Hi, I tried using cloudinit.Config, but at runtime it complains it's deprecated...

I'm struggling to get the kubeconfig from, my EKS cluster built in another stack to work as an input to my k8s.NewProvider function. My code looks like:

package main
  
import (
        k8s "<http://github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes|github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes>"
        helm "<http://github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes/helm/v3|github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes/helm/v3>"
        "<http://github.com/pulumi/pulumi/sdk/v3/go/pulumi|github.com/pulumi/pulumi/sdk/v3/go/pulumi>"
)

func main() {
        pulumi.Run(func(ctx *pulumi.Context) error {
                // get the kubeconfig from the EKS stack
                stackEKS, err := pulumi.NewStackReference(ctx, "EKS-test", nil)
                if err != nil {
                        return err
                }
                kubeConfig := stackEKS.GetOutput(pulumi.String("kubeconfig"))
                if err != nil {
                        return err
                }
                // create a provider with that config
                eksProvider, err := k8s.NewProvider(ctx, "eksprov", &k8s.ProviderArgs{
                        Kubeconfig: kubeConfig,
                })
                if err != nil {
                        return err
                }
                // deploy redis from the helm chart
                _, err = helm.NewChart(ctx, "redis", helm.ChartArgs{
                        Repo: pulumi.String("bitnami"),
                        Chart: pulumi.String("redis"),
                        Values: pulumi.Map{
                                "auth.password": pulumi.String("MyTopSecretPassword"),
                        },
                },
                pulumi.ProviderMap(map[string]pulumi.ProviderResource{
                        "kubernetes": eksProvider,
                }),)
                if err != nil {
                        return err
                }
                ctx.Export("output", kubeConfig)
                return nil
        })
}

If I comment out the from eksProvider down to the ctx.Export, I get what looks like a valid kubeconfig exported. But as is this results in a typing error:

./main.go:22:4: cannot use kubeConfig (type pulumi.AnyOutput) as type pulumi.StringPtrInput in field value:        pulumi.AnyOutput does not implement pulumi.StringPtrInput (missing ToStringPtrOutput method)

Can anyone help me understand what I need to do here?

Is creating resources inside an apply block acceptable? I did not think it was recommended, but I see it in an example in the docs here: https://www.pulumi.com/registry/packages/aws/api-docs/acm/certificatevalidation/

Dear helpful community, I'm at a dead end with the https://github.com/pulumi/pulumi-keycloak resource provider. I'm creating my keycloak deployment as a helm chart in Project A, which saves the

keycloak:url

and

keycloak:password

as Stack Outputs. In Project B, I'd like to create a new Realm, and other related objects, however the login depends on these credentials being in Project B's config, or environment variables. I'd like it all to be automated, so although I can manually set the configuration in Project B, I'd like to avoid that. I tried the suggested alternative method, using Environment variables and setting them inside the project, e.g.

Environment.SetEnvironmentVariable("KEYCLOAK_CLIENT_ID", "admin-cli");

But seems the process can't access them, as it still complains that they're not set

Diagnostics:
  keycloak:index:Realm (pinostrats):
    error: 2 errors occurred:
        * missing required configuration key "keycloak:clientId":
    Set a value using the command `pulumi config set keycloak:clientId <value>`.
        * missing required configuration key "keycloak:url": The base URL of the Keycloak instance, before `/auth`
    Set a value using the command `pulumi config set keycloak:url <value>`.

Any ideas on how to get around this? Somehow manually instantiate the provider?

Hi all! I’m trying to setting up pulumi app with jenkins pipeline, I installed the pulumi github app in the organisation and jenkins job that run pulumi preview to the selected stack, but I cannot see any comments on the PR. Any ideas?

Anyone have a clever way to ensure the pulumi docker image build targets linux on the new apple silicon? I'll also accept unclever ways.

is the Pulumi API having some issues today?

p stack change-secrets-provider default
Migrating old configuration and state to new secrets provider

this is just… hanging.. I’m trying to migrate from a hashivault -> default provider .. the only thing I can think of is this stack has a lot of resources (200~) but it still shouldn’t take that long… edit: looks like the operation was extremely slow and adding

-v

flag didn’t really provide any additional info. Methinks it might be a useful to have…

Hi, i'm using @plumi/awsx to create vpc, why the vpc i created not have the name ? i'm sure i have the name as the 1 position param

Hey guys, One quick question. How can we ensure the right order of creation of Pulumi components and their resources? Is it again dependsOn property from pulumi.ResourceOpts that needs to be used? I tried that but it is not working for some reason. Does anyone have any idea? A sample code could be found below,

Namespace.ts
-----------------
export interface NamespaceArgs {
  name: string;
  metadata: {
    labels: {
      [key: string]: string;
    };
  };
}

export class Namespace extends pulumi.ComponentResource {
  constructor(
    name: string,
    args: NamespaceArgs,
    opts?: pulumi.CustomResourceOptions,
  ) {
    super(Constants.COMPONENT_TYPE, name, {}, opts);

    new k8s.core.v1.Namespace(
      args.name,
      {
        metadata: args.metadata,
      },
      {
        ...opts,
        parent: this,
      },
    );
  }
}


