying to get it working with a AWS profile and am getting an error: “Error: providerCredentialOpts and AWS_PROFILE must be set together”. I tried googling around for this, but no luck so far. I’m sure the error here is between keyboard and monitor, so let me know if I’m doing something stupid ;-)i- 2
- 4
- i
incalculable-dream-27508
09/16/2020, 5:38 PMHow do people generate unique names for resources when said resources are dynamically generated based on other resources? Namely, because I need to use IPs in security group rules, I need to create a rule per machine created - and apparently can't use machine name, because trying to get that only gets me an ugly (and changing) object reference.g- 2
- 14
- m
many-psychiatrist-74327
09/16/2020, 6:26 PM👋 hello! is there a way to call/run pulumi directly from code (that is, instead of running
from the terminal)? Context: let’s say I already have some Python code that does a bunch of infrastructure provisioning already, and I want to incorporate some pulumi-managed resources in the same place. The hack I’m doing right now is creating a subprocess that callspulumi
, which in turn will end up running some more python code. This seems silly, and I wonder if there’s a way to “cut the middleman”? I know (well, I think) that runningpulumi
stands up a local grpc server, and then runs the Python code, which in turn sends rpcs to the local server to register the resources as it creates them. Could there be a way to run that local server as a daemon maybe, and then just run my Python code normally, without having to create the subprocess mentioned above?pulumig- 2
- 3
- m
millions-furniture-75402
09/16/2020, 6:34 PMHow do I write an
to aOutput<string>
?config.jsong- 2
- 4
- t
tall-scientist-89115
09/16/2020, 6:43 PMI'm trying to update a cloudfront distriution "Security Policy" from "TLSv1" to "TLSv1.2_2019" with Pulumi (I can do it through the UI no problem but now my state is out of sync), but don't see that property in your distribution docs..the info blurb in the UI for that property says "A security policy determines two settings: the SSL/TLS protocol that CloudFront uses to communicate with viewers, and the cipher that CloudFront uses to encrypt the content that it returns to viewers." How do I set this state with pulumi? (edit: Thank you! I apologize for not putting this in the #aws channel)f- 2
- 3
- a
ancient-megabyte-79588
09/16/2020, 9:57 PMIs there a way to run a custom function on
... We havepulumi destroy
that installs and configures an AzDO Deployment Agent ... If I don't "unregister" the agent with AzDO when I tear the server down, it is left as a dangling registration in AzDO and I can't create another agent with that name. I need to run a de-registration script onconst setupAgent = new azure.compute.Extension(name + "serverSetupAgent",<snip>);
or something comparable, but I don't see any where to hook into that.pulumi destroyg- 2
- 4
- f
faint-dress-91709
09/16/2020, 10:09 PMHi folks - can I set a launch template on a EKS nodegroup? I don’t see any reference to that in the docs here: https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/aws/eks/#NodeGroupArgs but it’s available in terraform: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/eks_node_groupg- 2
- 1
- c
chilly-rainbow-79265
09/16/2020, 11:42 PMHI while running github action using
for creating azure vm, I'm getting errorpulumi/actionws-ts-azure-comp:webserver:WebServer es-1 create pulumi:providers:azure default error: no resource plugin 'azure' found in the workspace or on your $PATH - s
steep-caravan-65104
09/17/2020, 2:48 AMHi all. We are using the GCP KMS secrets provider for pulumi as per https://www.pulumi.com/docs/intro/concepts/config/#google-cloud-key-management-service-kms with a separate GCP KMS key used specifically for pulumi key encryption/decryption. We have an issue where users with only encrypt access on this pulumi key are NOT able to encrypt secrets using the command
They receive the following error:pulumi config set --secret
With a GCP user or service account which has encrypt + decrypt permissions on the key, this issue is not seen. Does anyone have ideas about why a DECRYPT key permission would be required to ENCRYPT a secret with pulumi usingerror: constructing secrets manager of type "cloud": secrets (code=PermissionDenied): rpc error: code = PermissionDenied desc = Permission 'cloudkms.cryptoKeyVersions.useToDecrypt' denied on resource 'projects/<gcp-creds-project>/locations/global/keyRings/global-keyring/cryptoKeys/pulumi-secret' (or it may not exist).
