pulumi-community #general

general

gorgeous-minister-41131

02/02/2022, 12:27 AM

is the Pulumi API having some issues today?

p stack change-secrets-provider default
Migrating old configuration and state to new secrets provider

this is just… hanging.. I’m trying to migrate from a hashivault -> default provider .. the only thing I can think of is this stack has a lot of resources (200~) but it still shouldn’t take that long… edit: looks like the operation was extremely slow and adding

-v

flag didn’t really provide any additional info. Methinks it might be a useful to have…

helpful-account-44059

02/02/2022, 6:57 AM

Hi, i'm using @plumi/awsx to create vpc, why the vpc i created not have the name ? i'm sure i have the name as the 1 position param

👍 1

bumpy-agent-19616

02/02/2022, 11:06 AM

Hey guys, One quick question. How can we ensure the right order of creation of Pulumi components and their resources? Is it again dependsOn property from pulumi.ResourceOpts that needs to be used? I tried that but it is not working for some reason. Does anyone have any idea? A sample code could be found below,

Namespace.ts
-----------------
export interface NamespaceArgs {
  name: string;
  metadata: {
    labels: {
      [key: string]: string;
    };
  };
}

export class Namespace extends pulumi.ComponentResource {
  constructor(
    name: string,
    args: NamespaceArgs,
    opts?: pulumi.CustomResourceOptions,
  ) {
    super(Constants.COMPONENT_TYPE, name, {}, opts);

    new k8s.core.v1.Namespace(
      args.name,
      {
        metadata: args.metadata,
      },
      {
        ...opts,
        parent: this,
      },
    );
  }
}


Secret.ts
-----------------
export interface SecretArgs {
  name: string;
  type: string;
  data: string;
  metadata: MetadataArgs;
}

export class Secret extends pulumi.ComponentResource {
  constructor(
    name: string,
    secretArgs: SecretArgs,
    opts?: pulumi.CustomResourceOptions,
  ) {
    super(Constants.COMPONENT_TYPE, name, {}, opts);

    const secretOpts = new SecretOpts();
    new k8s.core.v1.Secret(
      `${secretArgs.metadata.name}-${secretArgs.metadata.namespace}-${Constants.DEPLOYMENT}`,
      {
        data: secretOpts.setData(secretArgs.type, secretArgs.data),
        metadata: secretOpts.setMetadata(secretArgs.metadata),
        type: secretOpts.setType(secretArgs.type),
      },
      {
        ...opts,
        parent: this,
      },
    );
  }
}

IngressNginx.ts
-----------------
export interface IngressNginxArgs {
  helmVersion: HelmVersion.V2 | HelmVersion.V3;
  chartArgs: ChartArgs;
  namespaceArgs: NamespaceArgs;
  secretArgs: SecretArgs;
  provider: k8s.Provider;
}

export class IngressNginx extends pulumi.ComponentResource {
  constructor(
    name: string,
    ingressNginxArgs: IngressNginxArgs,
    opts?: pulumi.CustomResourceOptions,
  ) {
    super(Constants.COMPONENT_TYPE, name, {}, opts);

    const defaultResourceOpts: pulumi.ComponentResourceOptions = {
      parent: this,
      provider: ingressNginxArgs.provider,
    };

    const namespace = new Namespace(
      ingressNginxArgs.namespaceArgs.name,
      ingressNginxArgs.namespaceArgs,
      {
        ...defaultResourceOpts,
      },
    );

    const secret = new Secret(
      ingressNginxArgs.secretArgs.name,
      ingressNginxArgs.secretArgs,
      {
        ...defaultResourceOpts,
        dependsOn: [namespace],
      },
    );

