https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • i

    icy-jordan-58549

    04/29/2021, 1:08 PM
    any ideas how I can fix this warning when use @pulumi/docker build step?
    warning: #1 [internal] load build definition from Dockerfile
    b
    • 2
    • 4
  • f

    full-artist-27215

    04/29/2021, 2:47 PM
    I've got a bit of an ordering question. As part of my Pulumi run, I create a CloudFormation Stack. One of the things that stack creates is an IAM Role. I want to get the name of that Role using
    pulumi_aws.iam.get_role
    (using Python, FWIW) in order to grant it permission to access an S3 bucket. The stack creation and permission granting are currently in the initialization of a Component Resource. As I was developing my application, I started out with just the CloudFormation stack, and only later added this permission granting step. Because of this, the CloudFormation stack (and thus the Role) already existed by the time I added the
    get_role
    call. Now, however, I am creating a new instance of my Pulumi stack from scratch, and nothing exists. I had assumed that my
    get_role
    call would be fine, given that I'm using the Outputs of the CloudFormation stack, e.g.
    queue_instance_role = aws.iam.get_role(
                    name=self.cf_stack.outputs["InstanceRoleName"],
                )
    but this apparently isn't sufficient; I'm getting the following error:
    Exception: invoke of aws:iam/getRole:getRole failed: Missing required argument: The argument "name" is required, but no definition was found. ()
    This is on Pulumi 2.25.2. Is there a way to force this
    get_role
    call to wait until the CloudFormation stack is created before being invoked? Thanks.
    b
    • 2
    • 30
  • c

    colossal-australia-65039

    04/30/2021, 12:02 AM
    someone used the pulumi-terraform-provider to create a heroku provider https://github.com/moneymeets/pulumi-heroku how could i use this for my nodejs project?
  • c

    cuddly-carpenter-20638

    04/30/2021, 12:05 AM
    Hi, all 👋 Complete noob to pulumi. I have an existing EKS k8s cluster that I’m trying to run the https://www.pulumi.com/docs/get-started/kubernetes/ tutorial against. I keep getting the below error:
    Updating (dev):
         Type                              Name                Status                  Info
         pulumi:pulumi:Stack               pulumi-starter-dev  **failed**              1 error
     +   └─ kubernetes:apps/v1:Deployment  nginx               **creating failed**     1 error
     
    Diagnostics:
      pulumi:pulumi:Stack (pulumi-starter-dev):
        error: update failed
     
      kubernetes:apps/v1:Deployment (nginx):
        error: resource nginx-uzv9l9j4 was not successfully created by the Kubernetes API server : deployments.apps is forbidden: User "me" cannot create resource "deployments" in API group "apps" in the namespace "default"
    c
    • 2
    • 1
  • c

    cuddly-carpenter-20638

    04/30/2021, 12:07 AM
    I’ve already created a
    namespace
    called
    pulumi-starter
    that I’m trying to deploy this in, but it keeps trying to deploy to
    default
    kubectl get po
    No resources found in pulumi-starter namespace.
  • c

    cuddly-carpenter-20638

    04/30/2021, 12:07 AM
    "use strict";
    const k8s = require("@pulumi/kubernetes");
    
    const appLabels = { app: "nginx" };
    const deployment = new k8s.apps.v1.Deployment("nginx", {
        spec: {
            selector: { matchLabels: appLabels },
            replicas: 1,
            template: {
                metadata: { labels: appLabels },
                spec: { containers: [{ name: "nginx", image: "nginx:alpine" }] }
            }
        }
    });
    exports.name = deployment.metadata.name;
    c
    • 2
    • 3
  • c

    cuddly-carpenter-20638

    04/30/2021, 12:36 AM
    Is it required to register on app.pulumi.com even if we’re using it in our self-hosted GitLab instance, for CI/CD? .https://www.pulumi.com/docs/guides/continuous-delivery/gitlab-ci/
    l
    • 2
    • 14
  • c

    cuddly-actor-99406

    04/30/2021, 2:41 AM
    just upgraded to pulumi 3.1 from 2.x and
    pulumi up
    now throws with a not very useful stack trace. It's throwing from
    pulumi.runtime.rpc.serialize_property
    . I put in some debug print statements and I think it is
    k8s.yaml.ConfigFile
    which is the resource involved. It looks like it might be related to something in the upgrade notes "*snake_case/camelCase Key Translation Fixes in Provider Python SDKs*". Can anyone help?
    r
    • 2
    • 13
  • g

