Hi there 👋 I'm new to pulumi so forgive me if this is a dumb question but I'm not sure to which extent I should use pulumi, is it meant to just build the infrastructure resources or should it also handle the deployment of build artifacts too?

getting this error this morning

✔ pulumi stack ls                                                                                                                                                                                       
error: error listing stacks: could not list bucket: blob (code=Unknown): RequestError: send request failed
caused by: Get "<https://s3.amazonaws.com/stack.json>": x509: failed to load system roots and no roots provided; SecTrustSettingsCopyCertificates error: -2070

any idea?

Anyone having issues with the Azure provider? Looks like updating the AppSettings of an AppService doesn't work. I get :

panic: interface conversion: interface {} is nil, not map[string]interface {}

Even though the preview correctly detects what changes needed to be applied.

Hi All, I'm getting an error which is stopping me from using pulumi to do anything useful. I have imported a new Azure stack into pulumi from an existing resource group, then created a csharp project and tried

pulumi preview

, but pulumi thinks the resources need to be replaced & stops with an error that the resources are protected. Surely if nothing has changed, then there is no need to replace? If I try to unprotect in the csharp project, then I still receive an error from

pulumi preview

, because the resource is still protected in the stack from the import. How do I unprotect the imported resource? Also, because the preview fails abruptly, I cannot see the replacement steps which pulumi thinks are needed, it seems to be null?

PS> pulumi preview --show-replacement-steps -v 3
Previewing update (bot)

View Live: <https://app.pulumi.com/wilsoncg/bot/bot/previews/c75fe0fb-9b27-4d6a-a068-4a7e53a694e0>

     Type                                                             Name                                  Plan        Info
     pulumi:pulumi:Stack                                              bot-bot                                           1 error
 +-  └─ azure-nextgen:alertsmanagement/latest:SmartDetectorAlertRule  Failure Anomalies - RachaelBot4wwyzn  replace     1 error

Diagnostics:
  azure-nextgen:alertsmanagement/latest:SmartDetectorAlertRule (Failure Anomalies - RachaelBot4wwyzn):
    error: Preview failed: refusing to delete protected resource 'urn:pulumi:bot::bot::azure-nextgen:alertsmanagement/latest:SmartDetectorAlertRule::Failure Anomalies - RachaelBot4wwyzn'

  pulumi:pulumi:Stack (bot-bot):
    error: preview failed

I enter this bug for pulumi 2.18 https://github.com/pulumi/pulumi/issues/6163

Hi @big-potato-91793, does this work for you with Pulumi v2.17.2 ?

yep

I’m trying to downgrade but I ask someone on my team and he was able with v2.17.2

Please an you try it - the error to me suggests there is an issue on your local machine - alternatively, please can you tell me if the person on your team can try with 2.18.0 ?

i’m still getting the error. Will try to ask them to used the new version and see if the problem is just with me

I'm trying to set a value for the "IgnoreChanges" list based on the value of a property of the resource. This is an AKS cluster, and due to the way the Terraform provider works I need to Ignore Changes to the defaultNodePool.NodeCount value if defaultNodePool.autoscaler is set to true, but not if it is set to false. I'm struggling to do this due to IgnoreChanges expecting a List<string> and any operation I do to check the autoscaler resulting in an InputList<string>. I can get it to work if I wrap the whole AKS cluster creation in an apply, but that then causes me issues later when I want to set the parent of some other resources to be that AKS resources, as now this is an Output<KubernetesCluster> rather than just a Kubernetes cluster. Any better way to do this?

Hi all, I’m an avid pulumi user and we’ve been using it in my team for quite some time now..I’ve got a painful error thrown by the following code:

const peNicIp = pulumi
  .all([resourceGroupName, privateEndpoint.networkInterfaces[0].id])
  .apply(async ([rgName, peNicId]) => {
    const nic = await azureng.network.latest.getNetworkInterface({
      resourceGroupName: rgName,
      networkInterfaceName: peNicId?.split('/').pop() || '',
    });
    return nic.ipConfigurations![0].privateIPAddress;
  })
  .apply(ip => {
    console.log({ ip });
    return ip!;
  });

