pulumi-community #general

general

icy-jordan-58549

04/29/2021, 1:08 PM

any ideas how I can fix this warning when use @pulumi/docker build step?

warning: #1 [internal] load build definition from Dockerfile

full-artist-27215

04/29/2021, 2:47 PM

I've got a bit of an ordering question. As part of my Pulumi run, I create a CloudFormation Stack. One of the things that stack creates is an IAM Role. I want to get the name of that Role using

pulumi_aws.iam.get_role

(using Python, FWIW) in order to grant it permission to access an S3 bucket. The stack creation and permission granting are currently in the initialization of a Component Resource. As I was developing my application, I started out with just the CloudFormation stack, and only later added this permission granting step. Because of this, the CloudFormation stack (and thus the Role) already existed by the time I added the

get_role

call. Now, however, I am creating a new instance of my Pulumi stack from scratch, and nothing exists. I had assumed that my

get_role

call would be fine, given that I'm using the Outputs of the CloudFormation stack, e.g.

queue_instance_role = aws.iam.get_role(
                name=self.cf_stack.outputs["InstanceRoleName"],
            )

but this apparently isn't sufficient; I'm getting the following error:

Exception: invoke of aws:iam/getRole:getRole failed: Missing required argument: The argument "name" is required, but no definition was found. ()

This is on Pulumi 2.25.2. Is there a way to force this

get_role

call to wait until the CloudFormation stack is created before being invoked? Thanks.

colossal-australia-65039

04/30/2021, 12:02 AM

someone used the pulumi-terraform-provider to create a heroku provider https://github.com/moneymeets/pulumi-heroku how could i use this for my nodejs project?

cuddly-carpenter-20638

04/30/2021, 12:05 AM

Hi, all 👋 Complete noob to pulumi. I have an existing EKS k8s cluster that I’m trying to run the https://www.pulumi.com/docs/get-started/kubernetes/ tutorial against. I keep getting the below error:

Updating (dev):
     Type                              Name                Status                  Info
     pulumi:pulumi:Stack               pulumi-starter-dev  **failed**              1 error
 +   └─ kubernetes:apps/v1:Deployment  nginx               **creating failed**     1 error
 
Diagnostics:
  pulumi:pulumi:Stack (pulumi-starter-dev):
    error: update failed
 
  kubernetes:apps/v1:Deployment (nginx):
    error: resource nginx-uzv9l9j4 was not successfully created by the Kubernetes API server : deployments.apps is forbidden: User "me" cannot create resource "deployments" in API group "apps" in the namespace "default"

cuddly-carpenter-20638

04/30/2021, 12:07 AM

I’ve already created a

namespace

called

pulumi-starter

that I’m trying to deploy this in, but it keeps trying to deploy to

default

kubectl get po
No resources found in pulumi-starter namespace.

cuddly-carpenter-20638

04/30/2021, 12:07 AM

"use strict";
const k8s = require("@pulumi/kubernetes");

const appLabels = { app: "nginx" };
const deployment = new k8s.apps.v1.Deployment("nginx", {
    spec: {
        selector: { matchLabels: appLabels },
        replicas: 1,
        template: {
            metadata: { labels: appLabels },
            spec: { containers: [{ name: "nginx", image: "nginx:alpine" }] }
        }
    }
});
exports.name = deployment.metadata.name;

cuddly-carpenter-20638

04/30/2021, 12:36 AM

Is it required to register on app.pulumi.com even if we’re using it in our self-hosted GitLab instance, for CI/CD? .https://www.pulumi.com/docs/guides/continuous-delivery/gitlab-ci/

cuddly-actor-99406

04/30/2021, 2:41 AM

just upgraded to pulumi 3.1 from 2.x and

pulumi up

now throws with a not very useful stack trace. It's throwing from

pulumi.runtime.rpc.serialize_property

. I put in some debug print statements and I think it is

k8s.yaml.ConfigFile

which is the resource involved. It looks like it might be related to something in the upgrade notes "*snake_case/camelCase Key Translation Fixes in Provider Python SDKs*". Can anyone help?

