https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
getting-started
  • b

    bright-oil-46290

    03/08/2022, 12:36 AM
    In the automation API, When running them, I don't see any files being created to a directory. So pulumi stack doesn't see what was programmed with the automation api. Is there a code example to create a stack and persist its state to a backend?
  • b

    bright-oil-46290

    03/08/2022, 12:46 AM
    Errr got an error locally. Guessing I have to figure out how to bootstrap a project from the Automation API
  • b

    bright-oil-46290

    03/08/2022, 12:46 AM
    " you have not created a project yet,"
  • b

    bright-oil-46290

    03/08/2022, 12:57 AM
    SaveProjectSettings 🙂
  • s

    square-painter-3449

    03/08/2022, 10:53 AM
    Hey guys! Is it possible to configure base directory for the pulumi program, per-stack? We would like to use self-managed GCS for our state, the setup we would like to roll with is the following:
    $ pulumi stack ls
    NAME                          LAST UPDATE  RESOURCE COUNT
    1_base                        n/a          n/a
    2_organization_envs.dev*      n/a          n/a
    2_organization_envs.pre-prod  n/a          n/a
    2_organization_envs.prod      n/a          n/a
    $ ls -la
    total 56
    drwxr-xr-x  13 robin.opletal  1380609156  416  8 Mar 11:46 .
    drwxr-xr-x  19 robin.opletal  1380609156  608  7 Mar 12:33 ..
    -rw-r--r--   1 robin.opletal  1380609156   12  8 Mar 11:12 .gitignore
    drwxr-xr-x   2 robin.opletal  1380609156   64  8 Mar 11:35 1_base
    drwxr-xr-x   3 robin.opletal  1380609156   96  8 Mar 11:46 2_organization_envs
    -rw-r--r--   1 robin.opletal  1380609156   85  8 Mar 11:14 Pulumi.1_base.yaml
    -rw-r--r--   1 robin.opletal  1380609156  112  8 Mar 11:45 Pulumi.2_organization_envs.dev.yaml
    -rw-r--r--   1 robin.opletal  1380609156  123  8 Mar 11:38 Pulumi.2_organization_envs.pre-prod.yaml
    -rw-r--r--   1 robin.opletal  1380609156  122  8 Mar 11:43 Pulumi.2_organization_envs.prod.yaml
    -rw-r--r--   1 robin.opletal  1380609156  126  8 Mar 11:12 Pulumi.yaml
    drwxr-xr-x   3 robin.opletal  1380609156   96  8 Mar 11:46 __pycache__
    -rw-r--r--   1 robin.opletal  1380609156   46  8 Mar 11:12 requirements.txt
    drwxr-xr-x   6 robin.opletal  1380609156  192  8 Mar 11:12 venv
    I have tried adding:
    main: 2_organization_envs/
    to the stack config yaml file, but that hasn’t resulted in any changes Thanks! P.S. The goal is to have all the code for all
    2_organization_envs
    stacks in
    2_organization_envs/
    , for example
    $ ls 2_organization_envs/
    __main__.py
    n
    • 2
    • 1
  • s

    square-painter-3449

    03/08/2022, 1:12 PM
    Another question: how am I supposed to reference a repository for a template list? I am trying to do this over git SSH, but am getting a “template not found” error. Here is the git command I am trying to use:
    pulumi new git@gitlab.<redacted>.<redacted>:infrastructure/testing/pulumi-test/-/tree/master/aws-go-appsync.git
    e
    • 2
    • 4
  • c

    creamy-fall-88031

    03/09/2022, 9:02 PM
    Hi guys is it possible to deploy infra on Azure via Github Actions using OpenID Connect (federated identity access)? I would really like to avoid storing secrets in GitHub. This is the action file:
    name: Pulumi
    on:
      push:
        branches:
          - main
    
