pulumi-community #general

Docs

Join the conversation Join Slack

Channels

general

prehistoric-shoe-5168

11/05/2020, 12:17 AM

i have no desire to build something if it’s not useful or someone else will do it (cough cough) better than i will 🙂

broad-dog-22463

11/05/2020, 12:18 AM

You can drop some time in my calendar and we can discuss this

tall-needle-56640

11/05/2020, 2:34 AM

I want my pipeline to create my stack, but I also want to have a config file already populated and committed. The problem I'm running into (using the cloud backend) is that we would like to have different passphrases for local and prod environments. This is a problem because the stack file gets an

encryptionsalt

making that config inaccessible, because the passphrases are different. How can I get around this?

nutritious-shampoo-16116

11/05/2020, 9:42 AM

hello people, how can I upgrade a provider plugin version?

nutritious-shampoo-16116

11/05/2020, 9:47 AM

the only way I found till now is exporting a stack state, changing it manually and importing that

ripe-xylophone-26538

11/05/2020, 10:23 AM

How fast are feature updates of AWS built into Pulumi? I need the new AWS-MQ RabbitMQ feature.

hallowed-cat-56281

11/05/2020, 1:10 PM

Hi there, I have a general question (GCP): • I have a Cloud Run service and this service is using a Docker image from GCR • The image is built from a Cloud Build trigger (also created via Pulumi) • Correct me if I am wrong but there is no way to actually trigger the Cloud Build pipeline after creation (only manually) I am trying to find what is the best way to: 1. Create the Cloud Build Trigger (if doesn’t exist) 2. Create the Cloud Run service w/ a dummy image (e.g.

<http://gcr.io/cloudrun/hello|gcr.io/cloudrun/hello>

) if the service doesn’t exist, or the actual GCR image otherwise). 3. Trigger the pipeline manually so that the GCR image is generated. 4. When running

pulumi up

later on, I obviously don’t want to override the last revision of the service with the dummy image if the service is already created and using the proper image. The solutions I was thiking of are the following: 1. Checking if the service already exists with

GetService

-> the issue is that it’s requiring an ID, so I can’t get the service until it’s created. 2. Using an input variable to differentiate the first time I run `pulumi up`` from the later “updates” -> I used this solution with Terraform but I find it a bit dangerous and error-prone. Any idea what the best way to do something like this would be? Thanks

nutritious-shampoo-16116

11/05/2020, 2:21 PM

why StackReference doesn't work with pulumi.runtime.Mocks? It seems it's totally ignored and this leads to failure when trying to resolve the promises

nutritious-shampoo-16116

11/05/2020, 3:34 PM

StackReference.outputs is always None and I can't make it returning the mocked state of my reference

mammoth-caravan-51104

11/05/2020, 7:31 PM

is there a way to convert Output to a promise to be able to easily use await/async? i think it must the most asked questions, because i'm literally confused about it every time i try to write something in pulumi

red-area-47037

11/05/2020, 7:32 PM

How can I best handle dependencies in Pulumi? I am currently using Pulumi to spin up a Kubernetes cluster and install among other components cert-manager (via

Helm

) and to ClusterIssuer CRs for LetsEncrypt (via

k8s.yaml.ConfigFile

const certmanagerChart = new k8s.helm.v3.Chart(
  'cert-manager',
  {
    chart: 'cert-manager',
    version: 'v1.0.3',
    namespace: 'cert-manager',
    fetchOpts: {
      repo: '<https://charts.jetstack.io>'
    },
    values: {
      installCRDs: true
    }
  },
  {
    provider: cluster.provider,
    dependsOn: [contourChart]
  }
)

const certManagerClusterIssuerLetsEncrypt = new k8s.yaml.ConfigFile(
  'cert-manager-clusterissuer-letsencrypt',
  {
    file: './templates/cert-manager-clusterissuer-letsencrypt.yaml'
  },
  {
    provider: cluster.provider,
    dependsOn: [certmanagerChart]
  }
)

