lively-author-18255
01/11/2022, 9:03 PMwet-noon-14291
01/11/2022, 9:48 PMComponentResource
? We struggle with having a stack hanging if the async requests fails. We are doing something like this:
export class Team extends pulumi.ComponentResource {
teamId: pulumi.Output<string>
constructor(name: string, teamSpec: types.TeamSpec) {
super("something", name, {});
const azureAdConfig = azuread.getClientConfig({})
const usersIds = pulumi.output(getUsers(teamSpec.members)); // getUsers is something that returns a promise
const adGroup = new azuread.Group(`${teamSpec.teamName}-ad-group`, {
displayName: teamSpec.teamName,
owners: [azureAdConfig.then(c => c.objectId)],
description: "Created and managed by Automation",
securityEnabled: true,
members: usersIds
});
....
if the call to getUsers
fails everything will just hang. I would expect pulumi to catch that and fail the whole process. Am I doing something wrong or is this a bug?fancy-egg-38667
01/12/2022, 12:13 AMmagnificent-lifeguard-15082
01/12/2022, 1:53 AMwet-noon-14291
01/12/2022, 8:22 AM{
"commandResult": {
"stdout": "....",
"stderr": "....",
"code": 255
},
"name": "CommandError"
}
where my internal error message is in the stdout
property as part of a long string. I can use regex on the string, but it should be an easier way as I see it. This isn't an issue when you are running from the CLI, but it is more an issue when you are using automation so you can provide better error messages to the users.quick-fall-21011
01/12/2022, 8:44 AMthousands-jordan-32051
01/12/2022, 12:12 PMbored-continent-69206
01/12/2022, 5:10 PMconst zone = new aws.route53.Zone(
"www",
{ name: "<http://example.com|example.com>" },
{ import: "ZoneID" }
);
But during deployment I always get the error that the resource does not exist
aws:route53:Zone (www):
error: inputs to import do not match the existing resource
What values do I need to provide to properly import the zone?
thanksfast-pager-93865
01/12/2022, 8:28 PMVpc:id: "vpcid1234"
If there is a VPC:id set then don’t run the first “Create New VPC” function, instead just use this string value as my VPC id for the “Create New Subnets” function. The issue I have run into is I am now dealing with a different type.
So for the “Create new subnets function to take in the VPC from the ID() method then I can have func like this:
func CreateSubnets(ctx *pulumi.Context, vpcID pulumi.IDOutput) { << vpcID is type pulumi.IDOoutput
//creates subnet(s)
Now for a string ID taken from the config object I need it to look like this
func CreateSubnets(ctx *pulumi.Context, vpcID string {
//creates subnet(s)
My question is am I tackling this the wrong way and if so what would be another approach? It feels like I am. I do of course appreciate this is a Go Type issue rather than a strictly Pulumi one :)salmon-truck-53389
01/12/2022, 9:46 PM<https://www.pulumi.com/cf2pulumi/>
so that I can convert it to TypeScript but it fails.loud-parrot-24969
01/13/2022, 2:02 AMRust
will be integrated as a supported language?flat-kangaroo-13810
01/13/2022, 2:11 AMvar data = config.RequireObject<Models.DNS.DNSConfigModel>("dns");
foreach (Models.DNS.ZoneConfigModel zone in data.zones)
{
ManagedZone requestedZone = createManagedZone(zone, new List<Resource>() {});
foreach (Models.DNS.RecordConfigModel record in zone.records)
{
Output.All(requestedZone.Name, ingressIp.Apply(t => t)).Apply(x =>
{
createRecordSet(x[0], record, new List<Resource>() { requestedZone }, x[1]);
return "";
});
}
}
Example: (config)
<project>:dns:
zones:
- name: website-com
projectKey: networking
dnsName: <http://website.com|website.com>.
description: "Zone for website-com"
protect: true
records:
- name: <http://api.website.com|api.website.com>.
isIngressEndpoint: false
projectKey: networking
type: CNAME
ttl: 300
protect: true
rrDatas:
- website.hosted.com.
able-honey-93860
01/13/2022, 4:59 AMimportant-midnight-13972
01/13/2022, 8:25 AMquick-fall-21011
01/13/2022, 8:29 AMpulumi up --stack dev
I accidentally targeted another cluster since my local context was pointing not to dev
. Thinking ahead and hoping to avoid this, storing the kubeconfig
in pulumi config seems like a good move (as described https://www.pulumi.com/registry/packages/kubernetes/installation-configuration/), though I'm not comfortable setting that in plain text and committing to source control. Does the kubernetes provider allow reading the kubernetes:kubeconfig
as a secret?fresh-furniture-72056
01/13/2022, 11:51 AMAnother update is currently in progress
. I've seen suggestions of using
pulumi cancel
pulumi stack export | pulumi stack import
pulumi up
Is this the best way to handle this sort of scenario? (This can cause the other workflows to fail potentially). Just wondering if there is a more cleaner way like waiting on currently running stack updates before running up
etc?bumpy-agent-19616
01/13/2022, 12:15 PMsecretsprovider: azurekeyvault://************
encryptedkey: ******
config:
azure:clientId: ************
azure:clientSecret:
secure: **************************
azure:environment: public
azure:location: ***********
azure:subscriptionId: ******************
azure:tenantId: **********
tre-se-api:container-env-variables:
- name: SERVER_CACHE_TTL
value: "10000"
- name: CACHE_TTL
value: "10"
- name: CACHE_CHECK_PERIOD
value: "60"
When we do pulumi up
, it changes the above stack config as below,
secretsprovider: azurekeyvault://************
encryptedkey: ******
config:
azure:clientId: ************
azure:clientSecret:
secure: **************************
azure:environment: public
azure:location: ***********
azure:subscriptionId: ******************
azure:tenantId: **********
tre-se-api:container-env-variables:
- name: SERVER_CACHE_TTL
value: 10000
- name: CACHE_TTL
value: 10
- name: CACHE_CHECK_PERIOD
value: 60
Due to the change of stack config, we get cannot convert int64 to string
problem.