const ehPeRs = peNicIp.apply(
  ip =>
    new azureng.network.latest.RecordSet(rtti`eh-pe-rs`, {
      resourceGroupName,
      privateZoneName: ehPEZone.name,
      recordType: 'A',
      relativeRecordSetName: `name`,
      aRecords: [
        {
          ipv4Address: ip,
        },
      ],
    })
);

which throws the error:

cannot check existence of resource '/subscriptions/subId/resourceGroups/resourceGroup/providers/Microsoft.Network/privateDnsZones/dnsZone/A/Calling%20%5BtoString%5D%20on%20an%20%5BOutput%3CT%3E%5D%20is%20not%20supported.%0A%0ATo%20get%20the%20value%20of%20an%20Output%3CT%3E%20as%20an%20Output%3Cstring%3E%20consider%20either%3A%0A1%3A%20o.apply%28v%20%3D%3E%20%60prefix%24%7Bv%7Dsuffix%60%29%0A2%3A%20pulumi.interpolate%20%60prefix%24%7Bv%7Dsuffix%60%0A%0ASee%20https%3A%2F%2Fpulumi.io%2Fhelp%2Foutputs%20for%20more%20details.%0AThis%20function%20may%20throw%20in%20a%20future%20version%20of%20%40pulumi%2Fpulumi..Calling%20%5BtoString%5D%20on%20an%20%5BOutput%3CT%3E%5D%20is%20not%20supported.%0A%0ATo%20get%20the%20value%20of%20an%20Output%3CT%3E%20as%20an%20Output%3Cstring%3E%20consider%20either%3A%0A1%3A%20o.apply%28v%20%3D%3E%20%60prefix%24%7Bv%7Dsuffix%60%29%0A2%3A%20pulumi.interpolate%20%60prefix%24%7Bv%7Dsuffix%60%0A%0ASee%20https%3A%2F%2Fpulumi.io%2Fhelp%2Foutputs%20for%20more%20details.%0AThis%20function%20may%20throw%20in%20a%20future%20version%20of%20%40pulumi%2Fpulumi.': status code 400, <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""<http://www.w3.org/TR/html4/strict.dtd>">
    <HTML><HEAD><TITLE>Bad Request</TITLE>
    <META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
    <BODY><h2>Bad Request - Invalid URL</h2>
    <hr><p>HTTP Error 400. The request URL is invalid.</p>
    </BODY></HTML>

I’m unsure of if this is a bug as I’m clearly using

apply

in an attempt to retrieve the actual value of the output..any help would be appreciated 🙂

Very odd, I have followed the update instruction and seem to have re-downloaded the same version:

warning: A new version of Pulumi is available. To upgrade from version '2.17.2' to '2.18.0', run
   > powershell -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('<https://get.pulumi.com/install.ps1')>)"
or visit <https://pulumi.com/docs/reference/install/> for manual instructions and release notes.
PS> powershell -NoProfile -InputFormat None -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('<https://get.pulumi.com/install.ps1')>)"
Downloading <https://get.pulumi.com/releases/sdk/pulumi-v2.17.2-windows-x64.zip>

PS> (Invoke-WebRequest -UseBasicParsing <https://www.pulumi.com/latest-version).Content.Trim()>
2.17.2

🤔

Hi - I'm new here. Have been following Pulumi for a while and quite excited about the direction. We are looking to use Pulumi at our startup, but concerned about lock-in, rough edges and missing functionality. If there's a Pulumi -> Terraform bridge (we know one exists in the opposite direction), it would make it a lot easier for us to start trying out Pulumi. Would appreciate if someone can point us to such a tool if it exists. Thanks!

Is there a workaround for bug #6164 (https://github.com/pulumi/pulumi/pull/6164)? We have a blocked deployment (error: could not deserialize deployment: malformed resource value: id must be a string). If there isn’t a work around, any ETA on releasing the fix?

Hi guys! I have just started to use Pulumi for deploying on AWS. So far, it's really good! I am using Python for writing the infrastructure. I just wanted to ask is there going to be a Java SDK any time soon?

If I have a ComponentResource and have specified a dependsOn, is there anything special I need to do to make sure the children get that dependsOn as well?

