https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
general
  • q

    quiet-painter-30539

    10/12/2022, 11:45 AM
    I have one weird type conversion when using Pulumi stack references. An example with some anonymization of the code: In stack A I have:
    const a_secrets: pulumi.Output<pulumi.Output<string>[]>
    ...and:
    pulumi stack output --stack A/infra/kari --show-secrets --json | jq '.a_secrets'
    [
      "this-is-secret-from-a-8929c229"
    ]
    So,
    a_secrets
    is of type (I'm using Typescript):
    const a_secrets: *pulumi*.*Output*<*pulumi*.*Output*<string>[]>
    Then I use stack A in stack B:
    const a_secrets = stackA.requireOutput("a_secrets") as pulumi.Output<pulumi.Output<string>[]>;
    
    a_secrets.apply(a => {
      console.log(`****************************`);
      console.log(`typeof: ${typeof(a)}`);
      console.log(`json: ${JSON.stringify(a)}`);
    })
    => output:
    ****************************
    typeof: object
    json: {"XXXXXXXX93072939515e22adb298388d":"XXXXXXXX64138c4ac30d75fd1eb44270","value":["this-is-secret-from-a-8929c229"]}
    So, what I would expect in the stack B side for the type of
    a_secrets
    to be is the same
    pulumi.Output<pulumi.Output<string>[]>
    , but the type is
    {string: string, "value": [string]}
    and therefore I need to do this clumsy type conversion later on when I want to use that array:
    type a_type = {string: string, "value": [string]};
    ...
      secrets: a_secrets.apply(a => {
        // NOTE: Ugly! Why cannot we use the type that the stack A is supposed to return?
        const secrets_array = a as unknown as pulumi.Output<a_type>;
        return secrets_array["value"];
      }),
    When running
    pulumi up
    I see in the output:
    a_secrets: [secret]
    . Perhaps this has something to do with this weird type conversion? I have dependency
    "@pulumi/pulumi": "^3.42.0"
    in my Pulumi / Typescript and I'm using
    Pulumi cli v3.42.0
    on Ubuntu 2022, and the infrastructure gets created in GCP and we are using Pulumi Service to store the stacks. Any idea if I'm missing something here? Any help would be appreciated (🧵).
    e
    a
    • 3
    • 14
  • h

    hundreds-yacht-71603

    10/12/2022, 12:46 PM
    Hello, I'm looking at authoring a package. In CDK I have to write it in TypeScript, if I want all the other languages to make use of it. Is there a similar concept in Pulumi or do Packages (component resources right now) have to exist in all the languages that want to use it?
    l
    b
    • 3
    • 4
  • b

    billowy-army-68599

    10/12/2022, 6:07 PM
    my suspicion here is that the coredns deployment never starts because it’s not tolerating the fargate nodes
    h
    a
    • 3
    • 4
  • s

    salmon-motherboard-78006

    10/12/2022, 7:41 PM
    Hi, Trying to create a Snowflake table with clustering and getting an error:
    Table(resource_name=name,
                     name=name,
                     database=schema.database,
                     schema=schema.name,
                     comment=comment,
                     cluster_bies=[to_date("dw_created_at)"],
                     data_retention_days=schema.data_retention_days,
                     change_tracking=False,
                     columns=[
                         snowflake.TableColumnArgs(
                             name="data",
                             type="VARIANT",
                             nullable=False,
                         ),
                         snowflake.TableColumnArgs(
                             name="dw_created_at",
                             type="TIMESTAMP_LTZ",
                             nullable=False,
                             default=TableColumnDefaultArgs(expression="current_timestamp()")
                         ),
                     ],
                     opts=ResourceOptions(provider=provider))
    error:
    000904 (42000): SQL compilation error: error line 1 at position 65
        invalid identifier 'DW_CREATED_AT'
    This is what I’m seeing in query history:
    ALTER TABLE "DEV_DB"."STAGING"."gu" CLUSTER BY LINEAR(dw_created_at)
    Anybody seen this error?
  • s

