https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • b

    better-shampoo-48884

    05/19/2021, 6:52 AM
    So.. I've spent the past few weeks refactoring my pulumi code to ComponentResource spec - and I've got one outstanding question before I embark on a new world of pain.. Right now I have one primary ComponentResource for each resource type, with the provider specific resource directly underneath. I'm planning on making another change to create a new provider-type specific ComponentResource. Currently i have ComponentResource "network" which handles virtual networks, subnets, security groups, etc. What I want to do is introduce a Component Resource inside of the "network" one which is called "azure-net" so that the "network" resource can be cloud-agnostic (all network resources take pretty much the same configuration regardless of provider - so I'll be leveraging that with sensible defaults and overrides). My question is really this: My URNs will likely change when I perform the operation, and I'm creating ~40xN resources (where N is number of datacenters/regions it should span) for each stack - is there a sensible way of reimporting created resources? Current URN:
    urn:pulumi:mystack::myproject::purpose:components:provider$purpose:components:group$purpose:components:k8s$azure-native:containerservice:ManagedCluster$random:index/randomUuid:RandomUuid::mystack-cluster-k8s-location-diskcrypto-to-kv-cert-RA
    I'm guessing the
    :components:k8s$azure-native:
    bit is what's going to change. Initial thought: export the stack + search and replace + reimport stack? Any other ideas? Doing
    pulumi import
    on each one is.. just not going to work, besides taking a huge amount of time, it will just be really really really tricky to ensure I have the right URN specified for each resource.
    l
    • 2
    • 2
  • b

    brash-country-7541

    05/19/2021, 8:22 AM
    How do I get access to kubernets service as a global url? see my stackflow message https://stackoverflow.com/questions/67599082/why-do-i-not-get-acess-to-the-kubernetes-service-depoyed-on-google-cloud-by-a-gl
  • r

    rough-arm-38844

    05/19/2021, 8:55 AM
    hello, does anyone have any information or guidance on how to use the python dynamic provisioners on a Windows machine so we can connect and perform post-provisioning activity - running powershell scripts etc. ? in particular - how do we connect? do we use WinRM? do we need to make those additional ports open on the security groups? thanks
  • q

    quiet-truck-58459

    05/19/2021, 12:52 PM
    Has anyone been able to use
    get_registry_image
    from the pulumi docker package with a private image? I'm basically trying to follow the example in the docs
    import pulumi
    import pulumi_docker as docker
    
    ubuntu_registry_image = docker.get_registry_image(name="<<private image name>>")
    ubuntu_remote_image = docker.RemoteImage("ubuntuRemoteImage",
        name=ubuntu_registry_image.name,
        pull_triggers=[ubuntu_registry_image.sha256_digest])
    but get a Forbidden error
    Exception: invoke of docker:index/getRegistryImage:getRegistryImage failed: invocation of docker:index/getRegistryImage:getRegistryImage returned an error: invoking docker:index/getRegistryImage:getRegistryImage: Got error when attempting to fetch image version from registry: Got bad response from registry: 403 Forbidden
  • q

    quiet-truck-58459

    05/19/2021, 1:57 PM
    To extend my question further can anyone explain why this 👇 code will not pull the latest image on every run?
    import time
    
    import pulumi
    import pulumi_docker as docker
    
    alpine_remote_image = docker.RemoteImage("alpineRemoteImage",
        name="alpine:latest",
        pull_triggers=[str(time.time())]
    )
    p
    b
    • 3
    • 13
  • l

    little-market-63455

    05/19/2021, 3:03 PM
    Hi everyone, started recently with Pulumi and went over most of the articles I am facing a couple of problems, probably due to using TypeScript and learning it along with Pulumi at the same time With that being said, I don't think the problem is with TypeScript per say but with my understanding on how to properly handle
    Promise<T>
    s, `Input<T>`s and
    Output<s>
    1. If I am builI am building a
    ComponentResource
    which needs some information about an IAM user (which is already created) 2. To fetch information about that user, I can use
    aws.iam.getUser
    which returns a
    Promise<GetUserResult>
    3. Now, I don't know how to properly deal with that Promise 4. On one hand, I could make the ComponentResrouce accept
    Input<GetUserResult>
    and wrap my Promise with an
    Output<T>
    then pass it on. This should trigger dependency tracking according to my understanding. Is this really the way to go? 5. Or I could
    await
    the promise and get the result then pass it as a regular object but then I have to enable top-level awaits or perhaps use
    then
    ? Sorry for the confusion, trying to learn and apply too many things at the same time and I appreciate your help.
    b
    l
    • 3
    • 25
  • l

