https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • m

    modern-quill-17695

    07/20/2022, 10:38 PM
    Hi Everyone, I'm trying to find some guidance on what to do when a Pulumi App can't complete because its state is out of sync with what does/doesn't exist. (details in thread)
    e
    • 2
    • 7
  • d

    dry-answer-66872

    07/21/2022, 6:23 AM
    Team, we have
    aws eks list-clusters
    option in AWS (https://docs.aws.amazon.com/cli/latest/reference/eks/list-clusters.html) Do we have a similar in Pulumi? I could see getcluster and getclusters (https://www.pulumi.com/registry/packages/aws/api-docs/eks/) but here we need to provide the cluster name.
  • f

    few-yacht-11623

    07/21/2022, 1:56 PM
    I’m getting a really strange pulumi issue. Today I noticed an package-lock out of sync issue and ran
    npm install
    to update it. It fixed up a conflict with
    ts-node
    , but now when I run pulumi to preview one of my stacks I get:
    error: Running program '/Users/mbusby/dev/kojo-web-infra' failed with an unhandled exception:
        TSError: ⨯ Unable to compile TypeScript:
        stacks/dev/busby/index.ts(3,36): error TS2554: Expected 1 arguments, but got 2.
    The line in question is creating a custom component:
    import { DevEBEnv } from '../../../components/DevEBEnv';
    
    new DevEBEnv('kojo-web-dev-busby', { ... }); // <-- this line errors
    which is defined like:
    export class DevEBEnv extends pulumi.ComponentResource {
      constructor(name: `kojo-${string}-dev-${string}`, opts: DevEBEnvOptions) {
    I can’t see why this would be erroring. So I think somehow this change in installed
    ts-node
    version is breaking the compilation, not sure why, anyone have ideas on how to debug this?
    • 1
    • 1
  • b

    broad-parrot-78298

    07/21/2022, 9:46 PM
    Hello everyone. We run pulumi via the pulumi-kubernetes-operator. After some time the operator stops updating stacks. We were able to track the issue down to zombie processes being left behind by pulumi (and the OS running into the max pid). From what we can see the issue looks something like this: The pulumi operator “up”s a stack. Calling the pulumi binary which runs binaries for the different providers.
    ps axu --forrest
    looks like this
    azureus+ 11707 11.1  0.2 1082492 80860 ?       Ssl  21:03   2:24  \_ /usr/local/bin/pulumi-kubernetes-operator --zap-level=error --zap-time-encoding=iso8601
    azureus+ 32037  9.3  0.1 753864 63388 ?        Sl   21:24   0:00      \_ pulumi up --yes --skip-preview --exec-kind=auto.local --exec-agent=pulumi-kubernetes-operator/v1.6.0-a8c9e89 --stack REDACTED --non-interactive
    azureus+ 32063  0.5  0.0 717528 20020 ?        Sl   21:24   0:00      |   \_ /usr/bin/pulumi-language-go -root=/tmp/pulumi_auto2129071416/hack/pulumi/REDACTED 127.0.0.1:41789
    azureus+ 32175  0.0  0.0 1527900 22928 ?       Sl   21:24   0:00      |   |   \_ /usr/local/go/bin/go run /tmp/pulumi_auto2129071416/hack/pulumi/azure/postgresdb
    azureus+ 32088  124  1.2 1099896 399404 ?      Sl   21:24   0:02      |   \_ /home/pulumi-kubernetes-operator/.pulumi/plugins/resource-azure-native-v1.64.1/pulumi-resource-azure-native 127.0.0.1:41789
    azureus+ 32153  0.0  0.0 726880 29356 ?        Sl   21:24   0:00      |   \_ /home/pulumi-kubernetes-operator/.pulumi/plugins/resource-random-v4.8.0/pulumi-resource-random 127.0.0.1:41789
    azureus+ 32163  0.0  0.1 759624 59440 ?        Sl   21:24   0:00      |   \_ /home/pulumi-kubernetes-operator/.pulumi/plugins/resource-kubernetes-v3.19.2/pulumi-resource-kubernetes 127.0.0.1:41789
    azureus+ 32049  3.5  0.0      0     0 ?        Z    21:24   0:00      \_ [pulumi-resource] <defunct>
    azureus+ 32143 38.0  0.2 753928 70156 ?        Sl   21:24   0:00      \_ pulumi stack history --json --show-secrets --page-size 1 --page 1 --stack REDACTED --non-interactive
    After the completion of the stack “up” (which is successful) we see:
    azureus+ 11707 11.1  0.1 1082492 63332 ?       Ssl  21:03   2:24  \_ /usr/local/bin/pulumi-kubernetes-operator --zap-level=error --zap-time-encoding=iso8601
    azureus+ 32063  0.1  0.0      0     0 ?        Z    21:24   0:00      \_ [pulumi-language] <defunct>
    azureus+ 32088 28.2  0.0      0     0 ?        Z    21:24   0:02      \_ [pulumi-resource] <defunct>
    azureus+ 32153  0.7  0.0      0     0 ?        Z    21:24   0:00      \_ [pulumi-resource] <defunct>
    azureus+ 32163  3.0  0.0      0     0 ?        Z    21:24   0:00      \_ [pulumi-resource] <defunct>
    Before long we see many thousands of zombie processes. Has anyone seen anything similar?
    b
    • 2
    • 1
  • l