    const ingressNginxResourceOpts: pulumi.ComponentResourceOptions = {
      ...defaultResourceOpts,
      dependsOn: [namespace, secret],
    };
    if (ingressNginxArgs.helmVersion == HelmVersion.V2) {
      new k8s.helm.v2.Chart(
        name,
        new IngressNginxChartOpts(ingressNginxArgs.chartArgs).setChartOpts(),
        ingressNginxResourceOpts,
      );
    } else {
      new k8s.helm.v3.Chart(
        name,
        new IngressNginxChartOpts(ingressNginxArgs.chartArgs).setChartOpts(),
        ingressNginxResourceOpts,
      );
    }
  }
}

echoing-angle-67526

02/02/2022, 2:53 PM

is there an estimate of when Pulumi 4.0 https://github.com/pulumi/pulumi/issues/7346 will be shipped? we're waiting on https://github.com/pulumi/pulumi/issues/2318 and it's been fixed but its listed as part of 4.0. will this feature be available before 4.0?

billions-judge-9412

02/02/2022, 7:08 PM

Can someone tell me how to do the example "Create a new server" on this postgrespage? its an example -> https://www.pulumi.com/registry/packages/azure-native/api-docs/dbforpostgresql/server/ Problem is it errors out because of this line: Properties: dbforpostgresql.ServerPropertiesForDefaultCreate{ error: cannot use (dbforpostgresql.ServerPropertiesForDefaultCreate literal) (value of type dbforpostgresql.ServerPropertiesForDefaultCreate) as pulumi.Input value in struct literal: missing method ElementTypecompilerInvalidIfaceAssign

billions-judge-9412

02/02/2022, 7:17 PM

Github is down so i can't create an issue on it 😞

fancy-egg-38667

02/02/2022, 7:21 PM

Trying to use GoLang version 1.18beta2 with Pulumi, getting the following error:

error: failed to discover plugin requirements: parsing go version: Invalid character(s) found in minor number "18beta2"

mammoth-art-6111

02/02/2022, 7:27 PM

getting a strange error when running

pulumi import aws:codepipeline/pipeline:Pipeline

error: aws:codepipeline/pipeline:Pipeline resource 'staging-pipeline' has a problem: expected length of stage.0.action.0.namespace to be in the range (1 - 100), got . Examine values at 'Pipeline.Stages[0].Action[0].Namespace'.

Looks like it's complaining that namespace isn't there, but that's an optional property?

mammoth-art-6111

02/02/2022, 7:28 PM

the pipeline comes back w/

aws codepipeline get-pipeline

cool-jewelry-33023

02/02/2022, 8:33 PM

What's the process of changing the "ownership" of an organization? Do I just add a user as an admin, set myself as a member, and then the new admin kicks me out?

polite-napkin-90098

02/02/2022, 9:37 PM

I'm trying to add a ServiceRole to my EKS cluster. The docs say that the ServiceRole Input to the EKS Cluster function takes a

Role

I am struggling to get something which has type iam.RoleInput which is what the error messages say, e.g.:

cannot use adminvm (type iam.LookupRoleResultOutput) as type iam.RoleInput in field value:        iam.LookupRoleResultOutput does not implement iam.RoleInput (missing ToRoleOutput method)

I've tried iam.LookupRole iam.GetRole and iam.LookupRoleOutput but none of them seem to give me an object of type iam.RoleInput. I think I could probably write code to make the role or use the pulumi import to do that for me and then I would be able to use the object created by iam.NewRole in this input, and I'll probably test that tomorrow, but I feel like I should be able to look up a role (like I have with security groups and subnets in the past) and then use the results of that lookup to create my Cluster. Looking at my earlier code the subnets and the security groups only needed to provide an id as a string to the function rather than an object like iam.RoleInput Can someone point me to a helpful example of how to get a Role from the AWS account in such a way that it can be used as a RoleInput for eks.NewCluster. tvmia

acceptable-oil-81004

02/03/2022, 1:59 AM

Hi fellas. Has anyone created an AWS LayerVersion using the

S3*

attributes instead of

Code

(Archive)? More details in thread

✅ 1

ambitious-forest-23664

02/03/2022, 1:42 PM

Hello I have a random problem in my Github Action CI when login to an S3 backend (

pulumi login <s3://xxx>

) it sometimes error saying that

PULUMI_ACCESS_TOKEN

is missing. I think this message https://pulumi-community.slack.com/archives/C84L4E3N1/p1642545192097300 is quite similar, and it seems to happen randomly sometimes. Is this an issue on my end?