    limited-eve-38521

    05/19/2021, 4:15 PM
    This morning running
    pulumi up
    the
    pulumi-resource-aws
    plugin was present in the path below as expected, but got not found error for
    4.5.0
    . Forcing 4.3.1 solved the error below:
    Diagnostics:
      pulumi:providers:aws (default_4_5_0):
        error: could not read plugin [/Users/jeremywest/.pulumi/plugins/resource-aws-v4.5.0/pulumi-resource-aws] stdout: EOF
    Deleted .pulumi folder and node_modules folder with fresh installs to try and troubleshoot but haven't looking into further since 4.3.1 doesn't have the issue.
    b
    • 2
    • 2
  • c

    colossal-australia-65039

    05/19/2021, 7:36 PM
    is it possible to get a stack reference to a stack using a different state store? e.g. two stacks in different S3 buckets
    g
    • 2
    • 1
  • g

    gentle-monitor-55086

    05/19/2021, 8:20 PM
    What's the proper / best way to prevent resources from being destroyed that i want to toggle their deployment based on a configuration boolean... Basically trying to say "only deploy to the -dev or -production api's if i've explicitly set a variable in the conf to do so". Another example was i had
    "if servers < desired { // deploy ec2}"
    With the issue being on the second run pulumi would see we didn't define the first set of ec2's and go "oh well i should destroy those". My issue was that i was generating unique values for the ec2, storing it in the userdata, and then also saving those off to a DB... So even using
    protect
    or
    ignoreChanges
    it was (is) a pain to try and avoid re-generating / saving new values into the DB and required all sorts of shims and "clever"(breaks if you breathe on it) code. I don't currently have an idea about the api and would like to do it the "right" way
    w
    • 2
    • 6
  • a

    ambitious-father-68746

    05/19/2021, 11:03 PM
    Hi, I have some resources already created, but now I feel the need to explicitly configure and define a provider and then reference it in my resources using
    pulumi.ResourceOptions
    . Unfortunately Pulumi wants to destroy the resources that I already have. Is there a way to move resources from the default Provider configuration to a new one?
    l
    s
    • 3
    • 5
  • s

    sticky-bear-14421

    05/20/2021, 6:53 AM
    Hi, is it possible to set a config option to always apply options like
    --suppress-outputs
    to pulumi runs? Apart from the definition of an alias like pu="pulumi up --suppress-outputs <maybe other options>"
  • b

    bland-army-56447

    05/20/2021, 7:09 AM
    I’m trying to use
    tfbridge
    to use an existing TF Module in Pulumi. I already “bridged” the module and generated the SDK. Then I did
    go get <http://github.com/|github.com/>...
    to install (?) my custom provider. But when running
    pulumi up
    I’m stuck with
    error: no resource plugin 'lxd' found in the workspace or on your $PATH
    Do I additionally have to install my resource provider through
    pulumi plugin install
    somehow? If yes, how do create the tarball needed for the installation? 🤔
    b
    • 2
    • 2
  • b

    better-shampoo-48884

    05/20/2021, 7:11 AM
    quik question - if I pass a
    provider
    to a ComponentResource, will the underlying resources implicitly use that provider? I.e. I have a ComponentResource "network" - that creates azure-vnet, azure-subnet(s) and azure-networksecuritygroups - if I pass the provider to the "network" componentresource, will the vnet, subnets, and nsg's be created with that provider?
    b
    b
    w
    • 4
    • 7
  • r