    little-cartoon-10569

    07/21/2022, 10:47 PM
    Has anyone got an example of using
    pulumi confg set --secret
    with a multi-line value? I see the note that it needs to be catted (not echoed?) in via a pipe. But when I do that, only the first line is being encrypted and kept; the rest of the file is ignored.
    m
    • 2
    • 16
  • c

    crooked-laptop-67565

    07/22/2022, 12:43 AM
    Hi, I'm having trouble creating an
    aws:acm:CertificateValidation
    . It just never completes. I've let
    pulumi up
    run for up to 30m and it's just sat there saying "creating". I can't see any open Github issues about this problem. I've tried running with the debug flag, but I don't understand the output. Does anyone have any suggestions?
    b
    • 2
    • 12
  • b

    better-activity-84090

    07/22/2022, 8:17 AM
    Hey guys, is there a way to remove an
    Identity
    from a Pulumi account ? I’d like to go back to login/password instead of Gitlab SSO, but I can’t find any option for it
    b
    • 2
    • 2
  • h

    hundreds-park-36222

    07/22/2022, 12:02 PM
    Hi there, Has anybody encountered following error while using the latest pulumi azuread library : azuread:index:Application (<app name>): error: error reading from server: EOF
    b
    • 2
    • 3
  • f

    full-artist-27215

    07/22/2022, 2:47 PM
    I set up a new Pulumi project using the Pulumi Service provider (https://www.pulumi.com/registry/packages/pulumiservice/) to set up some stack tags. Everything was going well until I decided to change the tag value of a subset of my tags. Now, I continually get
    error: field type "string" does not match property "invalid"
    on all these resources, no matter what I seem to do... I can't update them, and I can't delete them. Cranking up the log verbosity doesn't show anything (literally nothing... setting
    --verbose 10
    looks no different than leaving off
    --verbose
    entirely). I'm at a bit of a loss as to what's going on here... any suggestions?
    b
    b
    • 3
    • 6
  • f

    full-zebra-67293

    07/22/2022, 5:20 PM
    👋 Hi everyone!
    👋🏻 2
    👋 5
  • b

    bumpy-byte-21437

    07/23/2022, 8:04 AM
    hi someone, has a example on assigning
    AcrPull
    role to the automatically created User Assigned Managed Identity while attaching a acr to aks in azure using the cloud native azure provider?
    g
    • 2
    • 2
  • s