Secret.ts
-----------------
export interface SecretArgs {
  name: string;
  type: string;
  data: string;
  metadata: MetadataArgs;
}

export class Secret extends pulumi.ComponentResource {
  constructor(
    name: string,
    secretArgs: SecretArgs,
    opts?: pulumi.CustomResourceOptions,
  ) {
    super(Constants.COMPONENT_TYPE, name, {}, opts);

    const secretOpts = new SecretOpts();
    new k8s.core.v1.Secret(
      `${secretArgs.metadata.name}-${secretArgs.metadata.namespace}-${Constants.DEPLOYMENT}`,
      {
        data: secretOpts.setData(secretArgs.type, secretArgs.data),
        metadata: secretOpts.setMetadata(secretArgs.metadata),
        type: secretOpts.setType(secretArgs.type),
      },
      {
        ...opts,
        parent: this,
      },
    );
  }
}

IngressNginx.ts
-----------------
export interface IngressNginxArgs {
  helmVersion: HelmVersion.V2 | HelmVersion.V3;
  chartArgs: ChartArgs;
  namespaceArgs: NamespaceArgs;
  secretArgs: SecretArgs;
  provider: k8s.Provider;
}

export class IngressNginx extends pulumi.ComponentResource {
  constructor(
    name: string,
    ingressNginxArgs: IngressNginxArgs,
    opts?: pulumi.CustomResourceOptions,
  ) {
    super(Constants.COMPONENT_TYPE, name, {}, opts);

    const defaultResourceOpts: pulumi.ComponentResourceOptions = {
      parent: this,
      provider: ingressNginxArgs.provider,
    };

    const namespace = new Namespace(
      ingressNginxArgs.namespaceArgs.name,
      ingressNginxArgs.namespaceArgs,
      {
        ...defaultResourceOpts,
      },
    );

    const secret = new Secret(
      ingressNginxArgs.secretArgs.name,
      ingressNginxArgs.secretArgs,
      {
        ...defaultResourceOpts,
        dependsOn: [namespace],
      },
    );

    const ingressNginxResourceOpts: pulumi.ComponentResourceOptions = {
      ...defaultResourceOpts,
      dependsOn: [namespace, secret],
    };
    if (ingressNginxArgs.helmVersion == HelmVersion.V2) {
      new k8s.helm.v2.Chart(
        name,
        new IngressNginxChartOpts(ingressNginxArgs.chartArgs).setChartOpts(),
        ingressNginxResourceOpts,
      );
    } else {
      new k8s.helm.v3.Chart(
        name,
        new IngressNginxChartOpts(ingressNginxArgs.chartArgs).setChartOpts(),
        ingressNginxResourceOpts,
      );
    }
  }
}

is there an estimate of when Pulumi 4.0 https://github.com/pulumi/pulumi/issues/7346 will be shipped? we're waiting on https://github.com/pulumi/pulumi/issues/2318 and it's been fixed but its listed as part of 4.0. will this feature be available before 4.0?

Can someone tell me how to do the example "Create a new server" on this postgrespage? its an example -> https://www.pulumi.com/registry/packages/azure-native/api-docs/dbforpostgresql/server/ Problem is it errors out because of this line: Properties: dbforpostgresql.ServerPropertiesForDefaultCreate{ error: cannot use (dbforpostgresql.ServerPropertiesForDefaultCreate literal) (value of type dbforpostgresql.ServerPropertiesForDefaultCreate) as pulumi.Input value in struct literal: missing method ElementTypecompilerInvalidIfaceAssign

Github is down so i can't create an issue on it 😞

Trying to use GoLang version 1.18beta2 with Pulumi, getting the following error:

error: failed to discover plugin requirements: parsing go version: Invalid character(s) found in minor number "18beta2"

getting a strange error when running

pulumi import aws:codepipeline/pipeline:Pipeline

:

error: aws:codepipeline/pipeline:Pipeline resource 'staging-pipeline' has a problem: expected length of stage.0.action.0.namespace to be in the range (1 - 100), got . Examine values at 'Pipeline.Stages[0].Action[0].Namespace'.

Looks like it's complaining that namespace isn't there, but that's an optional property?

the pipeline comes back w/

aws codepipeline get-pipeline

What's the process of changing the "ownership" of an organization? Do I just add a user as an admin, set myself as a member, and then the new admin kicks me out?