gifted-island-55702

04/30/2021, 7:36 AM

Hi. I'm trying to implement a Pulumi provider using https://github.com/pulumi/pulumi-provider-boilerplate template. Is there more detailed documentation how a provider should be implemented? I was searching for the following but I couldn't find it: 1. what is the format of the schema.json file? (https://github.com/pulumi/pulumi-provider-boilerplate/blob/master/schema.json) I found https://github.com/pulumi/pulumi/blob/master/pkg/codegen/schema/schema.go but it's really difficult to parse it and grasp how it maps to a JSON file 2. how is it possible to implement a single provider managing multiple types of resources? Are the functions like https://github.com/pulumi/pulumi-provider-boilerplate/blob/master/pkg/provider/provider.go#L120 expected to handle different resource types just by checking the resource type (https://github.com/pulumi/pulumi-provider-boilerplate/blob/master/pkg/provider/provider.go#L122-L123)? 3. How can I configure my provider (e.g. provide target URLs and credentials it should use for managing remote resources etc.)? 4. Is it possible to implement resource import to Pulumi state with my custom Pulumi provider? 5. There is a list of functions that are not documented with details why they are needed and they have only some one-line implementations (CheckConfig, DiffConfig, Configure, Invoke, StreamInvoke). Is there a place where I can find answers for my questions?

bumpy-agent-19616

04/30/2021, 10:22 AM

I am getting the below error while trying to create/update infrastructure using Pulumi in CircleCI CI/CD pipelines but not on my local environment and it seems to be an intermittent issue happening more times and also it works after multiple attempts.

error: failed to load checkpoint: blob (key ".pulumi/stacks/identity-test.json") (code=Unknown): -> <http://github.com/Azure/azure-storage-blob-go/azblob.newStorageError|github.com/Azure/azure-storage-blob-go/azblob.newStorageError>, /Users/runner/go/pkg/mod/github.com/!azure/azure-storage-blob-go@v0.13.0/azblob/zc_storage_error.go:42
===== RESPONSE ERROR (ServiceCode=AuthorizationFailure) =====
Description=This request is not authorized to perform this operation.
RequestId:83e63fd7-e01e-0005-0c6e-3d938c000000
Time:2021-04-30T03:09:34.4679001Z, Details: 
   Code: AuthorizationFailure
   GET https://**************.<http://blob.core.windows.net/*********/.pulumi/stacks/identity-test.json?timeout=61|blob.core.windows.net/*********/.pulumi/stacks/identity-test.json?timeout=61>
   Authorization: REDACTED
   User-Agent: [go-cloud/blob/0.1.0 Azure-Storage/0.13 (go1.16.3; linux)]
   X-Ms-Client-Request-Id: [80971ac2-1589-4582-4251-041bdeb5f1da]
   X-Ms-Date: [Fri, 30 Apr 2021 03:09:34 GMT]
   X-Ms-Version: [2019-12-12]
   --------------------------------------------------------------------------------
   RESPONSE Status: 403 This request is not authorized to perform this operation.
   Content-Length: [246]
   Content-Type: [application/xml]
   Date: [Fri, 30 Apr 2021 03:09:33 GMT]
   Server: [Microsoft-HTTPAPI/2.0]
   X-Ms-Client-Request-Id: [80971ac2-1589-4582-4251-041bdeb5f1da]
   X-Ms-Error-Code: [AuthorizationFailure]
   X-Ms-Request-Id: [83e63fd7-e01e-0005-0c6e-3d938c000000]

Any help would be much appreciated.

shy-football-10348

04/30/2021, 4:41 PM

how do i update my state passphrase?

billowy-laptop-45963

04/30/2021, 4:52 PM

Are there any examples of managing an AWS organizations with multiple accounts using pulumi? Seems like renaming an account causes pulumi to want to recreate it...

tall-scientist-89115

04/30/2021, 7:40 PM

Hey I'm diving into the database migration example to try to do something very similar for each way I want to seed a new database. I'm looking for best practices on shared configuration since this seeded database will share 100% of its configuration (cluster name, database name) with the feature app layer it's being created for. Is there a way to reference external stack outputs inside an automation inline program? My naive attempt at call

new pulumi.Config()

yielded:

throw new Error("Program run without the Pulumi engine available; re-run using the `pulumi` CLI");`

many-psychiatrist-74327

04/30/2021, 8:27 PM

👋 hello! qq: how do I prevent an output from printing out as

[secret]