    square-ability-48831

    07/25/2022, 3:12 AM
    Hi all, looking for any guidance if anyone's encountered needing an old
    pulumi resource aws
    version - but i can't install v3.30.1 since I'm on a new M1 mac, trying to take over a 1 year old deployment built with intel. is it possible to upgrade it to latest (~5.10.0) and still use the same state file on pulumi.com? I'm trying to avoid needing to manually import everything already deployed. is it possible to get the old stacks updated to the latest aws provider?
    l
    b
    +2
    • 5
    • 11
  • g

    gorgeous-accountant-60580

    07/25/2022, 7:38 AM
    Hello! I’ve made a component resource, in Go, and I’m trying to use this from another part of our code tree. I get an error saying:
    error: no resource plugin 'pulumi-resource-foo' found in the workspace or on your $PATH, install the plugin using `pulumi plugin install resource foo`
    Is it necessary to write a fully fledged plugin in order to create a component resource, or am I just doing it wrong?
    g
    • 2
    • 2
  • g

    great-sunset-355

    07/25/2022, 7:42 AM
    Hi, I need KMS key functionality that is in pending PR to terraform https://github.com/hashicorp/terraform-provider-aws/pull/24787 - adds
    custom_key_store
    property Can I extend the existing
    pulumi.CustomResource
    or hack something with resource transformation or do I need to create a Dynamic resource?
    e
    • 2
    • 4
  • b

    bumpy-byte-21437

    07/25/2022, 7:52 AM
    hi, someone knows how to deal with unknown marshalling property values while using outputs as inputs
    e
    • 2
    • 1
  • r

    ripe-greece-78043

    07/25/2022, 11:58 AM
    Hello. Can someone help to understand what is the right way to get a service hostname? I installed the helm release and need to get service IP (from AWS) after a short period. This code works but it looks ugly.
    const service = new local.Command("getService", {
      create: `sleep 10 && kubectl get svc -o=jsonpath='{.items[?(@.metadata.name=="myservice")].status.loadBalancer.ingress[0].hostname}'`,
      environment: {
        KUBECONFIG: 'config.json',
      },
    });
    b
    • 2
    • 2
  • p

    prehistoric-ram-58389

    07/25/2022, 1:52 PM
    Hi all, in my setup, I have many different AWS components, which include ECS Task definition, and ECS Service. Whenever I run
    pulumi up
    , without changing anything to ECS Task definition, it is still replaced. Is there anyway to prevent this from happening?
    b
    • 2
    • 13
  • r

    red-area-47037

    07/25/2022, 1:54 PM
    Hi, I am currently searching for a solution to use Pulumi to manage a set of Google Workspace groups and add users/groups to these groups. There is a Terraform Provider, but I couldn’t find a Pulumi pendant for it, only an empty git repo 😞 https://github.com/pulumi/pulumi-googleworkspace with an initial PR that hasn’t been responded to. If someone here had the same requirement and solved it differently, please share or send me a DM. Thanks 😉
  • g

    glamorous-afternoon-59004

    07/25/2022, 2:26 PM
    How to use provider in python. Like I am trying to assume a role and then get the details of that role in getCallerIdentity.
    provider = aws.Provider{"privileged:,
    assume_role={'role_arn': role_to_assume_arn,
    'session_name': 'Test',
    },region=aws_config.require('region))
    
    Now I want to use this in my getCallerIdentity
    
    assumedRole = aws.getCallerIdentity(provider=provider).arn. How to do this.
    b
    • 2
    • 1
  • s

    stocky-petabyte-29883

    07/25/2022, 5:25 PM
    Hi I am trying to create an aurora instance via pulumi aws provider and then use the myql provider to provision a user. I am following this document here, https://www.pulumi.com/blog/managing-your-mysql-databases-with-pulumi/ In the example it talks about adding vpc for the cluster but no mention of how to setup the mysql provider with it
    b
    • 2
    • 10
  • a