bright-helicopter-33718

02/03/2022, 2:11 PM

Hi! I wonder if it’s possible to only create resources (not delete anything) when running

pulumi up

? There might be a flag or something. The reason is that we have a .sh that runs several files with

pulumi up

and we don’t want anything from the first file to be removed when running the 2nd file and so on…

dry-stone-23050

02/03/2022, 9:13 PM

Hello, I'm trying to implement an azure logicapp , and i'm having some difficulty figuring out the format for the Parameters and Definition values for it. The C# example code provided doesn't seem to be a valid C# file. https://www.pulumi.com/registry/packages/azure-native/api-docs/logic/workflow/ Any chance someone has a logicapp example?

echoing-actor-55539

02/03/2022, 9:20 PM

when doing a pulumi up on my typescript project i get the following

MaxListenersExceededWarning: Possible EventEmitter memory leak detected. 11 unpipe listeners added to [Socket]. Use emitter.setMaxListeners() to increase limit
    (Use `node --trace-warnings ...` to show where the warning was created)

How do get pulumi to pass the --trace-warnings to node?

bored-table-20691

02/03/2022, 9:57 PM

Is there a perspective of best practice around structuring projects and stacks? My specific question is around something like this: we have an

infra

project that provisions all the infrastructure needed (e.g. EKS, RDS, VPC and so on), and then a

tenant

project where we provision some per-tenant resources in an individual stack per tenant (and this uses a stack reference back to an

infra

- which one to use in the stack config). So now, if I want to have dev/staging/prod type separation, I can do it in a couple of high level ways: 1. One project for

infra

and then just name them appropriately or set some property on each stack which type of environment it lives in. 2. A project for

infra

per environment (dev/staging/prod). Same options exist for the

tenant

project as well (i.e. one project for all envs or one per env). Code duplication is not a huge issue - 99% of the code is in some shared libraries, so the

main.go

for us is very small. The main tradeoff in my mind is that with (1), we get the simplicity of a single project, but now if we want to do something for “all staging stacks”, it becomes a much more complex operation (need to decide how to distinguish them, etc). For (2), it’s kind of reversed. I was wondering if folks have any real life experience or advice to share.

curved-morning-41391

02/03/2022, 11:13 PM

Hello, I'm curious if its possible to both render K8s yaml as seen in https://www.pulumi.com/docs/guides/adopting/from_kubernetes/#rendering-kubernetes-yaml and also deploy it with

pulumi up

bored-table-20691

02/03/2022, 11:20 PM

Is there a way (especially in Go) to export an array of values (say array of strings) from one stack and import it into another without hating your decision? Both the casting to

StringArrayOutput

in and of itself is difficult, and working with

StringArrayOutput

in the code (e.g. if you want to iterate over it to create something for each element) is just very very painful.

bored-table-20691

02/04/2022, 2:06 AM

Is there a way to add a tag to a stack in config? I couldn’t find it in the docs, but I want something like the equivalent of

pulumi stack tag set myorg:environment prod

, but be able to put it in

Pulumi.mystack.yaml

in some way.

