gentle-advantage-80069
07/10/2022, 11:08 AMprehistoric-sandwich-7272
07/10/2022, 11:22 AMclusterArgs
the subnet ID’s of the VPC I have created in a different stack.
I am getting the output from the stack reference like this:
stack, err := pulumi.NewStackReference(ctx, Name, nil)
if err != nil {
log.Fatalf("Got error while trying to get a new stack reference! Error: %s", err)
}
VpcPublicSubnetIdsOutput := stack.GetStringOutput(pulumi.String("vpcPublicSubnetIds"))
vpcPrivateSubnetIdsOutput := stack.GetStringOutput(pulumi.String("vpcPrivateSubnetIds"))
VpcPublicSubnetIds := pulumi.ToStringArrayOutput([]pulumi.StringOutput{VpcPublicSubnetIdsOutput})
vpcPrivateSubnetIds := pulumi.ToStringArrayOutput([]pulumi.StringOutput{vpcPrivateSubnetIdsOutput})
So VpcPublicSubnetIds & vpcPrivateSubnetIds are both of type pulumi.StringArrayOutput
But I can’t figure out how to pass the subnet ID’s to the clusterArgs, by indexing the elements from VpcPublicSubnetIds & vpcPrivateSubnetIds !
I tried doing it like this:
eksCluster, err := eks.NewCluster(ctx, values.Name, &eks.ClusterArgs{
Name: pulumi.StringPtr(values.Name),
VpcId: vpcId,
PublicSubnetIds: pulumi.StringArray{
pulumi.StringInput(VpcPublicSubnetIds.Index(<http://pulumi.Int|pulumi.Int>(0))),
pulumi.StringInput(VpcPublicSubnetIds.Index(<http://pulumi.Int|pulumi.Int>(1))),
pulumi.StringInput(VpcPublicSubnetIds.Index(<http://pulumi.Int|pulumi.Int>(2))),
pulumi.StringInput(VpcPublicSubnetIds.Index(<http://pulumi.Int|pulumi.Int>(3))),
},
PrivateSubnetIds: pulumi.StringArray{
pulumi.StringInput(vpcPrivateSubnetIds.Index(<http://pulumi.Int|pulumi.Int>(0))),
pulumi.StringInput(vpcPrivateSubnetIds.Index(<http://pulumi.Int|pulumi.Int>(1))),
pulumi.StringInput(vpcPrivateSubnetIds.Index(<http://pulumi.Int|pulumi.Int>(2))),
pulumi.StringInput(vpcPrivateSubnetIds.Index(<http://pulumi.Int|pulumi.Int>(3))),
},
what am I doing wrong?sparse-intern-71089
07/10/2022, 6:26 PMsparse-intern-71089
07/10/2022, 8:18 PMproud-mechanic-27789
07/10/2022, 8:35 PMstocky-petabyte-29883
07/11/2022, 8:07 AMconst albPolicy = new aws.iam.Policy("alb-policy", {
name: "AWSLoadBalancerControllerIAMPolicy",
policy: new pulumi.asset.RemoteAsset("<https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.0/docs/install/iam_policy.json>"),
tags: {
Environment: stack,
},
});
The code I sent doesn't work, but is there any way to achieve this?breezy-queen-71785
07/11/2022, 8:37 AMdazzling-oxygen-84405
07/11/2022, 9:47 AMCommand
module, if my instance is deleted, Pulumi tries to execute the delete
part of the command, which is no longer possible. So I want to tell it to just give up on cleaning up any commands that were run on a deleted instance. Is something like this possible? Right now, I have to manually edit my state to clean them up.jolly-plumber-1488
07/11/2022, 11:07 AMMessage_: "Security group(s) [sg-0cb56162e90f5f571] are not in the same VPC as the subnets. Please specify a security group that is associated with the VPC: vpc-0b6bc0745054144c7."
This the python code to create cluster:
cluster = eks.Cluster(
cluster_name,
version="1.22",
skip_default_node_group=True,
vpc_id=vpc.id,
public_subnet_ids=vpc.public_subnet_ids,
node_associate_public_ip_address=False,
private_subnet_ids=vpc.private_subnet_ids,
cluster_security_group=cluster_sg,
service_role=cluster_role,
instance_roles=[node_role],
create_oidc_provider=True,
cluster_tags=common_tags
)
I know EKS will create a separate security group for cluster service, but seems it’s using my default VPC instead of the vpc.id
that I passed.flat-umbrella-41594
07/11/2022, 12:53 PMrapid-football-44318
07/11/2022, 2:28 PMpulumi preview --target 'urn:pulumi:qa::gqt::azure-native:web:WebApp::######-func-gqtproperty-qa-ne' --diff
Got following response
Build succeeded.
