https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • r

    rapid-raincoat-36492

    10/08/2021, 5:13 PM
    I was able to fix this by forcing
    @pulumi/pulumi
    to use the version of
    ts-node
    I wanted it to,
    8.10.2
    . I opened a ticket to move
    ts-node
    to a peer-dependency in the node sdk so that it's easier to "bring my own" version of
    ts-node
    that I need without needing to much around with yarn resolutions: https://github.com/pulumi/pulumi/issues/8177
  • c

    calm-nest-80923

    10/08/2021, 8:38 PM
    @rapid-raincoat-36492 we have similar issues very often - compiling typescript works, ts-node throws weird errors. We tweaked our tsconfig to match ts-node requirements closer, but we still get them. We are now investigating disabling ts-node entirely and running
    @pulumi/pulumi
    on compiled code. Oddly, a service fails without an error, though it deploys with TS enable and with the CLI … Btw, we’re using ts-node 10.* - had fewer issues than with 8.*
    👀 1
  • b

    brave-angle-33257

    10/08/2021, 8:44 PM
    coding up automation API right now.. function just failed.. living on the edge!!
    2021-10-08T20:39:52.862Z	7244c1c2-b69c-4f06-8e15-6abfac3ad1a8	INFO	    pulumi:providers:aws default_4_24_0  error: no resource plugin 'aws-v4.24.0' found in the workspace or on your $PATH, install the plugin using `pulumi plugin install resource aws v4.24.0`
    r
    • 2
    • 3
  • m

    miniature-nest-23801

    10/09/2021, 6:48 PM
    Is there a concept of "modules" in pulumi known from terraform or is that handled by usual programming language with functions and classes ?
    g
    f
    • 3
    • 15
  • q

    quaint-electrician-41503

    10/10/2021, 2:12 AM
    pulumi seems frozen in the preview
    pulumi up
    Enter your passphrase to unlock config/secrets
        (set PULUMI_CONFIG_PASSPHRASE or PULUMI_CONFIG_PASSPHRASE_FILE to remember): 
    Previewing update (dev):
         Type                 Name            Plan     Info
         pulumi:pulumi:Stack  quickstart-dev           (node:332400) ExperimentalWarning: The http2 module is an experimental API.
    
         Type                 Name            Plan     Info
         pulumi:pulumi:Stack  quickstart-dev           (node:332400) ExperimentalWarning: The http2 module is an experimental API.
  • q

    quaint-electrician-41503

    10/10/2021, 2:12 AM
    been at that place for at least 5 minutes for what should be a simple program
    • 1
    • 7
  • p

    proud-pizza-80589

    10/10/2021, 11:26 AM
    Anyone have tried to use renovate bot on pulumi setups? Docker image versions, helm chart versions, etc? https://docs.renovatebot.com/configuration-options/#autoreplacestringtemplate
  • q

    quaint-electrician-41503

    10/10/2021, 6:49 PM
    Well that's not fair. The example freezes also.
  • q

    quaint-electrician-41503

    10/10/2021, 6:57 PM
    https://github.com/pulumi/examples/issues/1098
  • d

    dry-sugar-63293

    10/11/2021, 7:48 AM
    Hi guys, I am trying to use Pulumi to setup - Ingress for my GKE service - with HTTPS loadbalancer - with Google managed SSL certificate. For some reason, the Ingress creation is stuck forever at "Creating Ingress" Are there any working examples that I can refer to? if you need more info, feel free to ask and I would be happy to provide. Below is a code snippet of I have tried so far (arrived at this state after a zillion trials). What am I missing? #kubernetes #gcp
    const authDeploymentService = new k8s.core.v1.Service(authDeploymentName,
                {
                    metadata: {
                        name: "auth-svc",
                        labels: authDeploymentAppLabels,
                        namespace: namespaceName,
                    },
                    spec: {
                        type: "LoadBalancer",
                        ports: [{ port: 80, targetPort: 8080 }],
                        selector: authDeploymentAppLabels,
                    },
                },
                {
                    provider: clusterProvider,
                    dependsOn: [authDeployment]
                }
            );
    
    
            const authServiceManagedCert = new gcp.compute.ManagedSslCertificate("auth-cert-001", {
                name: "auth-cert-001",
                project: myGcpProject.projectId,
                description: "Managed SSL Certificate For auth service",
                managed: {
                    domains: [
                        "<http://mydomain.com|mydomain.com>"
                    ]
                }
            });
    