I'm trying to add a ServiceRole to my EKS cluster. The docs say that the ServiceRole Input to the EKS Cluster function takes a

Role

I am struggling to get something which has type iam.RoleInput which is what the error messages say, e.g.:

cannot use adminvm (type iam.LookupRoleResultOutput) as type iam.RoleInput in field value:        iam.LookupRoleResultOutput does not implement iam.RoleInput (missing ToRoleOutput method)

I've tried iam.LookupRole iam.GetRole and iam.LookupRoleOutput but none of them seem to give me an object of type iam.RoleInput. I think I could probably write code to make the role or use the pulumi import to do that for me and then I would be able to use the object created by iam.NewRole in this input, and I'll probably test that tomorrow, but I feel like I should be able to look up a role (like I have with security groups and subnets in the past) and then use the results of that lookup to create my Cluster. Looking at my earlier code the subnets and the security groups only needed to provide an id as a string to the function rather than an object like iam.RoleInput Can someone point me to a helpful example of how to get a Role from the AWS account in such a way that it can be used as a RoleInput for eks.NewCluster. tvmia

Hi fellas. Has anyone created an AWS LayerVersion using the

S3*

attributes instead of

Code

(Archive)? More details in thread

Hello I have a random problem in my Github Action CI when login to an S3 backend (

pulumi login <s3://xxx>

) it sometimes error saying that

PULUMI_ACCESS_TOKEN

is missing. I think this message https://pulumi-community.slack.com/archives/C84L4E3N1/p1642545192097300 is quite similar, and it seems to happen randomly sometimes. Is this an issue on my end?

Hi! I wonder if it’s possible to only create resources (not delete anything) when running

pulumi up

? There might be a flag or something. The reason is that we have a .sh that runs several files with

pulumi up

and we don’t want anything from the first file to be removed when running the 2nd file and so on…

Hello, I'm trying to implement an azure logicapp , and i'm having some difficulty figuring out the format for the Parameters and Definition values for it. The C# example code provided doesn't seem to be a valid C# file. https://www.pulumi.com/registry/packages/azure-native/api-docs/logic/workflow/ Any chance someone has a logicapp example?

when doing a pulumi up on my typescript project i get the following

MaxListenersExceededWarning: Possible EventEmitter memory leak detected. 11 unpipe listeners added to [Socket]. Use emitter.setMaxListeners() to increase limit
    (Use `node --trace-warnings ...` to show where the warning was created)

How do get pulumi to pass the --trace-warnings to node?

Is there a perspective of best practice around structuring projects and stacks? My specific question is around something like this: we have an

infra

project that provisions all the infrastructure needed (e.g. EKS, RDS, VPC and so on), and then a

tenant

project where we provision some per-tenant resources in an individual stack per tenant (and this uses a stack reference back to an

infra

- which one to use in the stack config). So now, if I want to have dev/staging/prod type separation, I can do it in a couple of high level ways: 1. One project for

infra

and then just name them appropriately or set some property on each stack which type of environment it lives in. 2. A project for

infra

per environment (dev/staging/prod). Same options exist for the

tenant

project as well (i.e. one project for all envs or one per env). Code duplication is not a huge issue - 99% of the code is in some shared libraries, so the

main.go

for us is very small. The main tradeoff in my mind is that with (1), we get the simplicity of a single project, but now if we want to do something for “all staging stacks”, it becomes a much more complex operation (need to decide how to distinguish them, etc). For (2), it’s kind of reversed. I was wondering if folks have any real life experience or advice to share.

Hello, I'm curious if its possible to both render K8s yaml as seen in https://www.pulumi.com/docs/guides/adopting/from_kubernetes/#rendering-kubernetes-yaml and also deploy it with

pulumi up

?

Is there a way (especially in Go) to export an array of values (say array of strings) from one stack and import it into another without hating your decision? Both the casting to

StringArrayOutput

in and of itself is difficult, and working with

StringArrayOutput

in the code (e.g. if you want to iterate over it to create something for each element) is just very very painful.

Is there a way to add a tag to a stack in config? I couldn’t find it in the docs, but I want something like the equivalent of

pulumi stack tag set myorg:environment prod

, but be able to put it in

Pulumi.mystack.yaml

in some way.

Hi folks, Is there a way to connect remote docker instance using Pulumi ? I have added a code snippets as well. https://stackoverflow.com/questions/70888859/how-to-connect-remote-docker-instance-using-pulumi

Hi Team. I did a blog series on pulumi. Please read and leave ur feedback... https://aws.plainenglish.io/platform-engineering-with-pulumi-episode-1-building-the-aw[…]age----------------------------------------&gi=2f64c292da27

Hi there! I have set up an Azure Api Management service with Pulumi. Now trying to add a custom domain. I want to try out the managed certificate feature (in preview), but can't find a way to set it up using Pulumi AzureNative. https://www.pulumi.com/registry/packages/azure-native/api-docs/apimanagement/apimanagementservice/ Does anyone know if it is possible? I have attached screenshots of how it looks in the Azure portal when adding the custom domain, and how the ARM template export looks. Specifically it's the "certificateSource" property that seems to be missing from HostNameConfigurationArgs.

https://www.pulumi.com/registry/packages/azure-native/api-docs/network/loadbalancer/ I'm walking through this. I'm unable to find a pulumi resource to meet the

frontendIPConfiguration

property. There appears one for the backend

azure.network.LoadBalancerBackendAddressPool

but nothing for the frontend