broad-dog-22463
04/19/2021, 2:15 PMbroad-dog-22463
04/19/2021, 2:15 PMbroad-dog-22463
04/19/2021, 2:16 PMbroad-dog-22463
04/19/2021, 2:32 PMpurple-train-14007
04/19/2021, 4:22 PMpurple-train-14007
04/19/2021, 4:28 PMworried-knife-31967
04/19/2021, 4:47 PMbroad-dog-22463
04/19/2021, 4:59 PMworried-knife-31967
04/19/2021, 5:22 PMpurple-train-14007
04/19/2021, 5:39 PMdazzling-sundown-39670
04/19/2021, 6:27 PMError: No 'docker' command available on PATH:
. I do have docker
in my path so I'm not sure what it's complaining aboutmany-psychiatrist-74327
04/19/2021, 9:37 PMpulumi import gcp:container/cluster:Cluster <my-pulumi-cluster> <gcp-cluster-name>
. I get this error:
Preview failed: importing <gcp-cluster-name>: Import id "<gcp-cluster-name>" doesn't match any of the accepted formats: [projects/(?P<project>[^/]+)/locations/(?P<location>[^/]+)/clusters/(?P<name>[^/]+) (?P<project>[^/]+)/(?P<location>[^/]+)/(?P<name>[^/]+) (?P<location>[^/]+)/(?P<name>[^/]+)]
And if I try something like clusters/<gcp-cluster-name>
, I get this error:
googleapi: Error 400: Location "clusters" does not exist., badRequest
What is the correct ID to use for the cluster?acceptable-midnight-12902
04/19/2021, 10:39 PMbumpy-summer-9075
04/20/2021, 12:40 AMprovider "kubernetes" {
load_config_file = "false"
host = data.aws_eks_cluster.cluster.endpoint
token = data.aws_eks_cluster_auth.cluster.token
cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data)
}
From what I can see from the documentation, I need to provide a kubeconfig, which is not really doable since the kubeconfig that is given by terraform's eks module requires aws-iam-authenticator
green-musician-49057
04/20/2021, 2:48 AMError: Major version mismatch. You are using Pulumi CLI version 3.0.0 with Automation SDK v2. Please update the SDK.
I checked the pulumi/actions repo and it seems like you're getting the same error: https://github.com/pulumi/actions/runs/2385713822
UPDATE: We fixed this by pinning the version of the pulumi action, e.g. uses: pulumi/actions@v2.2.0
breezy-butcher-78604
04/20/2021, 7:44 AMgreen-dentist-53234
04/20/2021, 8:06 AMwhite-action-27798
04/20/2021, 8:17 AMdef create_region_external_s3_artifact_buckets():
buckets = []
regions = conf.require_object('externalRegions')
regions.append(conf.require('primaryRegion'))
for region in regions:
provider = Provider(f's3-{region}-provider', region=region)
bucket_conf = {"name": f'{ARTIFACTS_BUCKET}-{region}', "acl": None, "policy": PUBLIC_OBJECT_READ_FOR_BUCKET}
name, tags = get_resource_name_by_convention(f'{ARTIFACTS_BUCKET}-{region}')
policy = _handle_bucket_policy(name, bucket_conf)
created_bucket = s3.Bucket(
name,
bucket=name,
acl=bucket_conf.get('acl'),
policy=policy,
opts=pulumi.ResourceOptions(provider=provider)
)
buckets.append(created_bucket)
pulumi.export(name, created_bucket.arn)
return buckets
After I upgraded the Pulumi version to 3.0(and the pulumi-aws package), I tried to change something in the bucket but the operation failed .
After that, I tried to run Pulumi refresh and I got this error message:
aws:s3:Bucket (prod-lightlytics-artifacts-us-east-1):
error: Preview failed: refreshing urn:pulumi:prod::lightlytics::aws:s3/bucket:bucket::prod-lightlytics-artifacts-us-east-1: 1 error occurred:
* error reading S3 Bucket (prod-lightlytics-artifacts-us-east-1): Forbidden: Forbidden
Do you have any idea why this is happening and how I overcome it?
Thanks !!white-action-27798
04/20/2021, 10:26 AMdef create_iam_policy_write_access_to_bucket(bucket, policy_name_suffix):
# todo(zeev+dan): why not Managed policy?
with open('./polices/s3_bucket_write_access_policy.json') as f:
policy_document = json.load(f)
policy_document['Statement'][0]['Resource'] = pulumi.Output.concat(bucket.arn, "/*")
name, _ = get_resource_name_by_convention(f's3_write_access_iam_policy-{policy_name_suffix}')
s3_write_access_iam_policy = iam.Policy(
name,
description="write Access to a given bucket arn",
policy=policy_document
)
return s3_write_access_iam_policy
s3_bucket_write_access_policy.json:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:DeleteObject",
"s3:PutObjectAcl"
],
"Resource": "PLACE_HOLDER_FOR_PULUMI"
}
]
}
We need to edit the policy (change the resource field to the relevant s3 bucket).
How can we do it with the new function?
I tried a lot of things for example I tried to change the function to:
def create_iam_policy_write_access_to_bucket(bucket, policy_name_suffix):
with open('./polices/s3_bucket_write_access_policy.json') as f:
policy_document = json.load(f)
policy_document['Statement'][0]['Resource'] = pulumi.Output.concat(bucket.arn, "/*")
name, _ = get_resource_name_by_convention(f's3_write_access_iam_policy-{policy_name_suffix}')
s3_write_access_iam_policy = iam.Policy(
name,
description="write Access to a given bucket arn",
policy=json.dumps(
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:DeleteObject",
"s3:PutObjectAcl"
],
"Resource": policy_document['Statement'][0]['Resource']
}
]
}
)
)
return s3_write_access_iam_policy
But I am getting this error message :
TypeError: Object of type Output is not JSON serializable
any idea how can we do it with the new function?damp-tiger-87899
04/20/2021, 10:28 AMproud-pizza-80589
04/20/2021, 12:32 PMError: Major version mismatch. You are using Pulumi CLI version 3.0.0 with Automation SDK v2. Please update the SDK.
errors on the CI even though all our npm packages are at the latest version. Since i’ve moved to 3 for everything, pinning the action to 2 does not seem like the way to go.broad-dog-22463
04/20/2021, 12:34 PMproud-pizza-80589
04/20/2021, 12:35 PMbroad-dog-22463
04/20/2021, 12:35 PMbroad-dog-22463
04/20/2021, 12:35 PMproud-pizza-80589
04/20/2021, 12:36 PM"dependencies": {
"@pulumi/kubernetes": "3.0.0",
"@pulumi/kubernetesx": "0.1.6",
"@pulumi/pulumi": "3.0.0",
"@pulumi/cloudflare": "3.0.0"
}
broad-dog-22463
04/20/2021, 12:36 PMproud-pizza-80589
04/20/2021, 12:37 PMbroad-dog-22463
04/20/2021, 12:37 PMbroad-dog-22463
04/20/2021, 12:37 PMbroad-dog-22463
04/20/2021, 12:37 PM