    salmon-australia-56314

    10/12/2022, 9:06 PM
    Hey everyone, I’m trying to build a strongDM terraform-bridge by using the boilerplate template. I’m getting the following error when I try to run
    go mod tidy
    go: finding module for package <http://github.com/hashicorp/terraform-exec/tfinstall|github.com/hashicorp/terraform-exec/tfinstall>
    <http://github.com/myorg/pulumi-sdm/provider|github.com/myorg/pulumi-sdm/provider> imports
            <http://github.com/strongdm/terraform-provider-sdm/sdm|github.com/strongdm/terraform-provider-sdm/sdm> tested by
            <http://github.com/strongdm/terraform-provider-sdm/sdm.test|github.com/strongdm/terraform-provider-sdm/sdm.test> imports
            <http://github.com/hashicorp/terraform-plugin-sdk/helper/resource|github.com/hashicorp/terraform-plugin-sdk/helper/resource> imports
            <http://github.com/hashicorp/terraform-plugin-test/v2|github.com/hashicorp/terraform-plugin-test/v2> imports
            <http://github.com/hashicorp/terraform-exec/tfinstall|github.com/hashicorp/terraform-exec/tfinstall>: module <http://github.com/hashicorp/terraform-exec@latest|github.com/hashicorp/terraform-exec@latest> found (v0.17.3), but does not contain package <http://github.com/hashicorp/terraform-exec/tfinstall|github.com/hashicorp/terraform-exec/tfinstall>
    I went through some of the old PRs and re-added this line to
    go.mod
    <http://github.com/hashicorp/terraform-exec|github.com/hashicorp/terraform-exec> => <http://github.com/hashicorp/terraform-exec|github.com/hashicorp/terraform-exec> v0.15.0
    and then
    go mod tidy
    works. Although, after doing that, I tried to run
    make tfgen
    and it fails with
    no required module provides package <http://github.com/myorg/pulumi-sdm/provider/cmd/pulumi-tfgen-sdm;|github.com/myorg/pulumi-sdm/provider/cmd/pulumi-tfgen-sdm;> to add it:
            go get <http://github.com/myorg/pulumi-sdm/provider/cmd/pulumi-tfgen-sdm|github.com/myorg/pulumi-sdm/provider/cmd/pulumi-tfgen-sdm>
    This is probably a mixture of misunderstanding on my part and a dependency issue. I’d love some help/input if anyone has any ideas.
  • p

    proud-pizza-80589

    10/13/2022, 5:49 AM
    Is there a way to reproduce the behaviour of Random for my own custom resources? I have a generated value that i later store in Vault but that i never want to regenerate. So how do i prevent
    generateValue
    to run on next runs?
    export class Example extends ComponentResource {
    
      constructor(name: string, opts?: ComponentResourceOptions) {
        super('example', name, {}, opts);
    
        const generated = somelib.generateValue();
    
        new Secret(
          name,
          {
            path: `somepath/${name}`,
            dataJson: 
              JSON.stringify(generated)
            
          },
          { parent: this, ignoreChanges: ['*'], protect: true }
        );
      }
    }
    q
    e
    • 3
    • 6
  • f

    flaky-arm-38472

    10/13/2022, 6:35 AM
    Hi people. How do you do when you create a Security Group and then a Kubernetes service of type load balancer?. The service usually appends some rules to the security group on AWS therefore the state will change and once we want to run
    pulumi up
    it will diff from previous state and try to replace the new rules appended by the kubernetes service. How do you deal with that?
    l
    s
    • 3
    • 4
  • h

    hundreds-yacht-71603

    10/13/2022, 9:11 AM
    Hey, I guess I'm doing something wrong. 1. I create an eks cluster
  • h