Bonus points if theres a hidden CLI command that shows you the dependency tree, since I’m having an absolute ball-ache getting this to behave properly

Already posted that in #kubernetes yesterday, but unfortunately received no answer, and since I've seen the same issue with other modules (namely, AWS security groups rules) will try to ask here. is there any way to improve previews for changes like this one?

one env var was added here, but the preview doesn't clearly show that is that a known problem? does any workaround exist for it?

@broad-dog-22463 How Can I avoid installation of AWS plugin installation every time I run Automation API?

Is it possible to implement a custom backend? is there any documentation about the steps or any other startingpoint?

Hi, I'm working on a demo to evaluate Pulumi for our AWS resources. I think I have it nearly working, but when I try to upload a docker image to ECR using awsx.ecs.Image.fromDockerBuild, I get an error that docker login has failed. It looks to me like the temporary credentials the awsx module gets from ECR may not be making it down into the docker module. All of the other resources in my project (including the automatically created ECR repo) look like they've successfully created themselves.

Is anyone else here managing a large application 200+ ECS Services with Pulumi? Im seeing deployment times ranging from 30 minutes to over an hour. I know there is really no magic to this, and there are outside limiting factors. Such as API Limits/Thorttling, the time between polls between when it started to create and when its actually created/updated/replaced.

Hey guys! I'm having issues when trying to create a Certificate (Azure.AppService.Certificate), I'm passing in what I think is needed and it just hangs for about 7minutes and then fails with a generic error message:

error: Error creating/updating App Service Certificate "cert-identity-dev" (Resource Group "rg-test-dev244b9b58"): web.CertificatesClient#CreateOrUpdate: Failure responding to request: StatusCode=500 -- Original Error: autorest/azure: Service returned an error. Status=500 Code="" Message="An error has occurred."

I'm quite new to Pulumi so any help would be appreciated.

Is there a tool to show dependencies between resources? Sometimes I'll do something like

storageAccountName

instead of

storageAccount.Name

and then there is a hidden race condition. I kind of thought the Pulumi Console did that, but I'm not seeing that now.

Newbie question here - what's the correct way to effectively bail out of a

pulumi up

if a conditional statement isn't met? For example, I have a variable the specifies the number of EC2 instances to be made - in my Pulumi code (go) I loop round this number to create N number of EC2 instances. However, I want these to be spread over an equal number of availability zones. ideally, I'd want to check if ec2instances > az's, bail.

Hi everyone - have encountered the following issue when following the tutorial for Pulumi and Azure. I've uninstalled/re-installed both Pulumi and the Azure CLI and am stumped. (I've confirmed that

pulumi-resource-azure.exe

exists in the given folder) Thank you for your help!

Is it possible to implement a custom backend? is there any documentation about the steps or any other startingpoint? I’m not looking for help on how to use any of the other backend (S3, Azure Storage, …) but how to implement a new custom backend.

Is it possible to increase the retry count on Custom Resource creation?

authorizer.rules (iac:services:KubePrometheusStack$kubernetes:<http://monitoring.coreos.com/v1:PrometheusRule|monitoring.coreos.com/v1:PrometheusRule>)
Retry #0; creation failed: no matches for kind "PrometheusRule" in version "<http://monitoring.coreos.com/v1|monitoring.coreos.com/v1>"
Retry #1; creation failed: no matches for kind "PrometheusRule" in version "<http://monitoring.coreos.com/v1|monitoring.coreos.com/v1>"
Retry #2; creation failed: no matches for kind "PrometheusRule" in version "<http://monitoring.coreos.com/v1|monitoring.coreos.com/v1>"
Retry #3; creation failed: no matches for kind "PrometheusRule" in version "<http://monitoring.coreos.com/v1|monitoring.coreos.com/v1>"
Retry #4; creation failed: no matches for kind "PrometheusRule" in version "<http://monitoring.coreos.com/v1|monitoring.coreos.com/v1>"
Retry #5; creation failed: no matches for kind "PrometheusRule" in version "<http://monitoring.coreos.com/v1|monitoring.coreos.com/v1>"
 
error: creation of resource cluster-services/authorizer.rules failed because the Kubernetes API server reported that the apiVersion for this resource does not exist. Verify that any required CRDs have been created: no matches for kind "PrometheusRule" in version "<http://monitoring.coreos.com/v1|monitoring.coreos.com/v1>"