billions-lawyer-5518

02/04/2022, 5:12 AM

Hi folks, Is there a way to connect remote docker instance using Pulumi ? I have added a code snippets as well. https://stackoverflow.com/questions/70888859/how-to-connect-remote-docker-instance-using-pulumi

thankful-father-68341

02/04/2022, 9:54 AM

Hi Team. I did a blog series on pulumi. Please read and leave ur feedback... https://aws.plainenglish.io/platform-engineering-with-pulumi-episode-1-building-the-aw[…]age----------------------------------------&gi=2f64c292da27

shy-account-31313

02/04/2022, 10:22 AM

Hi there! I have set up an Azure Api Management service with Pulumi. Now trying to add a custom domain. I want to try out the managed certificate feature (in preview), but can't find a way to set it up using Pulumi AzureNative. https://www.pulumi.com/registry/packages/azure-native/api-docs/apimanagement/apimanagementservice/ Does anyone know if it is possible? I have attached screenshots of how it looks in the Azure portal when adding the custom domain, and how the ARM template export looks. Specifically it's the "certificateSource" property that seems to be missing from HostNameConfigurationArgs.

bland-camera-22041

02/04/2022, 11:57 AM

https://www.pulumi.com/registry/packages/azure-native/api-docs/network/loadbalancer/ I'm walking through this. I'm unable to find a pulumi resource to meet the

frontendIPConfiguration

property. There appears one for the backend

azure.network.LoadBalancerBackendAddressPool

but nothing for the frontend

cuddly-father-4905

02/04/2022, 1:25 PM

Is there a way of setting a default organisation for a Pulumi project? e.g. so that instead of typing

pulumi up -s my-org/production

we can just type

pulumi up -s production

I tried

pulumi config set org my-org

, but that just seemed to set a config value in the default stack

brief-action-50530

02/04/2022, 7:37 PM

I am trying to create a VirtualMachineExtension using pulumi using C# but the type for settings and protectedSettings are Input<object>. I tried many things but I couldn’t make it work. Does anyone have any example on how to do this?

https://www.pulumi.com/registry/packages/azure-native/api-docs/compute/virtualmachineextension/#inputs

bored-table-20691

02/04/2022, 11:32 PM

I am seeing an odd issue with

ConfigFile

in Go, where I have an older stack that works fine, but in a new stack,

ConfigFile

loads no data - I’ve actually made an edit to the

pulumi-kubernetes

SDK and the invocation to

kubernetes:yaml:decode

is returning an empty list of objects. Same code, same version of Pulumi, etc - if I switch to the older stack, it works, and if I switch to the new one, it doesn’t.

chilly-waiter-37725

02/05/2022, 4:54 PM

Hi All, I’ve updated aws iam user name to use controlled naming(https://www.pulumi.com/blog/infrastructure-as-code-resource-naming/#controlled-naming). Now while deleting the user resource, pulumi is still looking for the user with old name and is failing with No such entity error.

aws.iam.User(
            name=_user['name'], // Added this field to have the name field updated with name 'pulumi_sample_user'
            resource_name=_user['name'],
            path=_user['path'],
            tags=_user['tags']
        )
Error message: 
error removing IAM User (pulumi_sample_user) group memberships: Error removing user "pulumi_sample_user" from all groups: NoSuchEntity: The user with name pulumi_sample_user cannot be found

How to proceed?

late-energy-66663

02/05/2022, 6:19 PM

Hi I am creating multiple EC2 multiple instances with following Code . I would like to export , publicip, ec2name , hostname for each ec2 machine in a separate record . I am creating a ec2.Instance slice and then exporting their value . What would be the best way to get the output in the following format, desired output:

Machine 1
hostname: <http://ec2-15-161-152-141.eu-south-1.compute.amazonaws.com|ec2-15-161-152-141.eu-south-1.compute.amazonaws.com>
Public ip : 15.161.152.141
Machine2
hostname: <http://ec2-15-160-154-234.eu-south-1.compute.amazonaws.com|ec2-15-160-154-234.eu-south-1.compute.amazonaws.com>
Public ip : 15.160.154.234