    average-tiger-58107

    07/25/2022, 5:49 PM
    We are using the beta of
    awsx
    to deploy fargate services. We have > 100 of these services all coming from the same image, only differing in their runtime arguments. We create images and push them to ECR using
    awsx.ecr.Image
    . We would rather not redeploy these images to Fargate if the images don't change between runs. The
    sha256
    Id on the docker image is an easy way to verify this. I imagine that our
    Image
    resource gets a new name each time pulumi is run, which could result in Fargate redeploying every time, even when it doesn't need to. Does anybody have experience dealing with this?
    b
    • 2
    • 1
  • s

    stale-furniture-67414

    07/25/2022, 6:09 PM
    Hi all it's so great to be part of this community!
    👋🏻 1
    👋 2
  • d

    delightful-xylophone-3967

    07/25/2022, 6:32 PM
    Hi Pulumi Team. Is it possible to create app service managed certificate with the Azure Native Pulumi lib? I am trying to create an Azure WebApp with a custom domain and a managed certificate by Azure. (The manual process works great, but I have a hard time, to do it with Pulumi https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-custom-domain?tabs=a%2Cazurecli)
  • f

    famous-lighter-79715

    07/25/2022, 6:34 PM
    Hi everyone - I'm trying use CDK v2 to deploy files to a bucket via "aws-cdk-lib/aws-s3-deployment" and using BucketDeployment, but the resource type is Custom::CDKBucketDeployment and there is no direct mapping to it for Cloud Control API (https://docs.aws.amazon.com/cloudcontrolapi/latest/userguide/supported-resources.html). Even with manual mapping, it doesn't really seem to work. Does anyone know a workaround for this?
    b
    • 2
    • 3
  • a

    ancient-solstice-53934

    07/25/2022, 6:38 PM
    Hi, I have created an azure container registry 'acracr166usdevt' using pulumi native 1.66. I have used both the following methods to retrieve admin user and password var registry = GetRegistryCredentials.Invoke(new GetRegistryCredentialsInvokeArgs { ResourceGroupName = _settings.ResourceGroup, RegistryName = registryName }); but getting following errors 2022-07-25T18:32:48.1317669Z Grpc.Core.RpcException: Status(StatusCode="Unknown", Detail="invocation of azure-native:containerregistry:getRegistryCredentials returned an error: request failed /subscriptions/............./resourceGroups/.............../providers/Microsoft.ContainerRegistry/registries/acracr166usdevt/getCredentials: autorest/azure: Service returned an error. Status=404 Code="ParentResourceNotFound" Message="Can not perform requested operation on nested resource. Parent resource 'acracr166usdevt' not found."") and var registry = GetRegistryCredentials.InvokeAsync(new GetRegistryCredentialsArgs() { ResourceGroupName = _settings.ResourceGroup, RegistryName = registryName }).GetAwaiter().GetResult(); at Task<int> Pulumi.Deployment+Runner.Pulumi.IRunner.RunAsync<TStack>(IServiceProvider serviceProvider)+() => { } 2022-07-25T18:12:50.0562862Z at Task<int> Pulumi.Deployment+Runner.RunAsync<TStack>(Func<TStack> stackFactory) ---> Grpc.Core.RpcException: Status(StatusCode="Unknown", Detail="invocation of azure-native:containerregistry:getRegistryCredentials returned an error: request failed /subscriptions/......../resourceGroups/..................../providers/Microsoft.ContainerRegistry/registries/acracr166usdevt/getCredentials: autorest/azure: Service returned an error. Status=404 Code="ParentResourceNotFound" Message="Can not perform requested operation on nested resource. Parent resource 'acracr166usdevt' not found."") 2022-07-25T18:12:50.0564522Z at async Task<InvokeResponse> Pulumi.GrpcMonitor.InvokeAsync(ResourceInvokeRequest request) 2022-07-25T18:12:50.0565245Z at async Task<SerializationResult> Pulumi.Deployment.InvokeRawAsync(string token, SerializationResult argsSerializationResult, InvokeOptions options) x 2 2022-07-25T18:12:50.0566041Z at async Task<T> Pulumi.Deployment.InvokeAsync<T>(string token, InvokeArgs args, InvokeOptions options, bool convertResult) 2022-07-25T18:12:50.0567018Z at ContainerApp ....Pulumi.Resources.ContainerAppService.CreateContainerApp(string appName, Input<string> envId, Input<string> registryServer) in D😕a/1/s/build/pulumi/...Pulumi/Resources/ContainerAppService.cs:line 56 2022-07-25T18:12:50.0568101Z at void ........Pulumi.Resources.ContainerAppService.CreateContainerApp() in D😕a/1/s/build/pulumi/.......Pulumi/Resources/ContainerAppService.cs:line 30 2022-07-25T18:12:50.0569006Z at new ......Pulumi.CoreRuntimeStack() in D😕a/1/s/build/pulumi/.....Pulumi/CoreRuntimeStack.cs:line 18 2022-07-25T18:12:50.0569605Z --- End of inner exception stack trace ---
  • r

