broad-helmet-79436
05/11/2021, 6:06 PMpulumi up
I tried to both
1. rename a resource using aliases
2. make a change to that same resource which caused it to be replace
d
This failed with pending_operations
in the state file because I ended up with two different resources with the same alias at the same time.
I guess the GCP and Kubernetes providers perform a replace
by first creating the new resource and then deleting the old one?
If so, I believe this will hit any resource which has any aliases
defined, i.e., you don’t necessarily have to rename the resource at the same time as replacing it.
I tried reproducing it in a local stack using the @pulumi/random
provider, but I think that one replaces resources by deleting the old resource before creating the new one.
For what it’s worth, I managed to make Pulumi show me this kind-of-strange diff:
pulumi preview
Previewing update (dev):
Type Name Plan Info
pulumi:pulumi:Stack pulumi-alias-replace-test-dev
+- ├─ random:index:RandomPassword something_else replace [diff: ~length]
+- └─ random:index:RandomPassword pw replace
Resources:
+-1 to replace
1 unchanged
Here I’ve renamed the resource pw
to something_else
, added an alias, and at the same time changed the length
of the RandomPassword which requires a replace
operation.
Does this ring a bell with anyone and/or is it worth a GitHub issue even though I haven’t been able to reproduce it (yet)?billowy-laptop-45963
05/11/2021, 6:58 PMpulumi nuke
which is a more forceful destroy? There are a lot of resources to delete by hand....gorgeous-minister-41131
05/11/2021, 7:47 PMdef get_kv2_secret(self, mount_point: str, path: str) -> pulumi.Output:
"""
Retrieve a KV2 secret based on the given path.
This method actually returns a Pulumi Output future representing a
secret so that the actual value is obscured until apply time.
"""
output_secret = pulumi.Output.secret(
self.hvac_client.secrets.kv.v2.read_secret_version(
mount_point=mount_point, path=path
)
)
return output_secret
But it would be nice to know what pulumi's roadmap is for supporting placeholder config values which are just references to the "real" K/V path in vault (similar to above^).elegant-pager-5412
05/12/2021, 2:44 PMpulumi up
. It prints the View Live: URL
but then it hangs. Any idea why?elegant-pager-5412
05/12/2021, 2:48 PMfast-whale-9064
05/12/2021, 2:58 PMbitter-island-28909
05/12/2021, 3:46 PMdefaultTags
property on an aws.Provider
, like so:
new aws.Provider(`my-provider`, {
...
defaultTags: {
"foo": "bar"
}
});
I’m getting a type error on defaultTags
, stating that Object literal may only specify known properties, and '"foo"' does not exist in type 'Input<ProviderDefaultTags>'.
A type option for Input<T>
is T
, and the signature of ProviderDefaultTags
is {[key: string]: string}
So using an arbitrary string such as “foo”:“bar” should work.
What am I missing?red-match-15116
05/12/2021, 5:04 PMripe-knife-11053
05/12/2021, 5:37 PMcurved-cartoon-90054
05/12/2021, 6:02 PMcuddly-father-4905
05/12/2021, 7:13 PMProject
from `@pulumi/gcp/organizations`: new Project('project:dev', { ...config })
is invalid, whereas IAMBinding
from `@pulumi/gcp/projects`: new IAMBinding('iam:my-role', { ...config })
is validcolossal-australia-65039
05/12/2021, 8:39 PMpulumi preview --diff
does not actually show the diff but only within arrays, e.g.
~ spec: {
~ template: {
~ spec: {
~ containers: [
~ [0]: {
// there should be something here but it's empty!!