Current Code :

var nodeList []*ec2.Instance

for i := 1; i <= args.NumberOfNodes; i++ {
   vm.Instance, err = ec2.NewInstance(ctx, fmt.Sprintf("machine-%d", i), &ec2.InstanceArgs{
      Tags: pulumi.StringMap{"Name": pulumi.String(fmt.Sprintf("kafka-%d", i))},
      //InstanceType:        pulumi.String("t3.large"),
      InstanceType:        args.InstanceType,
      VpcSecurityGroupIds: pulumi.StringArray{vm.SecurityGroup.ID()},
      Ami:                 pulumi.String("ami-0f8ce9c417115413d"),
      UserData:            userData,
      KeyName:             deployer.KeyName,
   })
   if err != nil {
      panic("error creating ec2 instance")
   }
   nodeList = append(nodeList, vm.Instance)
}

for k, v := range nodeList {
   ctx.Export("publicIp"+strconv.Itoa(k), v.PublicIp)
   ctx.Export("publicHostName"+strconv.Itoa(k), v.PublicDns)


}

Current Outputs:

publicHostName0: "<http://ec2-15-161-152-141.eu-south-1.compute.amazonaws.com|ec2-15-161-152-141.eu-south-1.compute.amazonaws.com>"
publicHostName1: "<http://ec2-15-160-154-234.eu-south-1.compute.amazonaws.com|ec2-15-160-154-234.eu-south-1.compute.amazonaws.com>"

    publicIp0      : "15.161.152.141"
    publicIp1      : "15.160.154.234"

abundant-notebook-11210

02/06/2022, 2:13 PM

Hi Pulumi community - I am trying to get my hands dirty with pulumi kubernetes operator - I am trying to create a stack resource which will create an EC2 instance - I am using S3 backend.

apiVersion: <http://pulumi.com/v1|pulumi.com/v1>
kind: Stack
metadata:
  name: ec2-k8s-stack-3
spec:
  backend: "<s3://pulumi-test-backend-bucket>"
  #secretsProvider: "awskms:///<KMS KEY ARN>?region=<REGION>"  # optional - is used to initialize a Stack with alternative encryption
  envRefs:
    PULUMI_CONFIG_PASSPHRASE:
      type: Secret
      secret:
        name: pulumi-aws-secrets
        key: PULUMI_CONFIG_PASSPHRASE
        namespace: pulumi
    AWS_DEFAULT_REGION:
      type: Literal
      literal:
        value: us-west-2
    AWS_ACCESS_KEY_ID:
      type: Secret
      secret:
        name: pulumi-aws-secrets
        namespace: pulumi
        key: AWS_ACCESS_KEY_ID
    AWS_SECRET_ACCESS_KEY:
      type: Secret
      secret:
        name: pulumi-aws-secrets
        namespace: pulumi
        key: AWS_SECRET_ACCESS_KEY
#    AWS_SESSION_TOKEN:
#      type: Secret
#      secret:
#        name: pulumi-aws-secrets
#        key: AWS_SESSION_TOKEN
  stack: "<http://pulumi.ec2-orch-poc-test-2.io|pulumi.ec2-orch-poc-test-2.io>"
  projectRepo: https://<GITHUB-ORG/pulumi-ec2-poc.git
  #branch: master
  commit: 5163cf322f3c3c349ef0c02ccd3307378da928b6
  gitAuth:
    accessToken:
      type: Secret
      secret:
        name: pulumi-aws-secrets
        namespace: pulumi
        key: GIT_TOKEN
  config:
    aws:region: us-west-2

I am getting an error -

Events:
  Type     Reason                      Age               From              Message
  ----     ------                      ----              ----              -------
  Warning  StackInitializationFailure  2s (x8 over 55s)  stack-controller  Failed to initialize stack: failed to create and/or select stack: <http://pulumi.ec2-orch-poc.predix.io|pulumi.ec2-orch-poc.predix.io>: failed to create stack: exit status 255
code: 255
stdout:
stderr: warning: A new version of Pulumi is available. To upgrade from version '3.23.2' to '3.24.1', visit <https://pulumi.com/docs/reference/install/> for manual instructions and release notes.
error: could not create stack: the stack is currently locked by 1 lock(s). Either wait for the other process(es) to end or manually delete the lock file(s).
  <s3://pulumi-test-backend-bucket/.pulumi/locks/pulumi.ec2-orch-poc-test-2.io/a3f5db90-ca6d-453d-bbf8-738b0fb78233.json>: created by pulumi-kubernetes-operator@pulumi-kubernetes-operator-59cd99dbcf-f28dm (pid 59) at 2022-02-06T14:01:50Z