    gifted-island-55702

    04/30/2021, 7:36 AM
    Hi. I'm trying to implement a Pulumi provider using https://github.com/pulumi/pulumi-provider-boilerplate template. Is there more detailed documentation how a provider should be implemented? I was searching for the following but I couldn't find it: 1. what is the format of the schema.json file? (https://github.com/pulumi/pulumi-provider-boilerplate/blob/master/schema.json) I found https://github.com/pulumi/pulumi/blob/master/pkg/codegen/schema/schema.go but it's really difficult to parse it and grasp how it maps to a JSON file 2. how is it possible to implement a single provider managing multiple types of resources? Are the functions like https://github.com/pulumi/pulumi-provider-boilerplate/blob/master/pkg/provider/provider.go#L120 expected to handle different resource types just by checking the resource type (https://github.com/pulumi/pulumi-provider-boilerplate/blob/master/pkg/provider/provider.go#L122-L123)? 3. How can I configure my provider (e.g. provide target URLs and credentials it should use for managing remote resources etc.)? 4. Is it possible to implement resource import to Pulumi state with my custom Pulumi provider? 5. There is a list of functions that are not documented with details why they are needed and they have only some one-line implementations (CheckConfig, DiffConfig, Configure, Invoke, StreamInvoke). Is there a place where I can find answers for my questions?
  • b

    bumpy-agent-19616

    04/30/2021, 10:22 AM
    I am getting the below error while trying to create/update infrastructure using Pulumi in CircleCI CI/CD pipelines but not on my local environment and it seems to be an intermittent issue happening more times and also it works after multiple attempts.
    error: failed to load checkpoint: blob (key ".pulumi/stacks/identity-test.json") (code=Unknown): -> <http://github.com/Azure/azure-storage-blob-go/azblob.newStorageError|github.com/Azure/azure-storage-blob-go/azblob.newStorageError>, /Users/runner/go/pkg/mod/github.com/!azure/azure-storage-blob-go@v0.13.0/azblob/zc_storage_error.go:42
    ===== RESPONSE ERROR (ServiceCode=AuthorizationFailure) =====
    Description=This request is not authorized to perform this operation.
    RequestId:83e63fd7-e01e-0005-0c6e-3d938c000000
    Time:2021-04-30T03:09:34.4679001Z, Details: 
       Code: AuthorizationFailure
       GET https://**************.<http://blob.core.windows.net/*********/.pulumi/stacks/identity-test.json?timeout=61|blob.core.windows.net/*********/.pulumi/stacks/identity-test.json?timeout=61>
       Authorization: REDACTED
       User-Agent: [go-cloud/blob/0.1.0 Azure-Storage/0.13 (go1.16.3; linux)]
       X-Ms-Client-Request-Id: [80971ac2-1589-4582-4251-041bdeb5f1da]
       X-Ms-Date: [Fri, 30 Apr 2021 03:09:34 GMT]
       X-Ms-Version: [2019-12-12]
       --------------------------------------------------------------------------------
       RESPONSE Status: 403 This request is not authorized to perform this operation.
       Content-Length: [246]
       Content-Type: [application/xml]
       Date: [Fri, 30 Apr 2021 03:09:33 GMT]
       Server: [Microsoft-HTTPAPI/2.0]
       X-Ms-Client-Request-Id: [80971ac2-1589-4582-4251-041bdeb5f1da]
       X-Ms-Error-Code: [AuthorizationFailure]
       X-Ms-Request-Id: [83e63fd7-e01e-0005-0c6e-3d938c000000]
    Any help would be much appreciated.
    b
    • 2
    • 19
  • s

    shy-football-10348

    04/30/2021, 4:41 PM
    how do i update my state passphrase?
    b
    • 2
    • 3
  • b

    billowy-laptop-45963

    04/30/2021, 4:52 PM
    Are there any examples of managing an AWS organizations with multiple accounts using pulumi? Seems like renaming an account causes pulumi to want to recreate it...
    b
    • 2
    • 1
  • t

    tall-scientist-89115

    04/30/2021, 7:40 PM
    Hey I'm diving into the database migration example to try to do something very similar for each way I want to seed a new database. I'm looking for best practices on shared configuration since this seeded database will share 100% of its configuration (cluster name, database name) with the feature app layer it's being created for. Is there a way to reference external stack outputs inside an automation inline program? My naive attempt at call
    new pulumi.Config()
    yielded:
    throw new Error("Program run without the Pulumi engine available; re-run using the `pulumi` CLI");`
    r
    • 2
    • 6
  • m

    many-psychiatrist-74327

    04/30/2021, 8:27 PM
    👋 hello! qq: how do I prevent an output from printing out as
    [secret]
    ? Context: I’m following this guide to create a GKE kubernetes cluster. The code (copy pasted from the example) generates a kubeconfig by combining the outputs of the cluster resource. I want to export the kubeconfig so I can use
    kubectl
    against it, but it just prints out as
    [secret]
    . Why?
    b
    • 2
    • 6
  • h

