high-grass-3103
01/31/2022, 9:03 PMpolite-napkin-90098
01/31/2022, 9:06 PMpackage main
import (
k8s "<http://github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes|github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes>"
helm "<http://github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes/helm/v3|github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes/helm/v3>"
"<http://github.com/pulumi/pulumi/sdk/v3/go/pulumi|github.com/pulumi/pulumi/sdk/v3/go/pulumi>"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// get the kubeconfig from the EKS stack
stackEKS, err := pulumi.NewStackReference(ctx, "EKS-test", nil)
if err != nil {
return err
}
kubeConfig := stackEKS.GetOutput(pulumi.String("kubeconfig"))
if err != nil {
return err
}
// create a provider with that config
eksProvider, err := k8s.NewProvider(ctx, "eksprov", &k8s.ProviderArgs{
Kubeconfig: kubeConfig,
})
if err != nil {
return err
}
// deploy redis from the helm chart
_, err = helm.NewChart(ctx, "redis", helm.ChartArgs{
Repo: pulumi.String("bitnami"),
Chart: pulumi.String("redis"),
Values: pulumi.Map{
"auth.password": pulumi.String("MyTopSecretPassword"),
},
},
pulumi.ProviderMap(map[string]pulumi.ProviderResource{
"kubernetes": eksProvider,
}),)
if err != nil {
return err
}
ctx.Export("output", kubeConfig)
return nil
})
}
If I comment out the from eksProvider down to the ctx.Export, I get what looks like a valid kubeconfig exported.
But as is this results in a typing error:
./main.go:22:4: cannot use kubeConfig (type pulumi.AnyOutput) as type pulumi.StringPtrInput in field value: pulumi.AnyOutput does not implement pulumi.StringPtrInput (missing ToStringPtrOutput method)
Can anyone help me understand what I need to do here?rapid-raincoat-36492
01/31/2022, 9:41 PMquick-fall-21011
02/01/2022, 7:16 AMkeycloak:url
and keycloak:password
as Stack Outputs. In Project B, I'd like to create a new Realm, and other related objects, however the login depends on these credentials being in Project B's config, or environment variables. I'd like it all to be automated, so although I can manually set the configuration in Project B, I'd like to avoid that. I tried the suggested alternative method, using Environment variables and setting them inside the project, e.g.
Environment.SetEnvironmentVariable("KEYCLOAK_CLIENT_ID", "admin-cli");
But seems the process can't access them, as it still complains that they're not set
Diagnostics:
keycloak:index:Realm (pinostrats):
error: 2 errors occurred:
* missing required configuration key "keycloak:clientId":
Set a value using the command `pulumi config set keycloak:clientId <value>`.
* missing required configuration key "keycloak:url": The base URL of the Keycloak instance, before `/auth`
Set a value using the command `pulumi config set keycloak:url <value>`.
Any ideas on how to get around this? Somehow manually instantiate the provider?stale-iron-26898
02/01/2022, 11:48 AMcurved-summer-41191
02/01/2022, 10:40 PMgorgeous-minister-41131
02/02/2022, 12:27 AMp stack change-secrets-provider default
Migrating old configuration and state to new secrets provider
this is just… hanging.. I’m trying to migrate from a hashivault -> default provider .. the only thing I can think of is this stack has a lot of resources (200~) but it still shouldn’t take that long…
edit: looks like the operation was extremely slow and adding -v
flag didn’t really provide any additional info. Methinks it might be a useful to have…helpful-account-44059
02/02/2022, 6:57 AMbumpy-agent-19616
02/02/2022, 11:06 AMNamespace.ts
-----------------
export interface NamespaceArgs {
name: string;
metadata: {
labels: {
[key: string]: string;
};
};
}
export class Namespace extends pulumi.ComponentResource {
constructor(
name: string,
args: NamespaceArgs,
opts?: pulumi.CustomResourceOptions,
) {
super(Constants.COMPONENT_TYPE, name, {}, opts);
new k8s.core.v1.Namespace(
args.name,
{
metadata: args.metadata,
},
{
...opts,
parent: this,
},
);
}
}
Secret.ts
-----------------
export interface SecretArgs {
name: string;
type: string;
data: string;
metadata: MetadataArgs;
}
export class Secret extends pulumi.ComponentResource {
constructor(
name: string,
secretArgs: SecretArgs,
opts?: pulumi.CustomResourceOptions,
) {
super(Constants.COMPONENT_TYPE, name, {}, opts);
const secretOpts = new SecretOpts();
new k8s.core.v1.Secret(
`${secretArgs.metadata.name}-${secretArgs.metadata.namespace}-${Constants.DEPLOYMENT}`,
{
data: secretOpts.setData(secretArgs.type, secretArgs.data),
metadata: secretOpts.setMetadata(secretArgs.metadata),
type: secretOpts.setType(secretArgs.type),
},
{
...opts,
parent: this,
},
);
}
}
IngressNginx.ts
-----------------
export interface IngressNginxArgs {
helmVersion: HelmVersion.V2 | HelmVersion.V3;
chartArgs: ChartArgs;
namespaceArgs: NamespaceArgs;
secretArgs: SecretArgs;
provider: k8s.Provider;
}
export class IngressNginx extends pulumi.ComponentResource {
constructor(
name: string,
ingressNginxArgs: IngressNginxArgs,
opts?: pulumi.CustomResourceOptions,
) {
super(Constants.COMPONENT_TYPE, name, {}, opts);
const defaultResourceOpts: pulumi.ComponentResourceOptions = {
parent: this,
provider: ingressNginxArgs.provider,
};
const namespace = new Namespace(
ingressNginxArgs.namespaceArgs.name,
ingressNginxArgs.namespaceArgs,
{
...defaultResourceOpts,
},
);
const secret = new Secret(
ingressNginxArgs.secretArgs.name,
ingressNginxArgs.secretArgs,
{
...defaultResourceOpts,
dependsOn: [namespace],
},
);
const ingressNginxResourceOpts: pulumi.ComponentResourceOptions = {
...defaultResourceOpts,
dependsOn: [namespace, secret],
};
if (ingressNginxArgs.helmVersion == HelmVersion.V2) {
new k8s.helm.v2.Chart(
name,
new IngressNginxChartOpts(ingressNginxArgs.chartArgs).setChartOpts(),
ingressNginxResourceOpts,
);
} else {
new k8s.helm.v3.Chart(
name,
new IngressNginxChartOpts(ingressNginxArgs.chartArgs).setChartOpts(),
ingressNginxResourceOpts,
);
}
}
}
echoing-angle-67526
02/02/2022, 2:53 PMbillions-judge-9412
02/02/2022, 7:08 PMbillions-judge-9412
02/02/2022, 7:17 PMfancy-egg-38667
02/02/2022, 7:21 PMerror: failed to discover plugin requirements: parsing go version: Invalid character(s) found in minor number "18beta2"
mammoth-art-6111
02/02/2022, 7:27 PMpulumi import aws:codepipeline/pipeline:Pipeline
:
error: aws:codepipeline/pipeline:Pipeline resource 'staging-pipeline' has a problem: expected length of stage.0.action.0.namespace to be in the range (1 - 100), got . Examine values at 'Pipeline.Stages[0].Action[0].Namespace'.
