pulumi-community #general

general

salmon-guitar-84472

09/20/2021, 7:30 AM

Hi there, I want to upgrade my current organization from an individual account to a team account, how do I go about this ?

red-football-97286

09/20/2021, 9:23 AM

Morning, do all

pulumi imports

work? Getting an issue trying to import a WAFv2 using Go.

handsome-state-59775

09/20/2021, 9:30 AM

Using the CLI, how can I import another stack's exported configuration

pulumi config --show-secrets --stack ...

into a selected stack?

average-ability-11166

09/20/2021, 3:33 PM

Hello! Is there a way to have line breaks in pulumi secrets?

red-kangaroo-44125

09/20/2021, 4:53 PM

Hi I am trying to deploy app on kubernetes, every thing is successful execpt ingress. I am getting this error:

Diagnostics:
  pulumi:pulumi:Stack (strapi-strapi-kubernetes):
    error: Program failed with an unhandled exception:
    error: Traceback (most recent call last):
      File "/home/dishant/.pulumi/bin/pulumi-language-python-exec", line 92, in <module>
        loop.run_until_complete(coro)
      File "/usr/lib64/python3.9/asyncio/base_events.py", line 642, in run_until_complete
        return future.result()
      File "/home/dishant/Projects/cloud-poc/infrastructure/stacks/strapi/venv/lib64/python3.9/site-packages/pulumi/runtime/stack.py", line 110, in run_in_stack
        await run_pulumi_func(lambda: Stack(func))
      File "/home/dishant/Projects/cloud-poc/infrastructure/stacks/strapi/venv/lib64/python3.9/site-packages/pulumi/runtime/stack.py", line 43, in run_pulumi_func
        func()
      File "/home/dishant/Projects/cloud-poc/infrastructure/stacks/strapi/venv/lib64/python3.9/site-packages/pulumi/runtime/stack.py", line 110, in <lambda>
        await run_pulumi_func(lambda: Stack(func))
      File "/home/dishant/Projects/cloud-poc/infrastructure/stacks/strapi/venv/lib64/python3.9/site-packages/pulumi/runtime/stack.py", line 133, in __init__
        func()
      File "/home/dishant/.pulumi/bin/pulumi-language-python-exec", line 91, in <lambda>
        coro = pulumi.runtime.run_in_stack(lambda: runpy.run_path(args.PROGRAM, run_name='__main__'))
      File "/usr/lib64/python3.9/runpy.py", line 285, in run_path
        return _run_code(code, mod_globals, init_globals,
      File "/usr/lib64/python3.9/runpy.py", line 87, in _run_code
        exec(code, run_globals)
      File "/home/dishant/Projects/cloud-poc/infrastructure/stacks/strapi/./__main__.py", line 41, in <module>
        ingress = Ingress(
    TypeError: __init__() takes 1 positional argument but 2 positional arguments (and 2 keyword-only arguments) were given
    error: an unhandled error occurred: Program exited with non-zero exit code: 1

This is my pulumi code:

"""A Kubernetes Python Pulumi program"""

import http
from importlib.resources import path
import pulumi
from pulumi_kubernetes.apps.v1 import Deployment, DeploymentSpecArgs
from pulumi_kubernetes.networking.v1 import *
from pulumi_kubernetes.networking.v1.outputs import *
from pulumi_kubernetes.meta.v1 import LabelSelectorArgs, ObjectMetaArgs
from pulumi_kubernetes.core.v1 import *
app_labels = { "app": "strapi" }

deployment = Deployment(
    "strapi",
    spec=DeploymentSpecArgs(
        selector=LabelSelectorArgs(match_labels=app_labels),
        replicas=2,
        template=PodTemplateSpecArgs(
            metadata=ObjectMetaArgs(labels=app_labels),
            spec=PodSpecArgs(containers=[ContainerArgs(name="nginx", image="strapi/strapi")])
        ),
    ))

pulumi.export("name", deployment.metadata["name"])

strapiService = Service("strapiService",
    api_version="v1",
    kind="Service",
    metadata=ObjectMetaArgs(
        name="strapi",
    ),
    spec=ServiceSpecArgs(
        selector=app_labels,
        ports=[ServicePortArgs(
            protocol="TCP",
            port=80,
            target_port=1337,
        )],
    ))