    hundreds-yacht-71603

    10/13/2022, 9:11 AM
    LOL ... and that's the mistake 🙂
  • h

    hundreds-yacht-71603

    10/13/2022, 9:18 AM
    (second try) I'm trying to deploy a chart to a cluster I created in the same stack. pulumi doesn't use the provider or at least I would expect that telling
    k8s.helm.v3.Chart
    about the provider being the one I create it uses the kubeconfig from that provider. Is that way off?
    import * as k8s from "@pulumi/kubernetes";
    
    const k8sProvider = new k8s.Provider('k8s-cluster',
        {
            cluster: pulumi.interpolate`${cluster}`,
            // kubeconfig: cluster.kubeconfig,
        },
        {
            parent: cluster
        })
    const karpenterNamespace = new k8s.core.v1.Namespace('karpenter', {},
        {
            parent: k8sProvider
        })
    
    const nginxIngress = new k8s.helm.v3.Chart("nginx-ingress",
        {
            path: "./vendor/karpenter/charts/karpenter",
    
            namespace: pulumi.interpolate`${karpenterNamespace}`,
            values: {
                controller: {
                    env: [
                        {
                            name: "AWS_REGION",
                            value: "eu-west-1",
                        }
                    ]
                }
            }
        },
        {
            provider: k8sProvider,
            parent: karpenterNamespace
        });
    But this bails out + there are a million other resource definitions from the chart that complain, rightly so -- my local kubeconfig doesn't even know about the cluster and I don't see a reason why it should:
    Diagnostics:
      pulumi:pulumi:Stack (pulumi-eks-karpenter-dev):
        error: update failed
        error: Running program 'C:\Users\marti\src\pulumi-eks-karpenter' failed with an unhandled exception:
        Error: invocation of aws:ssm/getParameter:getParameter returned an error: error reading from server: read tcp 127.0.0.1:55120->127.0.0.1:55117: use of closed network connection
            at Object.callback (C:\Users\marti\src\pulumi-eks-karpenter\node_modules\@pulumi\runtime\invoke.ts:159:33)
            at Object.onReceiveStatus (C:\Users\marti\src\pulumi-eks-karpenter\node_modules\@grpc\grpc-js\src\client.ts:338:26)
            at Object.onReceiveStatus (C:\Users\marti\src\pulumi-eks-karpenter\node_modules\@grpc\grpc-js\src\client-interceptors.ts:426:34)
            at Object.onReceiveStatus (C:\Users\marti\src\pulumi-eks-karpenter\node_modules\@grpc\grpc-js\src\client-interceptors.ts:389:48)
            at C:\Users\marti\src\pulumi-eks-karpenter\node_modules\@grpc\grpc-js\src\call-stream.ts:276:24
            at processTicksAndRejections (node:internal/process/task_queues:78:11)
    
      kubernetes:<http://rbac.authorization.k8s.io/v1:ClusterRole|rbac.authorization.k8s.io/v1:ClusterRole> (nginx-ingress-karpenter-admin):
        error: configured Kubernetes cluster is unreachable: unable to load Kubernetes client configuration from kubeconfig file. Make sure you have:
    
             ΓÇó set up the provider as per <https://www.pulumi.com/registry/packages/kubernetes/installation-configuration/>
    
         cluster "[object Object]" does not exist
    e
    • 2
    • 4
  • c

    curved-ice-93356

    10/13/2022, 10:58 AM
    Hey guys , I am using pulumi service as a backend in my gitlab CI/CD pipeline. I can see resources on pulumi website and but on aws console they not appearing. please help if you have any idea.
    q
    h
    • 3
    • 15
  • c

    curved-ice-93356

    10/13/2022, 12:51 PM
    Hey guys I am tring to refresh a stack that is hosted in pulumi service using my cli. I keep logging in using
    pulumi login
    and then paste my Access token , but when I list the stacks nothing shows up. Even after doing this is a folder with a Pulumi.yaml file, I can't refresh my remote stack
    m
    e
    • 3
    • 17
  • v

    victorious-exabyte-70545

    10/13/2022, 5:52 PM
    Hi folks, I am having this issue: (Pulumi can't access VPN URLs) https://github.com/pulumi/pulumi/issues/4739. VPN DNS resolution problem on MacOSX. Is anyone else dealing with this. Any suggestions on workarounds?
    b
    e
    o
    • 4
    • 11
  • a