    permissions:
      id-token: write
      contents: read
    
    jobs:
      up:
        name: Update
        runs-on: ubuntu-latest
        steps:
          - uses: actions/checkout@v2
          - uses: actions/setup-node@v2
            with:
              node-version: 14.x
          - name: 'Azure login via CLI (Federated access)'
            uses: azure/login@v1
            with:
              client-id: ${{ secrets.AZURE_CLIENT_ID }}
              tenant-id: ${{ secrets.AZURE_TENANT_ID }}
              subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} 
          - run: npm install
          - uses: pulumi/actions@v3
            with:
              command: up
              stack-name: dev
              cloud-url: <azblob://state>       
            env:
              PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
              AZURE_STORAGE_ACCOUNT: ${{ secrets.AZURE_STORAGE_ACCOUNT }}
              AZURE_STORAGE_KEY: ${{ secrets.AZURE_STORAGE_KEY }}
              AZURE_KEYVAULT_AUTH_VIA_CLI: true
    action
    azure/login@v1
    finishes without any issues, but
    pulumi/actions@v3
    fails with the following error
    failed with an unhandled exception:
    azure-native:resources:ResourceGroup aks-test  error: building auth config: Authenticating using the Azure CLI is only supported as a User (not a Service Principal).
    b
    • 2
    • 10
  • b

    better-queen-89787

    03/10/2022, 7:56 AM
    Hi Folks, not sure if this is the right channel to ask but I'm trying to use Pulumi on AWS to create Fargate container and came across the problem when deploying multiple times from GH action. I'm getting:
    TargetGroupAssociationLimit: The following target groups cannot be associated with more than one load balancer
    when running
    const listener = new awsx.lb.NetworkLoadBalancer(nameFor("lb"))
            .createTargetGroup(nameFor("group"), { port: 80, protocol: "TCP" })
            .createListener(nameFor("listener"), { port: 443, protocol: "TLS", certificateArn: certificate.arn})
    It work locally when ran pulumi up but not via GH action with same command. GH Action version: 3.15.0 Pulumi version on GH action: v3.25.1 Local Pulumi version: v3.25.1
  • t

    thankful-coat-47937

    03/10/2022, 11:47 PM
    hi all. shared this in #general but wondering if anyone can help me out here?
  • b

    brave-mouse-27112

    03/11/2022, 11:48 AM
    Hello, I am trying to deploy the
    aws-py-voting-app
    example (https://github.com/pulumi/examples/blob/master/aws-py-voting-app/). It's taking quite long and then failing with this error:
    aws:lb:TargetGroup (redis-targetgroup):
        error: 1 error occurred:
            * creating urn:pulumi:dev::voting-app::aws:lb/targetGroup:TargetGroup::redis-targetgroup: 1 error occurred:
            * error modifying Target Group Attributes: ValidationError: 'Stickiness type' must be one of [app_cookie, lb_cookie, source_ip]
            status code: 400, request id: 9995a158-8d9b-4e97-93ed-884389a95f6d
    
    Resources:
        + 17 created
    
    Duration: 45m20s
    I can not make sense of this error message because 'lb_cookie' is used as type, as far as I can tell: https://github.com/pulumi/examples/blob/master/aws-py-voting-app/__main__.py#L130 Any hints what the problem could be?
    e
    • 2
    • 3
  • q

    quick-engine-41995

    03/12/2022, 3:28 PM
    Hey, I new to this If I dont want to use Pulumi managed service, then how is this work? Is it Pulumi produce some yaml or some kind of files, so I use this file to deploy it to my cloud provider?
    e
    • 2
    • 3
  • c

    crooked-autumn-27958

    03/12/2022, 4:56 PM
    Hi Everyone, I was working through the getting started guide for non cloud Kubernetes and had an issue I'm hoping someone is able to help with. The first deployment of nginx went fine, but after updating the stack to expose an IP address it failed with:
    kubernetes:core/v1:Service (nginx):
        error: 2 errors occurred:
        	* resource default/nginx-qyb8bpd9 was successfully created, but the Kubernetes API server reported that it failed to fully initialize or become live: 'nginx-qyb8bpd9' timed out waiting to be Ready
        	* Service was not allocated an IP address; does your cloud provider support this?
    The Kubernetes cluster is microk8s, so it's highly likely I've not enabled a required addon, but I don't know where to start. Any help would be appreciated. Thanks
    • 1
    • 1
  • c

    crooked-autumn-27958

    03/12/2022, 5:00 PM
    I should have mentioned the microk8s Kubernetes cluster is not on my Mac, it's on another machine
  • e

    echoing-oil-42947

    03/13/2022, 9:20 PM
    đź‘‹ Quick question, is it possible to use a k8s secret to get a vault token and use that in a provider? In theory it seems to be yes, but vault is giving 403 during the preview step (which makes sense as that secret likely hasn't been fetched yet)
    l
    e
    • 3
    • 9
  • n