ingress = Ingress(
    "strapi",
    metadata=ObjectMetaArgs(
        name="strapi",
    ),
    spec=IngressSpecArgs(
        ingress_class_name="nginx",
        rules=IngressRuleArgs(
            host="strapi.test.cluster",
            http=HTTPIngressRuleValueArgs(
                paths=HTTPIngressPathArgs(
                    backend=IngressBackendArgs(
                        service=IngressServiceBackendArgs(
                            name="strapi",
                            port=ServiceBackendPortArgs(
                                name="http",
                                number="80"
                            ),
                        )
                    ),
                    path_type="Prefix",
                    path="/"
                )
            )
        ))
    )

miniature-nest-23801

09/20/2021, 5:39 PM

Hi, I just came across the pulumi automation API, I haven't tried it yet but would someone be able to advise if automation API is something that we have to sign up for or will it work completely offline ?

dry-autumn-28966

09/20/2021, 8:20 PM

Hi all, I have started experimenting with Pulumi automation API for a project and it is pretty great! Unfortunately, I have been having a major issue when using the Kubernetes provider. The tool I am trying to create is responsible for creating some infrastructure (Bucket / DB) on various clouds and deploy an application on existing Kubernetes clusters using Helm. I currently have an

infra

stack that outputs a kubeconfig file with temporary token. The kubeconfig is then used from a different

app

stack using pulumi.NewStackReference(). Everything works fine until the temporary token expire… Running refresh>up against

infra

update the kubeconfig file but then the

app

refresh still uses the old one and fail. Is there any workaround?

great-sunset-355

09/21/2021, 8:52 AM

I just read the changelog and I wanted to give a shoutout to @enough-garden-22763 for amazing work on https://github.com/pulumi/pulumi/issues/5758

🎉 2

gorgeous-country-43026

09/21/2021, 9:49 AM

Is there any way to debug Pulumi when plan phase gets stuck forever? I've tried using tracing and verbose logging but nothing really implies anything sensible

billions-mechanic-26704

09/21/2021, 12:28 PM

Dear Community. I am thinking in create a github repository to host my pulumi project . I even think I will use github as identity provider to allow access to the members of my organization. I see now pulumi has a github provider (which is nice), so I am wondering. What is the best/recommended way to create my github repository, by using pulumi github api or creating it manually from my github org?

billions-mechanic-26704

09/21/2021, 2:25 PM

Hi community, there is a prebuilt way to include prefix on resource names when creating them? Similar to terraform? Or do we need to create it programatically? In terraform I had something like:

variable "org" {
  type = string
  validation {
    condition     = length(<http://var.org|var.org>) <= 3
    error_message = "The org variable cannot be larger than 3 characters."
  }
}

variable "tenant" {
  type = string
  validation {
    condition     = length(var.tenant) <= 4
    error_message = "The tenant variable cannot be larger than 4 characters."
  }
}

variable "environment" {
  type = string
  validation {
    condition     = length(var.environment) <= 4
    error_message = "The environment variable cannot be larger than 4 characters."
  }
}

And I use the above variables to name an azure resource group like:

module "resource_group_name" {
  source   = "gsoft-inc/naming/azurerm//modules/general/resource_group"
  name     = "main"
  prefixes = [<http://var.org|var.org>, var.tenant, var.environment]
}

Is possible to do something similar in pulumi? I saw a similar issue reported here, but looks like this is more under programatically control?

hallowed-teacher-48474

09/22/2021, 12:30 AM

Hello everyone!, is there a way to push a Docker image to a newly created ECR Repository using Pulumi, similar to what crosswalk does but in Python?.

tall-nightfall-10556

09/22/2021, 1:00 AM

Is anyone else seeing a persistent diff in aws elasticsearch resources like this:

~ advancedOptions: {
          - override_main_response_version: "false"
        }

I think this must be related to the recent Elasticsearch -> OpenSearch change.

steep-sunset-89396

09/22/2021, 1:45 AM

Hey folks in Melbourne (Australia). I hope you are all doing ok following this morning earthquake. If you need to chat about anything, feel free to reach out to me anytime.