    able-ability-11203

    10/13/2022, 6:32 PM
    Good day everyone! I personally find yandex-cloud provider (last published Feb 2022) a little bit outdated, namely, missing OneToOneNat resource (found in terraform counterpart). Is this going to be updated anytime soon? Or how may I help this (though being a beginner in Pulumi)? Thanks in advance!
    b
    • 2
    • 3
  • m

    melodic-family-23496

    10/13/2022, 7:18 PM
    Is there a wait to make
    <http://pulumi.com/skipAwait|pulumi.com/skipAwait>
    to
    True
    as the default in all kubernetes resources?
    e
    • 2
    • 1
  • d

    dry-potato-52542

    10/13/2022, 7:51 PM
    Hey hope you all doing well. Looking for some guidance regarding error handling. So far my experience is that there is no easy way to do
    try ...catch
    or
    promis.catch()
    What are the options? The goals that I am chasing => have clean granular exception messages.
  • f

    faint-whale-905

    10/13/2022, 8:01 PM
    Hello. I'm trying to add a Lifecycle Rule to a S3 bucket that includes a minimum file size directive. I've review this doc, but don't see what the param name would be. Is minimum object even supported?
    e
    • 2
    • 3
  • q

    quaint-salesmen-18327

    10/14/2022, 6:58 AM
    Is there a way to constrain the organization(s) to which a stack may be deployed? We want to prevent leaking of company secrets into developers' accounts.
    e
    • 2
    • 5
  • n

    numerous-sunset-97789

    10/14/2022, 9:02 AM
    Hello there, Anyone else struggle with same problem as https://github.com/pulumi/pulumi-mysql/issues/98#issuecomment-1023148644 ? When you use
    mysqlProvider, err := mysql.NewProvider(ctx, "mysql", &mysql.ProviderArgs{
    	Endpoint: mysqlCfg.Host,
    	Username: mysqlCfg.User,
    	Password: mysqlCfg.Password,
    })
    if err != nil {
    	return err
    }
    
    _, err = mysql.NewDatabase(ctx, "test", &mysql.DatabaseArgs{
    	Name: pulumi.String("test"),
    }, pulumi.Provider(mysqlProvider))
    if err != nil {
    	return err
    }
    pulumi output is
    error: could not validate provider configuration: 1 error occurred:
        	* invalid value for proxy (The proxy URL is not a valid socks url.)
  • f

    faint-dusk-40863

    10/14/2022, 6:30 PM
    Hey guys, I'm trying to write a native provider for Pulumi, but when running through the README I'm running into an issue with it finding the plugin locally, I've created an issue here https://github.com/pulumi/pulumi-provider-boilerplate/issues/45
    • 1
    • 1
  • m

    modern-france-96243

    10/14/2022, 9:26 PM
    Hello Team, I'm building a Pulumi provider using the Terraform boilerplate, and got everything working so far except for the docs. The documentation is in the terraform porvider's docs folder in github (under docs/resources/resource_name.md, just like most other terraform providers), but I get this mapping error for all of my resources: "warning: could not find docs for resource "resource_name''. Override the Docs property in the data source mapping. See type tfbridge.DocInfo for details." Any ideas on what I'm missing here and/or what could I do to fix this? I have tried adding the following to the DocInfo mapping: Docs: &tfbridge.DocInfo{Source: ""}, however I have no clue what the format of the source string should be here and what should it contain.
    d
    • 2
    • 2
  • b

    billions-rocket-37012

    10/15/2022, 7:45 AM
    How do I get more information what's actually wrong than this?
    error: could not validate provider configuration: 1 error occurred:
      	* Invalid or unknown key
    ...
    debug: AWS Auth provider used: "StaticProvider"
    debug: registering resource: ty=pulumi:pulumi:Stack, name=saas-python-local, custom=False, remote=False
    warning: provider config warning: Argument is deprecated
    ...
    error Command failed with exit code 255.
    Running
    pulumi up -d -v 3
    but it gives me no information what attribute is deprecated or what key is invalid
    e
    • 2
    • 7
  • c