In more then 50% of the cases the first

pulumi up

run fails, as the cert-manager-webhook is not available:

kubernetes:<http://cert-manager.io/v1:ClusterIssuer|cert-manager.io/v1:ClusterIssuer> (cert-manager/letsencrypt-staging):
    error: resource cert-manager/letsencrypt-staging was not successfully created by the Kubernetes API server : Internal error occurred: failed calling webhook "<http://webhook.cert-manager.io|webhook.cert-manager.io>": Post <https://cert-manager-webhook.cert-manager.svc:443/mutate?timeout=10s>: no endpoints available for service "cert-manager-webhook"

Running

pulumi up

will successfully install the ClusterIssuers as expected. I think there should be a better way, or?

tall-needle-56640

11/05/2020, 10:10 PM

I'm getting an error when trying to create a new stack in Azure Pipelines. Here's my error:

/home/vsts/work/_temp/4f54c711-c247-495c-9b57-18634e506f91/pulumi/pulumi stack select poc

error: failed to load checkpoint: blob (key ".pulumi/stacks/poc.json") (code=Unknown): -> github.com/Azure/azure-pipeline-go/pipeline.NewError, /Users/runner/go/pkg/mod/github.com/!azure/azure-pipeline-go@v0.2.2/pipeline/error.go:154

HTTP request failed

Get "https://***.blob.core.windows.net/state/.pulumi/stacks/poc.json?timeout=61 ": dial tcp: lookup OaIuuJpkrLyaAqo6veQ9HtuX6gabZQsrkUil9FoTycAUzL on 127.0.0.53:53: server misbehaving

##[debug]Exit code 255 received from tool '/home/vsts/work/_temp/4f54c711-c247-495c-9b57-18634e506f91/pulumi/pulumi'

##[debug]STDIO streams have closed for tool '/home/vsts/work/_temp/4f54c711-c247-495c-9b57-18634e506f91/pulumi/pulumi'

Obviously, the stack is not there because the storage account was just created. But the Pulumi task should create it (since

createStack

is set to

true

). Here's my pipeline

steps:
  - task: AzureCLI@2
    inputs:
      azureSubscription: $(azureServiceConnection)
      scriptType: 'pscore'
      scriptLocation: 'inlineScript'
      inlineScript: |
        az group create --location westus --name $(resourceGroupName)
        az storage account create --name $(storageName) --resource-group $(resourceGroupName) --location westus --sku Standard_LRS
        az storage container create --name $(containerName)

  - task: AzurePowerShell@5
    inputs:
      azureSubscription: $(azureServiceConnection)
      ScriptType: 'InlineScript'
      Inline: |
        $key=(Get-AzStorageAccountKey -ResourceGroupName $(resourceGroupName) -Name $(storageName)).Value[0]
        
        Write-Host "##vso[task.setvariable variable=AZURE_STORAGE_ACCOUNT]$key"
        Write-Host "##vso[task.setvariable variable=AZURE_STORAGE_KEY]$key"
      azurePowerShellVersion: 'LatestVersion'
      pwsh: true
  
  - task: Pulumi@1
    displayName: 'Preview Infrastructure Changes'
    inputs:
      azureSubscription: '$(azureServiceConnection)'
      command: 'preview'
      loginArgs: 'azblob://$(containerName)'
      args: '--diff --refresh --non-interactive --logtostderr'
      stack: '$(stackName)'
      createStack: true

  - task: Pulumi@1
    displayName: 'Deploy Infrastructure Changes'
    inputs:
      azureSubscription: $(azureServiceConnection)
      command: 'up'
      loginArgs: 'azblob://$(containerName)'
      args: '--yes --diff --refresh --non-interactive --skip-preview'
      stack: $(stackName)

shy-football-10348

11/06/2020, 3:07 AM

Could someone help me understand what has gone wrong with my stack setup

shy-football-10348

11/06/2020, 3:07 AM

jupyterhub-ecs-infra > pulumi up
Enter your passphrase to unlock config/secrets
    (set PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE to remember):
Previewing update (jupyterhub-ecs-infra):
     Type                             Name                                       Plan       Info
 +   pulumi:pulumi:Stack              jupyterhub-ecs-infra-jupyterhub-ecs-infra  create     2 errors
     └─ pulumi:pulumi:StackReference  notebook-ecs-infra                                    1 error