? Context: I’m following this guide to create a GKE kubernetes cluster. The code (copy pasted from the example) generates a kubeconfig by combining the outputs of the cluster resource. I want to export the kubeconfig so I can use

kubectl

against it, but it just prints out as

[secret]

. Why?

hallowed-rain-9096

04/30/2021, 9:10 PM

My new Pluralsight course on Pulumi is live! (cc @billowy-army-68599 @limited-planet-95090) https://twitter.com/softwarefloyd/status/1388236971454177282

👏 5

👏🏽 1

🙌 1

many-psychiatrist-74327

04/30/2021, 9:46 PM

👋 hello again! Q: What is the recommended practice to apply a single k8s yaml config file to multiple clusters? Just applying it with multiple cluster providers doesn’t work because the URNs of the sub-resources are not unique. Even if I make the

k8s.yaml.ConfigFile

name unique, its sub-resources will have the same names and conflict. I tried using a

transformation

option that renames the resources (adding a prefix), but that seems to be ignored by pulumi and the URN conflicts persist. I would’ve thought that the object hierarchy would make the URNs unique, but it doesn’t seem to do so. Any ideas?

gorgeous-minister-41131

04/30/2021, 11:25 PM

Hi all 👋

👋 2

worried-knife-31967

05/01/2021, 2:40 PM

Is there a way to tell Pulumi to not delete a resource once it's been create, i.e. drop it from state if it should delete. The use case being to create a blob in Azure with a name that includes the build reference, then when the next build runs, just upload the next, and keep the previous?

tall-scientist-89115

05/01/2021, 9:31 PM

Can you not use

azure.keyvault.getSecret

inside the automation api? I keep getting

Error: Program run without the Pulumi engine available; re-run using the `pulumi` CLI

lemon-monkey-228

05/02/2021, 7:38 AM

Is it possible to look up config in a different namespace?

lemon-monkey-228

05/02/2021, 7:38 AM

eg.

config.require("gcp:project")

lemon-monkey-228

05/02/2021, 7:38 AM

(that doesn’t work)

lemon-monkey-228

05/02/2021, 8:25 AM

meh, I’ll just copy the config value for now.

boundless-angle-56560

05/02/2021, 8:42 AM

Hi, I updated my operating system (Ubuntu 21.04) and now previously working pulumi project returns following: $ pulumi up Enter your passphrase to unlock config/secrets (set PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE to remember): Previewing update (dataddo-test1-dev): error: failed to discover plugin requirements: exit status 1

worried-knife-31967

05/02/2021, 9:11 AM

Not sure if this is useful for anyone here, but I've put together a complete CI/CD example of Pulumi, Azure Functions (.NET 5), and Github Actions... https://github.com/martinjt/pulumi-dotnet5 Blog to follow

👏 1

👍 2

lemon-monkey-228

05/02/2021, 6:22 PM

Is it possible to one credential for the strate storage in GCS and one for the actual application of state (eg.

pulumi up

lemon-monkey-228

05/02/2021, 6:22 PM

feels like once I set

GOOGLE_CREDENTIALS

, that’s what it wants to use for the lot

lemon-monkey-228

05/02/2021, 6:22 PM

I can make it work, but I would ideally split them

fresh-hospital-81544

05/03/2021, 12:15 AM

Hi i am using awsx to push images to ecr like so

const repo = new awsx.ecr.Repository("registry");
const image = repo.buildAndPushImage('/path/to/image');

I notice each time I run pulumi up the image is getting built and pushed (hits the cache so the time delay isn't too bad but still unnecessary to run these steps every time). Is there a way to skip this altogether if the image directory has not changed? thanks

better-shampoo-48884

05/03/2021, 7:32 AM

quick question before I start adding tons of unnecessary uniqueness - do pulumi names have to be globally unique within a stack or only unique within its

parent

Title

better-shampoo-48884

05/03/2021, 7:32 AM

quick question before I start adding tons of unnecessary uniqueness - do pulumi names have to be globally unique within a stack or only unique within its

parent

bored-oyster-3147

05/03/2021, 11:24 AM

They have to be unique within a stack. This is why when you make a ComponentResource you pre-pend the name of the parent to it’s children

little-cartoon-10569

05/03/2021, 8:45 PM

They have to be unique within all resources of the same type.

🙌 1

I tend to give the same name to all resources within a component resource, except when there's more than one of a given type. That's when a suffix is required.

View count: 1