    rhythmic-activity-46295

    05/20/2021, 4:50 PM
    Hello, Can someone help? I want to register a class as an OutputType. used the OutputType and Constructor attributes, but it doesn't seem to make any effect, and am still getting this exception on pulumi preview: System.InvalidOperationException: {ournamespace}..SubnetStackReference is not a supported argument type. monitor.registerResourceOutputs(...).AppServiceSubnetReferences.id.snet-dev-thin-product-catalogue at Pulumi.Serialization.Serializer.SerializeAsync(String ctx, Object prop, Boolean keepResources) at Pulumi.Serialization.Serializer.SerializeDictionaryAsync(String ctx, IDictionary dictionary, Boolean keepResources) at Pulumi.Serialization.Serializer.SerializeAsync(String ctx, Object prop, Boolean keepResources) at Pulumi.Serialization.Serializer.SerializeAsync(String ctx, Object prop, Boolean keepResources) at Pulumi.Deployment.SerializeFilteredPropertiesAsync(String label, IDictionary`2 args, Predicate`1 acceptKey, Boolean keepResources) at Pulumi.Deployment.SerializeAllPropertiesAsync(String label, IDictionary`2 args, Boolean keepResources) at Pulumi.Deployment.RegisterResourceOutputsAsync(Resource resource, Output`1 outputs) at Pulumi.Deployment.Runner.<>c__DisplayClass9_0.<<WhileRunningAsync>g__HandleCompletion|0>d.MoveNext() --- End of stack trace from previous location --- at Pulumi.Deployment.Runner.WhileRunningAsync() My output: [Output] public Output<ImmutableDictionary<string,SubnetStackReference>> SubnetReferences { get; set; } The class: [Pulumi.OutputTypeAttribute] public sealed class SubnetStackReference { private readonly string _id; private readonly string _name; private readonly SubnetKind _kind; [Pulumi.OutputConstructorAttribute] public SubnetStackReference(string id, string name, SubnetKind kind) { _id = id; _name = name; _kind = kind; } public string Id => _id; public string Name => _name; public SubnetKind Kind => _kind; } Any idea on what am I missing? not even sure I can do this in the first place in C# ...?!
  • f

    full-dress-10026

    05/20/2021, 4:54 PM
    I am using a
    aws.lambda.CallbackFunction
    and just added tslog to my package json. Upon adding it and calling log.info in my code, I get the following error during the pulumi preview.
    function 'callback': batchScalingManager.ts(190,31): referenced
          function 'handleBatch': batchScalingManager.ts(25,20): which captured
            variable 'log' which indirectly referenced
              function 'wrapCallSite': source-map-support.js(348,21): which referenced
                function 'isInBrowser': source-map-support.js(50,20): which could not be serialized because
                  Unexpected missing variable in closure environment: window
        
        Function code:
          function isInBrowser() {
            if (environment === "browser")
              return true;
            if (environment === "node")
              return false;
          ...
    Is this something that could be fixed from my end or no dice with this lib?
    b
    • 2
    • 3
  • m

    mysterious-lighter-33699

    05/20/2021, 5:16 PM
    recently, I've noticed that personal pulumi stacks, created with
    pulumi stack init project/$USER --copy-config-from project/staging
    "forget" configuration values after about a day. That is, pulumi up in that stack no longer can find config settings that are set for the staging stack. This happens after a few hours. Right after creating the personal stack, I can use those variables. The next workday, the variables are gone. We use an AWS SSO provider for our API credentials. Might expiration on those creds cause pulumi stack config to get dropped?
    q
    • 2
    • 2
  • g

    gorgeous-minister-41131

    05/20/2021, 7:48 PM
    anyone having problems with the LaunchTemplate resources in the aws provider? I upgraded from some 3.x version to 4.5.1 and now pulumi is complaining about my LT resources w/r/t to the invalid version. thi sis a terraform provider issue as old as the hills and the first time I ran into this in Pulumi.
    aws:ec2:LaunchTemplate (ci-kiam-server):
        error: 1 error occurred:
        	* updating urn:pulumi:ci::aws-eks-py::aws:ec2/launchTemplate:LaunchTemplate::ci-kiam-server: 1 error occurred:
        	* error modifying Launch Template (lt-0f0da90e33e334f78): InvalidParameterValue: Invalid launch template version: either '$Default', '$Latest', or a numeric version are allowed.
  • g

    gorgeous-minister-41131

    05/20/2021, 7:49 PM
    I never changed my code, and left this:
  • g

    gorgeous-minister-41131

    05/20/2021, 7:49 PM
    user_data=user_data_b64,
                update_default_version=True,
  • g

    gorgeous-minister-41131

    05/20/2021, 8:00 PM
    I raised it as an issue, since it’ seems squarely related to the terraform bug around it, https://github.com/pulumi/pulumi-aws/issues/1504, almost like pulumi-aws behavior changed and doesn’t align with what the underlying TF code is expecting for setting the default version of the launch template. I’m kinda at a loss as to what would have changed there without extensive digging, but it seems like a problem.
  • a

    ambitious-salesmen-39356

    05/20/2021, 9:12 PM
    I'm trying to reference terraform remote state (app.terraform.io cloud backend) but I'm running into
    Preview failed: error constructing backend state manager: Remote workspace Terraform version "0.14.7" does not match local Terraform version "0.15.3"
    Is it possible to configure the
    NewRemoteStateReference
    to use a specific terraform version in order to match our state?
    b
    • 2
    • 2
  • e