Looks like it's complaining that namespace isn't there, but that's an optional property?mammoth-art-6111
02/02/2022, 7:28 PMaws codepipeline get-pipeline
cool-jewelry-33023
02/02/2022, 8:33 PMpolite-napkin-90098
02/02/2022, 9:37 PMRole
I am struggling to get something which has type iam.RoleInput which is what the error messages say, e.g.: cannot use adminvm (type iam.LookupRoleResultOutput) as type iam.RoleInput in field value: iam.LookupRoleResultOutput does not implement iam.RoleInput (missing ToRoleOutput method)
I've tried iam.LookupRole iam.GetRole and iam.LookupRoleOutput but none of them seem to give me an object of type iam.RoleInput. I think I could probably write code to make the role or use the pulumi import to do that for me and then I would be able to use the object created by iam.NewRole in this input, and I'll probably test that tomorrow, but I feel like I should be able to look up a role (like I have with security groups and subnets in the past) and then use the results of that lookup to create my Cluster.
Looking at my earlier code the subnets and the security groups only needed to provide an id as a string to the function rather than an object like iam.RoleInput
Can someone point me to a helpful example of how to get a Role from the AWS account in such a way that it can be used as a RoleInput for eks.NewCluster.
tvmiaacceptable-oil-81004
02/03/2022, 1:59 AMS3*
attributes instead of Code
(Archive)? More details in threadambitious-forest-23664
02/03/2022, 1:42 PMpulumi login <s3://xxx>
) it sometimes error saying that PULUMI_ACCESS_TOKEN
is missing. I think this message https://pulumi-community.slack.com/archives/C84L4E3N1/p1642545192097300 is quite similar, and it seems to happen randomly sometimes. Is this an issue on my end?bright-helicopter-33718
02/03/2022, 2:11 PMpulumi up
? There might be a flag or something. The reason is that we have a .sh that runs several files with pulumi up
and we don’t want anything from the first file to be removed when running the 2nd file and so on…dry-stone-23050
02/03/2022, 9:13 PMechoing-actor-55539
02/03/2022, 9:20 PMMaxListenersExceededWarning: Possible EventEmitter memory leak detected. 11 unpipe listeners added to [Socket]. Use emitter.setMaxListeners() to increase limit
(Use `node --trace-warnings ...` to show where the warning was created)
How do get pulumi to pass the --trace-warnings to node?bored-table-20691
02/03/2022, 9:57 PMinfra
project that provisions all the infrastructure needed (e.g. EKS, RDS, VPC and so on), and then a tenant
project where we provision some per-tenant resources in an individual stack per tenant (and this uses a stack reference back to an infra
- which one to use in the stack config).
So now, if I want to have dev/staging/prod type separation, I can do it in a couple of high level ways:
1. One project for infra
and then just name them appropriately or set some property on each stack which type of environment it lives in.
2. A project for infra
per environment (dev/staging/prod).
Same options exist for the tenant
project as well (i.e. one project for all envs or one per env).
Code duplication is not a huge issue - 99% of the code is in some shared libraries, so the main.go
for us is very small.
The main tradeoff in my mind is that with (1), we get the simplicity of a single project, but now if we want to do something for “all staging stacks”, it becomes a much more complex operation (need to decide how to distinguish them, etc). For (2), it’s kind of reversed.
I was wondering if folks have any real life experience or advice to share.curved-morning-41391
02/03/2022, 11:13 PMpulumi up
?bored-table-20691
02/03/2022, 11:20 PMStringArrayOutput
in and of itself is difficult, and working with StringArrayOutput
in the code (e.g. if you want to iterate over it to create something for each element) is just very very painful.bored-table-20691
02/04/2022, 2:06 AMpulumi stack tag set myorg:environment prod
, but be able to put it in Pulumi.mystack.yaml
in some way.billions-lawyer-5518
02/04/2022, 5:12 AMthankful-father-68341
02/04/2022, 9:54 AMshy-account-31313
02/04/2022, 10:22 AMbland-camera-22041
02/04/2022, 11:57 AMfrontendIPConfiguration
property. There appears one for the backend azure.network.LoadBalancerBackendAddressPool
but nothing for the frontend