Diagnostics:
  pulumi:pulumi:StackReference (notebook-ecs-infra):
    error: Preview failed: decrypting secret value: failed to decrypt: incorrect passphrase, please set PULUMI_CONFIG_PASSPHRASE to the correct passphrase

  pulumi:pulumi:Stack (jupyterhub-ecs-infra-jupyterhub-ecs-infra):
    error: preview failed
    error: Program failed with an unhandled exception:

shy-football-10348

11/06/2020, 3:08 AM

it looks like the stack

notebook-ecs-infra

is being referenced when i am clearly on the stack

jupyterhub-ecs-infra

when you run

pulumi stack ls

shy-football-10348

11/06/2020, 3:08 AM

additionally, i am getting a ‘failed to decrypt’ error after i have entered the correct passphrase for the

jupyterhub-ecs-infra

stack

shy-football-10348

11/06/2020, 3:10 AM

there’s other issues as well but i feel like this is a good place to start

shy-football-10348

11/06/2020, 3:10 AM

if you run pulumi stack ls, notebook-ecs-infra doesn’t even show up

shy-football-10348

11/06/2020, 3:16 AM

happy to provide any additional stuff. Thanks in advance!

billions-waitress-26583

11/06/2020, 4:37 AM

$ pulumi new aws-typescript --name myproject "error: A project with this name already exists" is there some registry that keeps track of previous project? how can I clear it?

billowy-laptop-45963

11/06/2020, 5:08 AM

is there anything like cidrsubnets in terraform?

billowy-laptop-45963

11/06/2020, 5:12 AM

Is there a way of writing to the config file without rolling my own with fs?

early-kite-86569

11/06/2020, 6:04 AM

Trying to use the Pulumi Preview on PR for GH-Actions. I am getting an error that says that

pulumi

isn't installed but it should be installed as a part of my build setup. Link to project deps Link to workflow file Link to the build log (go to

pulumi-preview

job) Any help would be greatly appreciated!

nutritious-shampoo-16116

11/06/2020, 9:40 AM

how can I change the stack provider version cleanly?

proud-afternoon-49521

11/06/2020, 11:06 AM

Hey there, we’re trying and so far loving Pulumi in Go to manage our GCP, GKE clusters. One thing we’ve noticed though is that it’s quite slow. I think mainly during the compile and starting up, the kubernetes operations seem normal. Is this a known thing or would a debug trace be helpful etc?

nice-postman-4638

11/06/2020, 12:55 PM

I want to use pulumi in my CI and do commands like this:

export DATABASE_PASSWORD=$(pulumi config get dbPassword)

but how to I stop this from printing into it:

warning: A new version of Pulumi is available. To upgrade from version '2.12.1' to '2.13.0', visit <https://pulumi.com/docs/reference/install/> for manual instructions and release notes.

red-keyboard-36959

11/06/2020, 1:00 PM

currently stuck trying to run the aws-ts-eks example due to what looks like a packaging issue https://github.com/pulumi/examples/issues/826

lemon-tomato-90786

11/06/2020, 4:31 PM

Hi, I would like to migrate some resources from one program to another one, I was thinking to use a combination of pulumi state delete and adopting again the ressources in Pulumi, is it the right way to do it ?

hundreds-toddler-20724

11/06/2020, 7:06 PM

Hello, I'm encountering an error in pulumi when applying an update to azure:appservice:AppService appSettings.

panic: interface conversion: interface {} is nil, not map[string]interface {}

cool-egg-852

11/06/2020, 8:09 PM

Are there any plans for a filesystem provider with SSH support? This way one could manage specific files on existing systems?

Title

cool-egg-852

11/06/2020, 8:09 PM

Are there any plans for a filesystem provider with SSH support? This way one could manage specific files on existing systems?

broad-dog-22463

11/06/2020, 9:05 PM

what kinda of provider do you mean here? Is there prior art we can use to help you out?

cool-egg-852

11/06/2020, 10:02 PM

This would be something new.

If you look at the GitHub and GitLab providers, there is the possibility of a GitFile? resource.

In this case, I want an

SshFile

or something. Basically what would happen is that pulumi would ssh to the server, and update the contents, and or create the file given a specific path.

https://github.com/sethvargo/terraform-provider-filesystem - similar to this, but with the possibility of remote files.

The purpose would be for us to replace using ansible to manage configuration files.

💯 1

I’ve created https://github.com/pulumi/pulumi/issues/5720 to track this

👍 1

View count: 1