0 Warning(s)
0 Error(s)
Time Elapsed 00:00:00.75
'dotnet build -nologo .' completed successfully
pulumi:pulumi:Stack: (same)
[urn=urn:pulumi:qa::gqt::pulumi:pulumi:Stack::gqt-qa]
--outputs:--
+ Readme: output<string>
~ azure-native:web:WebApp: (update)
[id=/subscriptions/#####/resourceGroups/#####-rg-gqt-qa-ne/providers/Microsoft.Web/sites/#####-func-gqtproperty-qa-ne]
[urn=urn:pulumi:qa::gqt::azure-native:web:WebApp::#####-func-gqtproperty-qa-ne]
[provider: urn:pulumi:qa::gqt::pulumi:providers:azure-native::default_1_64_1::2ed5c319-5430-469d-9031-83ac95dd6fc9 => urn:pulumi:qa::gqt::pulumi:providers:azure-native::default_1_66_0::f2b4d03f-0b4d-4628-8f22-da8abd55a375]
~ tags : {
~ Purpose: "Contain Bedroom Genie Resources" => "Contains Groups Quoting Tool (GQT) Resources"
}
~ virtualNetworkSubnetId: "/subscriptions/#####/resourceGroups/#####-rg-network-qa-Ne/providers/Microsoft.Network/virtualNetworks/#####-vnet-intrt-qa-Ne/subnets/#####-snet-intrt-qa-Ne-002" => "/subscriptions/#####/resourcegroups/#####-rg-network-qa-ne/providers/microsoft.network/virtualnetworks/#####-vnet-intrt-qa-ne/subnets/#####-snet-intrt-qa-ne-002"
Resources:
~ 1 to update
124 unchanged
My WebApp code looks like
var webAppArgs = new WebAppArgs
{
Name = funcAppName,
Kind = "functionapp,linux",
ResourceGroupName = args.ResourceGroupName,
ServerFarmId = args.ServerFarmId,
HttpsOnly = true,
SiteConfig = new SiteConfigArgs
{
Cors = new CorsSettingsArgs() { AllowedOrigins = "*" },
AlwaysOn = true,
AppSettings = new[]
{
new NameValuePairArgs
{
Name = "AzureWebJobsStorage",
Value = AsfPulumiHelper.GetConnectionString(args.ResourceGroupName,
args.FuncStorageAccountName),
},
new NameValuePairArgs
{
Name = "FUNCTIONS_WORKER_RUNTIME",
Value = "dotnet",
},
new NameValuePairArgs
{
Name = "FUNCTIONS_EXTENSION_VERSION",
Value = "~4"
},
new NameValuePairArgs
{
Name = "APPLICATIONINSIGHTS_CONNECTION_STRING",
Value = Output.Format($"InstrumentationKey={args.AppInsightsInstrumentKey}"),
},
new NameValuePairArgs
{
Name = "APPINSIGHTS_INSTRUMENTATIONKEY",
Value = args.AppInsightsInstrumentKey
},
}
},
Identity = new Pulumi.AzureNative.Web.Inputs.ManagedServiceIdentityArgs
{
Type = ManagedServiceIdentityType.SystemAssigned,
},
Tags = args.Tags
};
if (!string.IsNullOrEmpty(args.VnetSubNetId))
{
webAppArgs.VirtualNetworkSubnetId = args.VnetSubNetId;
}
steep-island-39848
07/11/2022, 3:46 PMpulumi stack rm
?
stack.Destroy()
only removes resources, but keeps the stack itself.crooked-laptop-67565
07/11/2022, 10:28 PMpulumi up
. Re-running without changes usually works
error: could not read plugin [/Users/craigglennie/.pulumi/plugins/resource-aws-v5.9.2/pulumi-resource-aws] stdout: EOF
high-cricket-61841
07/11/2022, 10:37 PMfuture-refrigerator-88869
07/11/2022, 10:42 PMcrooked-laptop-67565
07/12/2022, 3:21 AMpulumi new
with an AWS template it asks for the AWS region. How do I change the region later? I don't see it anywhere in the project filesnice-plastic-94318
07/12/2022, 8:34 AMsteep-island-39848
07/12/2022, 9:14 AMambitious-agent-35343
07/12/2022, 1:38 PMaverage-tiger-58107
07/12/2022, 2:09 PMlocalPath
and path
static, but ensure that the resource is updated each time the file contents change. Reading this document, it suggests this would be the default behavior. Am I misunderstanding something?ambitious-lifeguard-6753
07/12/2022, 2:35 PMpulumi up
. I know sometimes it has to do with some default values in a field that need to be provided but in this case, I'm not too sure which field I'm missing.
Here is the example codecold-toothbrush-60276
07/12/2022, 3:00 PMfancy-spoon-7206
07/12/2022, 3:16 PM➜ vpc-builder (main) ✔ pulumi stack rm p-it-ny6j4r57fl-aep-base-i-1768dd0e
error: failed to decrypt: incorrect passphrase, please set PULUMI_CONFIG_PASSPHRASE to the correct passphrase or set PULUMI_CONFIG_PASSPHRASE_FILE to a file containing the passphrase
magnificent-sugar-26362
07/12/2022, 5:32 PMmany-spring-73557
07/12/2022, 6:15 PMaws.getCallerIdentity({})
to get the accountId and compare it, but that’s not possible:
const accountId = await aws.getCallerIdentity({}).then(current => current.accountId);
if((pulumi.getStack() == "prod" && accountId != "512302493601") || (pulumi.getStack() != "prod" && accountId != "497659568814")) {
process.exit(1);
}
(await
can only be used against an async function).
I also tried await aws.getCallerIdentity({})
and got the same result.
Any suggestions? I want to add a little safeguard so we don’t inadvertently run stack commands against the wrong account.microscopic-postman-4756
07/12/2022, 6:27 PMindex.ts
of Pulumi is actually a function and I can trigger it from all the usual lambda sources?acoustic-tiger-77630
07/12/2022, 6:57 PMwooden-hydrogen-21594
07/12/2022, 8:43 PMswift-intern-18856
07/12/2022, 9:03 PM[spec.source: Invalid value: "string": spec.source in body must be of type object: "string", <nil>: Invalid value: "": "spec.source" must validate one and only one schema (oneOf). Found 2 valid alternatives]
indicating that a nil or empty value is actually being passed to k8s and failing validation server side. Since the diff is correct and shows the populated value, I have no idea how to debug. Any ideas?
EDIT: Figured this out, the type was generated as any
and I was improperly supplying the wrong value due to type inference missing.crooked-laptop-67565
07/12/2022, 10:01 PMpulumi refresh
and it's giving an error about not finding an expected Twingate resource (because it's been deleted via the Twingate UI). IMO this should update the current state by removing the resource, rather than failing with an error. Does that seem right?