}
]
}
}
}
rough-window-15889
05/12/2021, 10:48 PMrough-window-15889
05/12/2021, 11:21 PMbrash-airline-37413
05/13/2021, 6:33 AMimport { Vpc } from '@pulumi/awsx/ec2';
import { describe, it } from 'mocha';
describe('Network', () => {
const myvpc: Vpc = new Vpc('test', {
cidrBlock: '10.0.0.0/16',
});
it('should use correct cidr address', (done) => {
myvpc.vpc.cidrBlock.apply(vpc => {
done();
});
});
});
full error is
Network
(node:84386) PromiseRejectionHandledWarning: Promise rejection was handled asynchronously (rejection id: 3)
(Use `node --trace-warnings ...` to show where the warning was created)
(node:84386) PromiseRejectionHandledWarning: Promise rejection was handled asynchronously (rejection id: 4)
Does anybody know what is happening here?early-truck-24471
05/13/2021, 11:43 AM└── project
├── __main__.py
├── Pulumi.yaml
└── environments
└──PROD
├── Pulumi.prod1.yaml
├── Pulumi.prod2.yaml
└──STG
├── Pulumi.stg1.yaml
├── Pulumi.stg2.yaml
dazzling-kilobyte-32990
05/13/2021, 12:45 PMbrash-kite-78002
05/13/2021, 1:06 PMlemon-machine-35564
05/13/2021, 4:11 PMaws.cloudwatch.MetricAlarm
to create a resource and I keep getting Type 'string' is not assignable to type 'Input<number>'.
for many of the inputs. Note, this is just the example listed on https://www.pulumi.com/docs/reference/pkg/aws/cloudwatch/metricalarm/green-musician-49057
05/13/2021, 5:32 PMpulumi config set
do anything aside from updating the yaml file? Is it safe to update the yaml directly? (I've been assuming it is safe)fast-vegetable-68654
05/13/2021, 5:40 PMComponentResource
and a function wrapping a group of resources? Why would you reach for one over the other?lively-wire-16126
05/13/2021, 6:01 PMaws-sdk
because I want to use a feature that isn't available in the terraform/pulumi resources yet. I'm using explicitly created providers to assume roles to manage resources in multiple AWS accounts, but I can't figure out how to make sure my component resource is using credentials for the correct AWS account. I found this: https://www.pulumi.com/blog/dynamic-providers/#provider-credentials
But I don't actually understand what that means in terms of, like, how to actually instantiate the AWS sdk resources with the correct credentials. Does anyone have an example of what this looks like in practice?lively-wire-16126
05/13/2021, 6:02 PM{ provider: myProvider }
as the CustomResourceOptions
but that doesn't seem to do it.full-dress-10026
05/13/2021, 7:19 PMfull-artist-27215
05/13/2021, 8:42 PMself.register_outputs({
"endpoint":
pulumi.Output.concat(
"redis://",
self.cluster.cache_nodes[0].address,
":",
str(self.cluster.cache_nodes[0].port)
)
})
but when I go to use it like this:
cache.endpoint
I end up with the following:
AttributeError: 'Cache' object has no attribute 'endpoint'
(this is all Python, BTW). Thanks in advance 🙇full-artist-27215
05/13/2021, 9:37 PMrole.arn.apply(lambda arn: json.dumps({"foo": arn}))
When you have multiple things that need to be interpolated, things get a little more complicated:
pulumi.Output.all(
foo.arn,
bar.arn,
baz.arn
).apply(
lambda args: json.dumps({
"foo": args[0],
"bar": args[1],
"baz": args[2]
})
)
While that's awkward, it's doable when you have all the `pulumi.Output`s that you need readily at hand.
I'm using `ComponentResource`s to model my domain. In general, I'd like to be able to pass a dictionary of values into my ComponentResource
, and then have it merge that with another dictionary of default values within the ComponentResource
itself. Then, this merged dictionary would need to be converted into a JSON string to pass to the low-level Resource.
env = {
"foo": "my_foo",
"message": "hello world"
}
pulumi.Output.all(
foo.arn,
bar.arn,
baz.arn
).apply(
lambda args: json.dumps({
"foo": args[0],
"bar": args[1],
"baz": args[2],
**env
})
)
If that inner "default values" dictionary is the one that contains the pulumi.Output
values, then I can control things with pulumi.Output.all
, as shown above. If I've got pulumi.Output
values in that dictionary that I'm merging in, though, it's not clear how I can generically manage things.
I'm curious if others have run into similar situations, or if people have some patterns for managing such data (generic, if possible; Python-specific works too). Thanks in advance.gorgeous-minister-41131
05/13/2021, 9:51 PMgorgeous-minister-41131
05/13/2021, 10:03 PMpulumi config
or pulumi update
etc?gorgeous-minister-41131
05/13/2021, 10:04 PMgorgeous-minister-41131
05/13/2021, 10:05 PM