    echoing-zebra-28421

    05/20/2021, 10:55 PM
    Hi there, Anyone know how to add and read environment variable in
    pulumi.yaml
    ? I have variables in an .env file but when I run
    pulumi up
    those variables are not uploaded.
    l
    • 2
    • 3
  • c

    colossal-australia-65039

    05/20/2021, 11:58 PM
    I thought Pulumi was supposed to properly recognize cloud provider secrets and encrypt them in preview/state. Or am I wrong about that? This TS code will show the value in plaintext in a preview:
    import { getSecretVersion, getSecret } from "@pulumi/aws/secretsmanager"
    
    getSecret({ name: "somesecret" }).then((s) => getSecretVersion({ secretId: s.arn }).then((sv) => sv.secretString))
    l
    • 2
    • 4
  • b

    bored-table-20691

    05/21/2021, 1:01 AM
    Is there a good equivalent for generating JWTs (and public/private key pairs) similar to the
    tls
    provider?
    • 1
    • 1
  • b

    bored-monitor-99026

    05/21/2021, 4:52 AM
    hi all! can i use pulumi to install softwares on vps (not from cloud providers). basically i want to do the equivalent with pulumi to what i can do with ansible: providing username and password(or ssh keys) so it can ssh into the host and do some software update.
    q
    • 2
    • 4
  • p

    purple-lawyer-35555

    05/21/2021, 7:39 AM
    hi everyone! 😄 do you have any example with Typescript for publishing a Websocket API (lambda + routes + integrations + dynamodb + ...) in AWS? Also, I have seen that the package pulumi-cloud seems like the perfect fit to have this kind of code, but I didn't find anything. any help would be welcome 😊
    • 1
    • 1
  • l

    little-market-63455

    05/21/2021, 1:55 PM
    I am a bit lost on on
    OutputInstance.get()
    method. From the docs:
    This function is only callable in code that runs in the cloud post-deployment. At this point all Output values will be known and can be safely retrieved.
    But at 'cloud' time the Pulumi packages aren't available, for example for serialized lambdas. What am I missing? Is there any use case for it?
    b
    • 2
    • 7
  • b

    bored-table-20691

    05/21/2021, 4:31 PM
    Aside from the Automation API, is it possible to create a stack programmatically within a project while still using the CLI?
    b
    • 2
    • 3
  • b

    bored-table-20691

    05/21/2021, 4:42 PM
    This is more of a code organization question (in Go in this case) - is there a common pattern for how to organize the Pulumi code? Specifically, I’m managing quite a few Kubernetes resources, so everything is quite verbose, probably a couple of thousand lines of code. Typically I’d break different parts into functions (and maybe eventually a component resource), but they also have dependencies between them. As such, I’d have to ensure my functions return the created resources (which may be several in “function”) and also take in all the inputs they need. That’s a lot of overhead relative to just putting everything “inline/procedurally” in a single function. I’m just curious how folks manage this in terms of returning resources and passing them in dependencies between different parts.
    g
    • 2
    • 5
  • c

    colossal-australia-65039

    05/21/2021, 10:13 PM
    I'm using
    @pulumi/docker
    to build an image and i always get this warning. Why is it a warning?
    warning: #1 [internal] load build definition from Dockerfile
    f
    • 2
    • 3
Powered by Linen
Title
c

colossal-australia-65039

05/21/2021, 10:13 PM
I'm using
@pulumi/docker
to build an image and i always get this warning. Why is it a warning?
warning: #1 [internal] load build definition from Dockerfile
f

faint-whale-59078

05/22/2021, 4:54 AM
Hi @colossal-australia-65039 do you have some code you could share please ?
I found some refs on this and I'll ping my colleagues to check it's ok.
c

colossal-australia-65039

05/24/2021, 5:52 PM
This is happening on any image I build with Pulumi, but here is one example of some of my code
const repo = new Repository("logfiles", {
  name: `repo/name`,
})

const gitCommitSha = execSync("git rev-parse HEAD").toString().trim()

export const image = new docker.Image("image", {
  imageName: interpolate`${repo.repositoryUrl}:${gitCommitSha}`,
  build: {
    context: `../`,
    dockerfile: `../Dockerfile`,
  },
})
the Dockerfile is pretty simple
FROM node:16-alpine

WORKDIR /code
COPY package.json package-lock.json ./
RUN npm install
COPY . .

ENTRYPOINT ["npm", "run", "start"]
package.json versions
"@pulumi/docker": "^3.0.0",
        "@pulumi/pulumi": "^3.0.0",
pulumi version
v3.3.0
View count: 2