❤️ 2

bulky-policeman-29913

09/22/2021, 2:00 PM

Does anyone use Pulumi for DigitalOcean? I am trying to figure out a way to force replace a droplet on every deploy. I tried using the resource name with a timestamp but ran into issues with this approach. I believe it is due to the DO firewall needing updated (see here: https://github.com/pulumi/pulumi-digitalocean/issues/256). It is kind of frustrating as to do a deployment I have to destroy my stack and redeploy (never getting to use any of the state to prevent changes to untouched resources).

acoustic-ram-46099

09/22/2021, 3:56 PM

Hi everyone, is it also possible to use Pulumi as a configuration management tool like Ansible? For example: 1. Provisioning Ubuntu on dedicated servers? 2. Installing/updating some apt packages on Ubuntu like Docker? 3. Provisioning a Kubernetes cluster like k0s?

icy-engineer-10830

09/22/2021, 4:28 PM

does anyone know why I would see this error:

error: over stack limit: you are using 9 of 5 stacks - manage stack limits for your organization at <https://app.pulumi.com/><my-org>/settings/subscription

are stacks not unlimited? also, click this does nothing:

dry-teacher-74595

09/22/2021, 6:15 PM

whats the recommended way of creating a second database inside a rds instance, im using postgresdb. the pulumi postgres provider seems to take connection parameters from the config file, but my password is generated with

random.RandomPassword

and its not stored in the configuration. that and is there a way to do it if my rds cluster is not publically accessible?

👀 1

victorious-exabyte-70545

09/22/2021, 9:32 PM

Anyone seen this message when using auto and python?

victorious-exabyte-70545

09/22/2021, 9:32 PM

AttributeError: 'NoneType' object has no attribute '__name__'

In [27]: auto.select_stack("stackname", work_dir="/path_to_project")

victorious-exabyte-70545

09/22/2021, 9:32 PM

The path and stack exist.

broad-gold-44713

09/22/2021, 10:09 PM

Does Pulumi have something that's the equivalent of

terraform plan

? The closest I can think of is

pulumi preview -r -j

. Is that correct?

cuddly-tailor-40542

09/23/2021, 1:16 AM

Hi folks! I'm using the EKS package and I'm trying to get the URL of the OIDC. I tried using the following code snippet but I ran into an issu.

oidcProvider := cluster.Core.OidcProvider().ApplyT(func(oidcUrl string) string {
	return strings.Trim(oidcUrl, "https://")
})

The error is in the image below. Has anyone used this EKS package and did they find a workaround for this?

quiet-architect-74241

09/23/2021, 9:57 AM

Why does running `pulumi stack output -j`take so long to run? In my pipelines it takes like 25 seconds. 😐

creamy-nail-67991

09/23/2021, 1:46 PM

Hi, I am attempting to create a set of similar resources within ComponentResource using Azure Native v1.28.0 (in .NET). The

ComponentResource

receives an argument of using the

InputList<T>

where T is a custom class which we manipulate before creating the cloud resources. This means we have to iterate over the

InputList

property and create resources within the

Apply()

block. According to the documentation (https://www.pulumi.com/docs/intro/concepts/inputs-outputs)

“During some program executions, apply doesn’t run. For example, it won’t run during a preview, when resource output values may be unknown. Therefore, you should avoid side-effects within the callbacks. For this reason, you should not allocate new resources inside of your callbacks either, as it could lead to pulumi preview being wrong.”