? This sounds like a pulumi bug to me, could someone suggest workarounds if possible?gcpkms - c
chilly-rainbow-79265
09/17/2020, 5:09 AMHi, Is there any way to integrate pulumi with short lived token from cloud provider 1. For instance, If I want to create vm using azure SP which is short lived. I am not sure, what to do here, checking for how you guys do that ? - s
steep-angle-29984
09/17/2020, 7:27 AMI'm interested in how other Pulumi users install and configure their VMs as Pulumi doesn't support "configuration management" very well. I haven't found any integration with configuration management tools like Ansible, Chef, or Puppet. So how do you do this?li- 3
- 3
- c
chilly-rainbow-79265
09/17/2020, 9:14 AMwhile doing pulumi preview, it shows all go packes and vendor info. Is there any way to hide that. It'll be pretty much useful in CI/CD commenting - b
bitter-application-91815
09/17/2020, 9:47 AMhi there, just looking over how to apply alb but not from typescript but from go, what's
herecluster.providerb- 2
- 32
- b
bitter-application-91815
09/17/2020, 9:47 AM - i
incalculable-dream-27508
09/17/2020, 11:57 AMhttps://github.com/pulumi/examples/tree/9cb78d2cbcf37a441032a5b6cb4e9f96ff9c8a0a/azure-py-virtual-data-center saysNote that because most resources are auto-named, the trailing dashes that you see above will actually be followed by random suffixes that appear in the Outputs and in Azure.
which would solve the issue I'm fighting with. But I'm reading the code, and I don't see yet how it's achieved? - l
limited-rainbow-51650
09/17/2020, 3:11 PMIn one stack, I can export an object like structure:
But how can I retrieve it as an object viaCurrent stack outputs (2): OUTPUT VALUE mysqlAdmin {"password":"<redacted>","user":"mysqladmin"} mysqlEndpoint <redacted>.<http://database.azure.com|database.azure.com>
? I seem to miss the callStackReference
similar like onrequireObject<T>(key)
. How can I retrieve this info in another stack?Configl- 2
- 2
- b
bitter-application-91815
09/17/2020, 3:24 PMHaving an issue applying a helm chart to my newly created kubs cluster,unknown Invoke type "kubernetes:helm:template"g- 2
- 9
- b
bitter-application-91815
09/17/2020, 3:25 PMwant to try this one - b
bitter-application-91815
09/17/2020, 3:25 PM<https://hub.helm.sh/charts/incubator/aws-alb-ingress-controller> - b
bitter-application-91815
09/17/2020, 3:25 PMfunc (w *worker) applyAlbCharts(ctx *pulumi.Context, namespace string) error { _, err := helm.NewChart(ctx, fmt.Sprintf("axiom-alb-charts-%s", w.targetEnv), helm.ChartArgs{ Chart: pulumi.String("incubator/aws-alb-ingress-controller"), Version: pulumi.String("1.0.2"), Namespace: pulumi.String(namespace), FetchArgs: helm.FetchArgs{ Repo: pulumi.String("<https://kubernetes-charts.storage.googleapis.com/>"), }, Values: pulumi.Map{ "clusterName": w.eksCluster.Name, "autoDiscoverAwsRegion": pulumi.Bool(true), "autoDiscoverAwsVpcID": pulumi.Bool(true), }, }) if err != nil { return err } return nil }
Title
b
bitter-application-91815
09/17/2020, 3:25 PMfunc (w *worker) applyAlbCharts(ctx *pulumi.Context, namespace string) error {
_, err := helm.NewChart(ctx, fmt.Sprintf("axiom-alb-charts-%s", w.targetEnv), helm.ChartArgs{
Chart: pulumi.String("incubator/aws-alb-ingress-controller"),
Version: pulumi.String("1.0.2"),
Namespace: pulumi.String(namespace),
FetchArgs: helm.FetchArgs{
Repo: pulumi.String("<https://kubernetes-charts.storage.googleapis.com/>"),
},
Values: pulumi.Map{
"clusterName": w.eksCluster.Name,
"autoDiscoverAwsRegion": pulumi.Bool(true),
"autoDiscoverAwsVpcID": pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
}View count: 3