Solution: we needed to go back to the previous version(v3.21.2) to solve this problem.future-daybreak-16512
01/13/2022, 12:38 PMwet-noon-14291
01/13/2022, 12:40 PMpulumi stack rename <new-name> -s <old-name>
doesn't work. Output from this is:
error: no Pulumi project found in the current working directory. If you're using the --stack
flag, make sure to pass the fully qualified name (org/project/stack)
Do I have to be in a project directory to rename a stack?nice-beard-3866
01/13/2022, 2:29 PMPulumi.production.yaml
) it sorts all the keys and removes all comments and whitespace.
Is there some way to prevent it from doing this? I have a bunch of comments and logical grouping/ordering that I don't want to get lostcrooked-postman-72907
01/13/2022, 4:28 PMmicroscopic-dress-1605
01/13/2022, 4:41 PMCustomResource
using the pulumi cli. When I execute pulumi import pulumi-resource-id cloud-provider-resource-id
the resource is successfully imported. However, the resource is then a top-level resource and not a chilled of the Custom Resource. Thank you for your help!high-cricket-61841
01/13/2022, 5:39 PMlemon-television-29125
01/14/2022, 7:08 AMpolite-addition-60031
01/14/2022, 7:17 AMcuddly-actor-99406
01/14/2022, 11:27 AMpulumi up
my prod environment after not touching it for a while, and it is hanging (100% cpu on python process) in preview. I believe is it related to the large (alb and cert-manager) k8s.yaml.ConfigFile
resources I have. Everything has been fine for many months, but since the last time I ran it, pulumi, python, pulumi-kubernetes, and my laptop (new m1) have gone through many updates (which I have just applied). I've tried logging as suggested on the troubleshooting page, but can't see anything interesting. pulumi refresh
seems to work ok. aws cli
and kubectl
are connecting. If I comment out the ConfigFile
resource, then preview completes normally (and offers to delete my resources). I'm out of ideas. This is prod and I don't want to delete anything. Any ideas?. The last line of the log is
I0114 22:12:30.762818 83092 eventsink.go:62] eventSink::Debug(<{%reset%}>resource registration successful: ty=kubernetes:<http://apiextensions.k8s.io/v1:CustomResourceDefinition|apiextensions.k8s.io/v1:CustomResourceDefinition>, urn=urn:pulumi:xxxx.prod::xxxx::kubernetes:yaml:ConfigFile$kubernetes:<http://apiextensions.k8s.io/v1:CustomResourceDefinition::certificaterequests.cert-manager.io<{%reset%}>)|apiextensions.k8s.io/v1:CustomResourceDefinition::certificaterequests.cert-manager.io<{%reset%}>)>
polite-article-56500
01/14/2022, 11:55 AMpulimi config set
after the new version 3.22.0
the issue: https://github.com/pulumi/pulumi/issues/8752eager-gigabyte-20835
01/14/2022, 1:16 PMbillions-lawyer-5518
01/14/2022, 1:31 PMerror: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain
Code snippet:
import * as gcp from "@pulumi/gcp";
import { remote, types } from "@pulumi/command";
import { Config } from "@pulumi/pulumi";
import * as fs from "fs";
import * as os from "os";
import * as path from "path";
const config = new Config();
const publicKey = config.get("publicKey");
const privateKeyBase64 = config.get("privateKeyBase64");
const privateKey = privateKeyBase64
? Buffer.from(privateKeyBase64, "base64").toString("ascii")
: fs.readFileSync(path.join(os.homedir(), ".ssh", "id_rsa")).toString("utf8");
const svcAct = new gcp.serviceaccount.Account("my-service-account", {
accountId: "service-account",
displayName: "Service account for Pulumi",
});
const svcKey = new gcp.serviceaccount.Key("my-service-key", {
serviceAccountId: svcAct.name,
publicKeyType: "TYPE_X509_PEM_FILE",
});
const address = new gcp.compute.Address("my-address", {
region: "us-central1",
});
// Create a Virtual Machine Instance
const computeInstance = new gcp.compute.Instance("instance", {
machineType: "n2-standard-2",
zone: "us-central1-a",
bootDisk: {
initializeParams: {
image: "ubuntu-os-cloud/ubuntu-1804-lts",
size: 20,
},
},
networkInterfaces: [
{
network: "default",
accessConfigs: [{ natIp: address.address }],
},
],
advancedMachineFeatures: { enableNestedVirtualization: true },
serviceAccount: {
scopes: ["<https://www.googleapis.com/auth/cloud-platform>"],
email: svcAct.email,
},
metadata: {
"enable-oslogin": "false",
"ssh-keys": `user:${publicKey}`,
},
});
const connection: types.input.remote.ConnectionArgs = {
host: address.address,
user: "user",
privateKey: privateKey,
};
const copyFile = new remote.CopyFile("docker-install-file", {
connection,
localPath: "./deploy.sh",
remotePath: "deploy.sh",
});
const execCommand = new remote.Command(
"exec-docker-shell",
{
connection: connection,
create: "sh deploy.sh",
},
{ dependsOn: copyFile }
);
// Export the name and IP address of the Instance
export const instanceName = computeInstance.name;
magnificent-lifeguard-15082
01/14/2022, 3:57 PMtfplan
and .terraform
in my source tree?