Is there a better way of doing this, without creating resources within the

Apply()

? Here is a code snippet for some reference.

frontendEndpointArgs.Apply(endpoints =>
{
	....
	
	foreach (var frontend in endpoints)
	{
		if (frontend.HttpsConfiguration == null)
		{
			continue;
		}

		var httpsConfigurationArgs = new CustomHttpsConfigurationArgs
		{
			FrontendEndpointId = Output.Format($"/subscriptions/{currentSubscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/frontDoors/{frontDoorName}/frontendEndpoints/{frontend.Name}"),
			CustomHttpsProvisioningEnabled = true,
			CustomHttpsConfigurationConfig = new CustomHttpsConfigurationCustomHttpsConfigurationArgs
			{
				CertificateSource = "AzureKeyVault",
				AzureKeyVaultCertificateVaultId = frontend.HttpsConfiguration.Apply(fe => fe.AzureKeyVaultCertificateVaultId),
				AzureKeyVaultCertificateSecretName = frontend.HttpsConfiguration.Apply(fe => fe.AzureKeyVaultCertificateSecretName),
				AzureKeyVaultCertificateSecretVersion = frontend.HttpsConfiguration.Apply(fe => fe.AzureKeyVaultCertificateSecretVersion),
				//MinimumTlsVersion = "1.2"
			},
		};

		_ = frontend.Name.Apply(frontendName => 
			new CustomHttpsConfiguration($"{frontendName}-SslCertificate", httpsConfigurationArgs, new CustomResourceOptions
			{
				Provider = provider,
				Parent = parent,
			}));
	}

	....
});

billions-mechanic-26704

09/23/2021, 2:42 PM

Hi community, What is the difference bwtween use

BranchProtection

github resource https://www.pulumi.com/docs/reference/pkg/github/branchprotection/#branchprotection And

BranchProtectionV3

github resource ? https://www.pulumi.com/docs/reference/pkg/github/branchprotectionv3/#branchprotectionv3 I see there are some different resource properties inputs like in v3 there is

branch

and in normal version i choose the branch using

pattern

parameter Which one should I choose?

clean-toddler-25770

09/23/2021, 3:44 PM

Hi everyone, does anyone have any prior experience dealing with features recently released by a cloud provider that are not yet supported by the Pulumi API? In our case, we want to start to use the dynamic partitioning in AWS Firehose, but this configuration is not included in the documentation. Any good approach to tackle this problem? Is editing from the console an option?

purple-train-14007

09/23/2021, 5:27 PM

Pulumi and Github Actions are a match made in heave imo. 💒👰

❤️ 4

refined-tent-12187

09/23/2021, 5:58 PM

hi everyone, i have few question, i use pulumi since 1 year now and i love it. But in certain case, it’s very hard to understand how use code without example. see my problem : I write my code with typescript, and i’am on Azure I use web.webaap for create a function app, and i want to add an identity provider. I use azuread.Application (App registration) who its work fine, but when i want to associate my function app with this App registration, i used WebAppAuthSettingsV2. And its very hard to understand how used it. Somebody have an working example ? See my code in the next message

billions-mechanic-26704

09/23/2021, 8:53 PM

Hi Everyone. I am using pulumi and azure python sdk. I want to spread the resources creation across several python files, so I have:

__main__.py
azure-appservice.py

But it seems my code is only executed when it is in

__main__.py

and the resources defined on

azure-appservice.py

are not readed when I execute

pulumi up

command. Is there a way to use more than one python file similar to terraform?

Title

billions-mechanic-26704

09/23/2021, 8:53 PM

Hi Everyone. I am using pulumi and azure python sdk. I want to spread the resources creation across several python files, so I have:

__main__.py
azure-appservice.py

But it seems my code is only executed when it is in

__main__.py

and the resources defined on

azure-appservice.py

are not readed when I execute

pulumi up

command. Is there a way to use more than one python file similar to terraform?

billowy-army-68599

09/23/2021, 9:04 PM

you can't have it read all the files, but you can import from other files, and separate the resources into components. See here: https://github.com/jaxxstorm/pulumi-nginx-demo/blob/main/nginx-ingress/app.py and here: https://github.com/jaxxstorm/pulumi-nginx-demo/blob/main/nginx-ingress/__main__.py#L45

the way terraform works sorta violates the "principal of least surprise" to me, executing random files you haven't explicitly imported

💡 1

you'll notice the import here: https://github.com/jaxxstorm/pulumi-nginx-demo/blob/main/nginx-ingress/__main__.py#L8

billions-mechanic-26704

09/23/2021, 9:23 PM

@billowy-army-68599 thanks, it makes sense under modularity perspective.

View count: 3