            const managedCertConfigMap = new k8s.core.v1.ConfigMap("managed-certificate-config", {
                data: {
                    "1": pulumi.interpolate`{"Key":{"Namespace":"${namespaceName}","Name":"${authServiceManagedCert.name}"},"Value":{"ExcludedFromSLO":false,"SoftDeleted":false,"SslCertificateName":"${authServiceManagedCert.id}","SslCertificateBindingReported":true,"SslCertificateCreationReported":true}}}`
                },
                metadata: {
                    name: "managed-certificate-config",
                    namespace: "kube-system",
                }
            })
    
            const ingress = new k8s.networking.v1beta1.Ingress(authDeploymentName + "-ingress", {
                metadata: {
                    namespace: namespaceName,
                    annotations: {
                        "<http://ingress.gcp.kubernetes.io/pre-shared-cert|ingress.gcp.kubernetes.io/pre-shared-cert>": authServiceManagedCert.name,
                        "<http://networking.gke.io/managed-certificates|networking.gke.io/managed-certificates>": authServiceManagedCert.name
                    }
                },
                spec: {
                    ingressClassName: "gce",
                    backend: {
                        serviceName: authDeploymentService.metadata.name,
                        servicePort: 80
                    },
                    tls: [
                        {
                            hosts: ["<http://mydomain.com|mydomain.com>"],
                        }
                    ],
                    rules: [
                        {
                            host: "<http://mydomain.com|mydomain.com>",
                            http: {
                                paths: [
                                    {
                                        path: "/",
                                        backend: {
                                            serviceName: authDeploymentService.metadata.name,
                                            servicePort: authDeploymentService.spec.ports[0].port,
                                        },
                                    }
                                ],
                            },
                        },
                    ]
                }
            },
                {
                    provider: clusterProvider,
                    dependsOn: [managedCertConfigMap]
                });
    • 1
    • 1
  • q

    quaint-electrician-41503

    10/11/2021, 8:09 AM
    My first troubleshooting step regarding your ingress problem would be to query the k8s api or cli to see if / what / any ingress configurations have been
    d
    • 2
    • 9
  • q

    quaint-electrician-41503

    10/11/2021, 8:09 AM
    deployed
  • l

    limited-artist-95518

    10/11/2021, 8:26 AM
    Hi! I have a quick question regarding the AppSync provider. I see in Github issues that some of the AppSync providers have been providing an invalid name about a year ago, but i am currently getting
    400:Invalid Name
    responses when i try to create
    aws.appsync.Resolver
    resources. Is anyone here using resolvers successfully?
  • h

    high-answer-18213

    10/11/2021, 9:52 AM
    hi! i'm using the Pulumi REST API to get the state of my stack in another application. Now i need to be able to decrypt secrets too. I am using the default secret provider but i can't seem to find any docs on how to actually reverse the cipher or what cipher is used. Where can i find info on this?
    b
    • 2
    • 2
  • s

    salmon-mechanic-4571

    10/11/2021, 10:45 AM
    Hi All, I have a question. How would you go about creating users and roles on Azure SQL Databases via Pulumi? I have created my server and database, but at the moment I'm creating users via DevOps release pipeline and Dack Pac but I'm having troubles keeping my password as a secret this way, hence I would like to do it via Pulumi instead. Hope you can help 🙂 FYI: I'm doing an Azure Typescript project
    b
    n
    • 3
    • 8
  • b

    brash-vr-21201

    10/11/2021, 1:56 PM
    Hi guys , Is there a way to get all the inputs /arguments that can be provided to a resource? We are using typescript pulumi/aws sdk.
    d
    • 2
    • 4
  • r

    rapid-raincoat-36492

    10/11/2021, 2:34 PM
    In my Pulumi console, under each project I see many stacks that have 0 resources in them (which existed for some branch deploy, but those branches no longer exist). Is there a way I can hide stacks without resources, or otherwise really destroy a stack?
    b
    • 2
    • 3
  • b

    brave-nightfall-19158

    10/11/2021, 3:05 PM
    Hey there. I am trying to setup App Mesh and ECS EC2 with Pulumi and I am having the following problem. The pulumi up command executes successfully based on my template. The task definition has 2 containers - one is the envoy container and one is my app container. The envoy container has the environment specified like so environment: [ { name: 'APPMESH_RESOURCE_ARN', value: srv_ext_providers_node.arn }, { name: 'ENVOY_LOG_LEVEL', value: 'DEBUG' } ]," where the APPMESH_RESOURCE_ARN uses the ARN of the virtual node previously created. However, the container continually fails to start with the following error: Anyone have any ideas what this means or how I can fix the environment variable output? It must be the env var which is the probably and reading the ARN from the other virtual node resource.. Also note that the whole container definition is inside a JSON.stringify block as per the example on the task definition page https://www.pulumi.com/docs/reference/pkg/aws/ecs/taskdefinition/#basic-example
  • s