There is only one single stack resource. Not sure why the stack is always remain locked and not getting unlocked. Any help will be appreciated . Thanks Rajendra Gosavi

Title

abundant-notebook-11210

02/06/2022, 2:13 PM

Hi Pulumi community - I am trying to get my hands dirty with pulumi kubernetes operator - I am trying to create a stack resource which will create an EC2 instance - I am using S3 backend.

apiVersion: <http://pulumi.com/v1|pulumi.com/v1>
kind: Stack
metadata:
  name: ec2-k8s-stack-3
spec:
  backend: "<s3://pulumi-test-backend-bucket>"
  #secretsProvider: "awskms:///<KMS KEY ARN>?region=<REGION>"  # optional - is used to initialize a Stack with alternative encryption
  envRefs:
    PULUMI_CONFIG_PASSPHRASE:
      type: Secret
      secret:
        name: pulumi-aws-secrets
        key: PULUMI_CONFIG_PASSPHRASE
        namespace: pulumi
    AWS_DEFAULT_REGION:
      type: Literal
      literal:
        value: us-west-2
    AWS_ACCESS_KEY_ID:
      type: Secret
      secret:
        name: pulumi-aws-secrets
        namespace: pulumi
        key: AWS_ACCESS_KEY_ID
    AWS_SECRET_ACCESS_KEY:
      type: Secret
      secret:
        name: pulumi-aws-secrets
        namespace: pulumi
        key: AWS_SECRET_ACCESS_KEY
#    AWS_SESSION_TOKEN:
#      type: Secret
#      secret:
#        name: pulumi-aws-secrets
#        key: AWS_SESSION_TOKEN
  stack: "<http://pulumi.ec2-orch-poc-test-2.io|pulumi.ec2-orch-poc-test-2.io>"
  projectRepo: https://<GITHUB-ORG/pulumi-ec2-poc.git
  #branch: master
  commit: 5163cf322f3c3c349ef0c02ccd3307378da928b6
  gitAuth:
    accessToken:
      type: Secret
      secret:
        name: pulumi-aws-secrets
        namespace: pulumi
        key: GIT_TOKEN
  config:
    aws:region: us-west-2

I am getting an error -

Events:
  Type     Reason                      Age               From              Message
  ----     ------                      ----              ----              -------
  Warning  StackInitializationFailure  2s (x8 over 55s)  stack-controller  Failed to initialize stack: failed to create and/or select stack: <http://pulumi.ec2-orch-poc.predix.io|pulumi.ec2-orch-poc.predix.io>: failed to create stack: exit status 255
code: 255
stdout:
stderr: warning: A new version of Pulumi is available. To upgrade from version '3.23.2' to '3.24.1', visit <https://pulumi.com/docs/reference/install/> for manual instructions and release notes.
error: could not create stack: the stack is currently locked by 1 lock(s). Either wait for the other process(es) to end or manually delete the lock file(s).
  <s3://pulumi-test-backend-bucket/.pulumi/locks/pulumi.ec2-orch-poc-test-2.io/a3f5db90-ca6d-453d-bbf8-738b0fb78233.json>: created by pulumi-kubernetes-operator@pulumi-kubernetes-operator-59cd99dbcf-f28dm (pid 59) at 2022-02-06T14:01:50Z

There is only one single stack resource. Not sure why the stack is always remain locked and not getting unlocked. Any help will be appreciated . Thanks Rajendra Gosavi

View count: 1