    clean-oil-72875

    10/16/2022, 1:48 AM
    Hey, I have problem with update docker in ECS Fargate. I keep docker images in github registry, my fargate definitions
    return new awsx.ecs.FargateService(`${getConfigValue(config, 'name')}-service`, {
            cluster: cluster,
            securityGroups: cluster.securityGroups,
            forceNewDeployment: true,
            assignPublicIp: false,
            taskDefinitionArgs: {
                containers: {
                    migrations: {
                        image: containerImage,
                        essential: false,
                        memory: 512,
                        cpu: 1024,
                        environment: environment,
                        repositoryCredentials: {
                            credentialsParameter: credentialsParameter
                        },
                        command: [
                            'npm',
                            'run',
                            'migrate:deploy'
                        ]
                    },
                    seed: {
                        dependsOn: [ {
                            containerName: 'migrations',
                            condition: 'SUCCESS'
                        }],
                        image: containerImage,
                        essential: false,
                        memory: 512,
                        cpu: 1024,
                        environment: environment,
                        repositoryCredentials: {
                            credentialsParameter: credentialsParameter
                        },
                        command: [
                            'npm',
                            'run',
                            'prisma:seed'
                        ]
                    },
                    application: {
                        dependsOn: [ {
                            containerName: 'seed',
                            condition: 'SUCCESS'
                        }],
                        image: containerImage,
                        memory: parseInt(getConfigValue(config, 'aws-fargate-memory')),
                        cpu: parseInt(getConfigValue(config, 'aws-fargate-cpu')),
                        environment: environment,
                        portMappings: [ applicationListener ],
                        repositoryCredentials: {
                            credentialsParameter: credentialsParameter
                        },
                    },
                },
                executionRole: createSercretCredientialsForGithubRegistry(config)
            },
            desiredCount: 1,
            deploymentMinimumHealthyPercent: 50,
            deploymentMaximumPercent: 200
        });
    but, when i trying make "pulumi up" to deploy new service, pulumi dont do anything
    Previewing update (xxxx)
    
    View Live: ....
    
         Type                 Name                     Plan
         pulumi:pulumi:Stack  XXX-api-stage
    
    Resources:
        77 unchanged
    
    Do you want to perform this update?  [Use arrows to move, enter to select, type to filter]
      yes
    > no
      details
    e
    b
    • 3
    • 8
  • w

    white-chef-55657

    10/16/2022, 12:31 PM
    hi folks, I’m looking to lint my stack yamls to ensure any configuration option added to a stack yaml also exists in the main project yaml, this is so future stacks don’t forget to include that configuration option has such a tool exists already? is anyone else following the same (somewhat pedantic) procedure? 🙂
    e
    • 2
    • 2
  • a

    adamant-waitress-42469

    10/17/2022, 9:34 AM
    I am making a stack of vpc then eks cluster then install helm charts. It messed up at some point, i manually deleted some resources and now pulumi destroy doesn't work, pulumi up doesn't work, i don't understand how pulumi state edit works - it seems to be a tangled mess of dependencies that are impossible to navigate. What should I do? The infra is not in production so I can delete anything
    e
    • 2
    • 3
  • a

    adamant-waitress-42469

    10/17/2022, 9:45 AM
    here's some output
  • a

    adamant-waitress-42469

    10/17/2022, 9:45 AM
    Do you want to perform this destroy? yes Destroying (dev) View Live: https://app.pulumi.com/vorsprung/infrak8/dev/updates/50 Type Name Status Info pulumi😛ulumi:Stack infrak8-dev failed 1 error - └─ kubernetes:core/v1:ConfigMap ja-cluster-nodeAccess deleting failed 1 error Diagnostics: kubernetes:core/v1:ConfigMap (ja-cluster-nodeAccess): error: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: Get "https://9CA4A885172974CEB5079C793D4A07AD.gr7.us-east-1.eks.amazonaws.com/openapi/v2?timeout=32s": dial tcp: lookup 9CA4A885172974CEB5079C793D4A07AD.gr7.us-east-1.eks.amazonaws.com on 192.168.178.1:53: no such host If the cluster has been deleted, you can edit the pulumi state to remove this resource pulumi😛ulumi:Stack (infrak8-dev): error: update failed Resources: Duration: 3s jamess-MBP:pulumi jamesandrews$
  • a