    swift-australia-96791

    10/11/2021, 3:15 PM
    Hi All, how can I get ECR repo details using registryID. Another question is there a way to refer the ECR which belongs to other AWS account. In the same pulumi code/stack I want to create resources on AWS Account A and want to push the image on ECR which belongs to another AWS Account B.
    export const repository= aws.ecr.Repository.get("ecr-repo", ??? )
    b
    • 2
    • 2
  • g

    gorgeous-keyboard-22299

    10/11/2021, 3:41 PM
    Hello Pulumi Comunity. I've a curious aws.ec2.DefaultAcl issue whereby a Route 53 UDP rule doesn't get added while a TCP rule does get added. Here's an example of a route53_egress_nacl not added:
    [ { protocol: "udp", ruleNo: 171, action: "allow", cidrBlock: "0.0.0.0/0", fromPort: 53, toPort: 53 }]
    . I have an NTP rule exactly like this one that gets added for UDP port 123 - why would that one be OK but no-go for 53? I noticed that the AWS console recognizes port 53 as "DNS (UDP) (53)", so is there another magic protocol I need to specify in the rules for DNS?
    b
    • 2
    • 2
  • b

    brave-nightfall-19158

    10/11/2021, 4:05 PM
    Hey team. I'm trying to get the arn of a resource I created, but my template is consistently giving errors - I'm using "service.arn[0].resourceRecordValue" but it is complaining. This seems a straightforward thing.. I also tried "service.arn" but that also did not work 😞
  • b

    brave-nightfall-19158

    10/11/2021, 4:26 PM
    To shed more light on above, I am using JSON.stringify to wrap my container definition in an ECS task container definition. I need to inject the ARN of a resource into an environment variable however this is where the problem arises as JSON.stringify doesn't seem to allow the interpolation of the arn... I'm assuming this is to do with how / when pulumi does this.. Anyone used ECS with container definition and injected env vars?
    g
    • 2
    • 5
  • p

    proud-pizza-80589

    10/11/2021, 4:52 PM
    i think you need apply(). containerDefinitions: service.arn.apply((arn) => JSON.stringify({…. value: arn … })
    b
    • 2
    • 4
  • p

    proud-pizza-80589

    10/11/2021, 4:53 PM
    it acts a bit like promise.then(…) in the way to work with it
  • a

    average-market-57523

    10/11/2021, 5:04 PM
    I can access my gcp bucket through the gcp cli, but pulumi stack cannot
  • a

    average-market-57523

    10/11/2021, 5:05 PM
    My account has admin rights over that bucket
  • b

    bulky-area-51023

    10/11/2021, 5:43 PM
    Is it safe to have parallel executions of
    pulumi up
    in different stacks? Managed to find some open issues about enabling parallelism in automation API, wanted to make sure whether it is safe in case of CLI.
    b
    r
    • 3
    • 6
  • w

    worried-knife-31967

    10/11/2021, 7:13 PM
    Is there anything built into the .NET implementation that allows you to run a list of resources in, using a dependency so that they're all run in series rather than parallel. kinda like a
    DependsOn = { previousItem }
    but a nice way to do it. It's also a ComponentResource that I want to run in series if that matters. This is likely one of those "I've been looking at this for like 4 hours, and the solution is obvious" kinda situations
  • w

    worried-knife-31967

    10/11/2021, 7:22 PM
    currently I'm resorting to
    FunctionApp lastApp = null!;
    
                foreach (var app in apps)
                {
                    ComponentResourceOptions options = lastApp == null ? null! : new ComponentResourceOptions {
                        DependsOn = {
                            lastApp
                        }
                    };
    
                    var cosmosDbRoles = new CosmosDbRoles($"{StackConstants.ApplicationName.ToLower()}-{app.Key}-cosmosdbroles",
                        new CosmosDbRoleArgs()
                        {
                            ResourceGroupName = globalResourceGroup.Name,
                            FunctionIdentity = app.Value.AppIdentity,
                            CosmosDatabaseAccountName = cosmos.CosmosDatabaseAccountName,
                            CosmosDatabaseAccountId = cosmos.CosmosDatabaseAccountId
                        }, options);
                     lastApp = app.Value;
                }
    s
    b
    • 3
    • 7
  • w

    worried-knife-31967

    10/11/2021, 7:22 PM
    which makes me feel a little dirty.
Powered by Linen
Title
w

worried-knife-31967

10/11/2021, 7:22 PM
which makes me feel a little dirty.
View count: 1