    refined-postman-10389

    07/26/2022, 12:21 AM
    Hey all, got a quick question. Say we run
    pulumi preview
    with
    --target
    flags. If a resource is not in the targets list and is not in the dependency path, will its state still be read? I know its state is not included in the CLI output but I'm wondering if it is read at all.
    e
    • 2
    • 2
  • r

    red-scooter-62880

    07/26/2022, 12:43 AM
    Hey, do you know if Pulumi supports the following features of Azure B2C identity provider: api : https://docs.microsoft.com/da-dk/azure/active-directory-b2c/microsoft-graph-operations) custom policies: https://docs.microsoft.com/da-dk/azure/active-directory-b2c/deploy-custom-policies-devops So far I can only find the ability to create B2C tenant
    e
    a
    • 3
    • 10
  • r

    red-scooter-62880

    07/26/2022, 1:51 AM
    Another question: How can I setup Azure resources in different regions for the same stack?
    f
    • 2
    • 2
  • s

    steep-lamp-20408

    07/26/2022, 9:52 AM
    Hey all! I have a question I couldn’t solve with the online resources. I have a simple GitHub Actions workflow to build the resources, with the following yaml file content:
    name: Build staging resources
    
    on:
      push:
        branches:
        - develop
        paths-ignore:
          - "*.md"
          - "*.gitignore"
    
    jobs:
      deploy:
        name: Build staging resources
        runs-on: ubuntu-latest
        steps:
          - uses: pulumi/actions@v3
            with:
              command: up
              stack-name: tachikoma/tachikoma-backend/staging
            env:
              PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
    However, when pushing, I get the following output from GitHub Actions: `stderr: error: no Pulumi.yaml project file found (searching upwards from ). If you have not created a project yet, use
    pulumi new
    to do so` I don’t get it since I got a Pulumi.yaml file at the root of the project and I’m following the Pulumi GitHub Actions example. What did I got wrong?
    g
    • 2
    • 7
  • g

    gorgeous-accountant-60580

    07/26/2022, 11:44 AM
    Hi! I’m trying to create a resource in Azure, that needs to be accessible from AKS. To do this, I’d like to look up the AKS vnet. Unfortunately, the azure-native.network.LookupVirtualNetwork() method takes a resource group name and the vnet name. The vnets for our AKS clusters have random names, but there should only be one vnet in the resource group. Is it possible to look up the vnet without knowing the name?
    s
    • 2
    • 2
Powered by Linen
Title
g

gorgeous-accountant-60580

07/26/2022, 11:44 AM
Hi! I’m trying to create a resource in Azure, that needs to be accessible from AKS. To do this, I’d like to look up the AKS vnet. Unfortunately, the azure-native.network.LookupVirtualNetwork() method takes a resource group name and the vnet name. The vnets for our AKS clusters have random names, but there should only be one vnet in the resource group. Is it possible to look up the vnet without knowing the name?
s

steep-lamp-20408

07/26/2022, 11:49 AM
You might want to post this on #azure channel
g

gorgeous-accountant-60580

07/26/2022, 11:51 AM
✅
View count: 4