    adamant-waitress-42469

    10/17/2022, 9:51 AM
    and here's an attempt to "edit the pulumi state to remove this resource"
  • a

    adamant-waitress-42469

    10/17/2022, 9:51 AM
    jamess-MBP:pulumi jamesandrews$ pulumi state delete 'urn😛ulumi:dev::infrak8::eks:index:Cluster$aws:eks/cluster:Cluster::ja-cluster-eksCluster' warning: This command will edit your stack's state directly. Confirm? Yes error: This resource can't be safely deleted because the following resources depend on it: * "ja-cluster-eks-k8s" (urn😛ulumi:dev::infrak8::eks:index:Cluster$pulumi😛roviders:kubernetes::ja-cluster-eks-k8s) * "ja-cluster-nodeAccess" (urn😛ulumi:dev::infrak8::eks:index:Cluster$kubernetes:core/v1:ConfigMap::ja-cluster-nodeAccess) Delete those resources first before deleting this one. jamess-MBP:pulumi jamesandrews$ pulumi destroy -t 'urn😛ulumi:dev::infrak8::eks:index:Cluster$pulumi😛roviders:kubernetes::ja-cluster-eks-k8s' -t 'urn😛ulumi:dev::infrak8::eks:index:Cluster$kubernetes:core/v1:ConfigMap::ja-cluster-nodeAccess' Previewing destroy (dev) View Live: https://app.pulumi.com/vorsprung/infrak8/dev/previews/46a872a4-03f0-4181-8e55-77c919d2b6e9 Type Name Plan pulumi😛ulumi:Stack infrak8-dev - ├─ kubernetes:core/v1:ConfigMap ja-cluster-nodeAccess delete - └─ pulumi😛roviders:kubernetes ja-cluster-eks-k8s delete Resources: - 2 to delete Do you want to perform this destroy? yes Destroying (dev) View Live: https://app.pulumi.com/vorsprung/infrak8/dev/updates/51 Type Name Status Info pulumi😛ulumi:Stack infrak8-dev failed 1 error - └─ kubernetes:core/v1:ConfigMap ja-cluster-nodeAccess deleting failed 1 error Diagnostics: pulumi😛ulumi:Stack (infrak8-dev): error: update failed kubernetes:core/v1:ConfigMap (ja-cluster-nodeAccess): error: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: Get "https://9CA4A885172974CEB5079C793D4A07AD.gr7.us-east-1.eks.amazonaws.com/openapi/v2?timeout=32s": dial tcp: lookup 9CA4A885172974CEB5079C793D4A07AD.gr7.us-east-1.eks.amazonaws.com on 192.168.178.1:53: no such host If the cluster has been deleted, you can edit the pulumi state to remove this resource Resources:
  • a

    adamant-waitress-42469

    10/17/2022, 9:53 AM
    as you can see I can't run destroy as the cluster is unreachable. I can't edit the state to remove the cluster as ":ja-cluster-nodeAccess" depends on it. I can't remove ":ja-cluster-nodeAccess" as it is using a configmap in the non existent cluster
Powered by Linen
Title
a

adamant-waitress-42469

10/17/2022, 9:53 AM
as you can see I can't run destroy as the cluster is unreachable. I can't edit the state to remove the cluster as ":ja-cluster-nodeAccess" depends on it. I can't remove ":ja-cluster-nodeAccess" as it is using a configmap in the non existent cluster
View count: 4