    hallowed-rain-9096

    04/30/2021, 9:10 PM
    My new Pluralsight course on Pulumi is live! (cc @billowy-army-68599 @limited-planet-95090) https://twitter.com/softwarefloyd/status/1388236971454177282
    👏 5
    👏🏽 1
    🙌 1
  • m

    many-psychiatrist-74327

    04/30/2021, 9:46 PM
    👋 hello again! Q: What is the recommended practice to apply a single k8s yaml config file to multiple clusters? Just applying it with multiple cluster providers doesn’t work because the URNs of the sub-resources are not unique. Even if I make the
    k8s.yaml.ConfigFile
    name unique, its sub-resources will have the same names and conflict. I tried using a
    transformation
    option that renames the resources (adding a prefix), but that seems to be ignored by pulumi and the URN conflicts persist. I would’ve thought that the object hierarchy would make the URNs unique, but it doesn’t seem to do so. Any ideas?
    • 1
    • 1
  • g

    gorgeous-minister-41131

    04/30/2021, 11:25 PM
    Hi all 👋
    👋 2
    b
    • 2
    • 1
  • w

    worried-knife-31967

    05/01/2021, 2:40 PM
    Is there a way to tell Pulumi to not delete a resource once it's been create, i.e. drop it from state if it should delete. The use case being to create a blob in Azure with a name that includes the build reference, then when the next build runs, just upload the next, and keep the previous?
    b
    l
    b
    • 4
    • 9
  • t

    tall-scientist-89115

    05/01/2021, 9:31 PM
    Can you not use
    azure.keyvault.getSecret
    inside the automation api? I keep getting
    Error: Program run without the Pulumi engine available; re-run using the `pulumi` CLI
    r
    • 2
    • 4
  • l

    lemon-monkey-228

    05/02/2021, 7:38 AM
    Is it possible to look up config in a different namespace?
    b
    • 2
    • 3
  • l

    lemon-monkey-228

    05/02/2021, 7:38 AM
    eg.
    config.require("gcp:project")
  • l

    lemon-monkey-228

    05/02/2021, 7:38 AM
    (that doesn’t work)
  • l

    lemon-monkey-228

    05/02/2021, 8:25 AM
    meh, I’ll just copy the config value for now.
  • b

    boundless-angle-56560

    05/02/2021, 8:42 AM
    Hi, I updated my operating system (Ubuntu 21.04) and now previously working pulumi project returns following: $ pulumi up Enter your passphrase to unlock config/secrets (set PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE to remember): Previewing update (dataddo-test1-dev): error: failed to discover plugin requirements: exit status 1
    l
    r
    • 3
    • 7
  • w

    worried-knife-31967

    05/02/2021, 9:11 AM
    Not sure if this is useful for anyone here, but I've put together a complete CI/CD example of Pulumi, Azure Functions (.NET 5), and Github Actions... https://github.com/martinjt/pulumi-dotnet5 Blog to follow
    👏 1
    👍 2
  • l

    lemon-monkey-228

    05/02/2021, 6:22 PM
    Is it possible to one credential for the strate storage in GCS and one for the actual application of state (eg.
    pulumi up
    )?
  • l

    lemon-monkey-228

    05/02/2021, 6:22 PM
    feels like once I set
    GOOGLE_CREDENTIALS
    , that’s what it wants to use for the lot
  • l

    lemon-monkey-228

    05/02/2021, 6:22 PM
    I can make it work, but I would ideally split them
  • f

    fresh-hospital-81544

    05/03/2021, 12:15 AM
    Hi i am using awsx to push images to ecr like so
    const repo = new awsx.ecr.Repository("registry");
    const image = repo.buildAndPushImage('/path/to/image');
    I notice each time I run pulumi up the image is getting built and pushed (hits the cache so the time delay isn't too bad but still unnecessary to run these steps every time). Is there a way to skip this altogether if the image directory has not changed? thanks
  • b

    better-shampoo-48884

    05/03/2021, 7:32 AM
    quick question before I start adding tons of unnecessary uniqueness - do pulumi names have to be globally unique within a stack or only unique within its
    parent
    ?
    b
    l
    • 3
    • 3
Powered by Linen
Title
b

better-shampoo-48884

05/03/2021, 7:32 AM
quick question before I start adding tons of unnecessary uniqueness - do pulumi names have to be globally unique within a stack or only unique within its
parent
?
b

bored-oyster-3147

05/03/2021, 11:24 AM
They have to be unique within a stack. This is why when you make a ComponentResource you pre-pend the name of the parent to it’s children
l

little-cartoon-10569

05/03/2021, 8:45 PM
They have to be unique within all resources of the same type.
🙌 1
I tend to give the same name to all resources within a component resource, except when there's more than one of a given type. That's when a suffix is required.
View count: 1