    nice-petabyte-37240

    03/14/2022, 7:49 AM
    Hi, some questions about pulumi with AWS Cognito Userpool,
  • n

    nice-petabyte-37240

    03/14/2022, 7:50 AM
    does anyone know how to change the verification option from no verification to email? can't find it in documentation! (https://www.pulumi.com/registry/packages/aws/api-docs/cognito/userpool/)
    e
    • 2
    • 3
  • q

    quaint-pharmacist-79538

    03/14/2022, 1:36 PM
    Hello Pulumi Team, A Quick question, I'm using the package K8S for OVH provider. How can I get the externalIP of my nodes as
    kukectl get node -o wide
  • n

    nice-petabyte-37240

    03/15/2022, 3:15 AM
    Hi, Question about Pulumi Appsync functions. I want to disable the request/response mapping template in the case of the lambda function data source. but mapping template is a required field. any other option for this?
  • a

    agreeable-terabyte-59853

    03/15/2022, 1:27 PM
    Hi, I am trying to use Pulumi .NET to create an Azure Function, however, I do not seem to find how to add a function to the Function App programatically. Any ideas?
  • a

    average-article-76176

    03/16/2022, 5:23 PM
    Couldn't find this info in the docs.. In Python, my
    __main__.py
    simply imports other modules and the project contains other modules still. However, Pulumi seems to require all the
    __init__.py
    to import modules, or else Pulumi doesn't import them. Is this correct? I need to explicitly import all modules and packages in each package's
    __init__.py
    ? If so, is there a better / more standardized way?
    s
    n
    • 3
    • 3
  • e

    echoing-oil-42947

    03/16/2022, 5:52 PM
    If I am using a self-managed backend, when using stack references where can I find / set the organization that is used in the reference? Edit: There is a non-zero chance that reading the docs will tell you exactly what you want to know, looks like you need to set the
    org
    config
    l
    • 2
    • 2
  • b

    boundless-policeman-48078

    03/17/2022, 5:54 AM
    Hi Pulumi peeps We are trying to use the tf2pulumi plugin to migrate our terraform into a pulumi project. When we run 'pulumi plugin install resource azurerm' we are getting the error: pulumi plugin install resource azurerm [resource plugin azurerm-1.60.0] installing error: [resource plugin azurerm-1.60.0] downloading from : 403 HTTP error fetching plugin from https://get.pulumi.com/releases/plugins/pulumi-resource-azurerm-v1.60.0-darwin-amd64.tar.gz I have logged in using pulumi login with an access token from the portal. We had no issue using the google plugin 'pulumi plugin install resource google' Are you able to point me in the right direction?
    e
    b
    s
    • 4
    • 11
  • a

    average-article-76176

    03/17/2022, 7:32 PM
    noob question that I couldn't find in the documentation or searching slack: What's the difference between: •
    update
    •
    replace
    •
    create-replacement
    •
    delete-replaced
    I imagine the end result is the same, but these look like important concepts to understand when using Pulumi. (currently getting all 3 when doing
    pulumi up --diff
    ).
    âž• 1
    e
    • 2
    • 4
  • a

    ambitious-doctor-78865

    03/18/2022, 8:58 PM
    đź‘‹ Hello, team!
  • a

    ambitious-doctor-78865

    03/18/2022, 9:01 PM
    I created a pulumi stack and used
    ctx.Export("elasticache", elasticacheURN)
    in my code to export the URN. When i run the command
    pulumi stack output
    from my terminal, I see the expected output. My question is: How can I access these outputs from different pulumi stack programatically (I am using Go). I need this output to install service that needs the above output to work. Can anyone please help me get started? Thanks
    p
    • 2
    • 1
  • c

    creamy-fall-88031

    03/20/2022, 11:10 PM
    Hey team. I am trying to create a ManagedCluster in Azure using Pulumi Azure native library and attach it to a pre-existing VNET subnet This is how I get the subscriptionId:
    const subscriptionId = azure.core.getSubscription({});
    This is the code snippet where I create my VNET:
    const virtualNetwork = new azure_native.network.VirtualNetwork(`vnet-${pulumi.getStack()}-${randomNo}`, {
        addressSpace: {
            addressPrefixes: ["10.0.0.0/8"],
        },
        resourceGroupName: resourceGroup.name,
        subnets: [{
            addressPrefix: "10.0.2.0/24",
            name: `snet-postgres-${pulumi.getStack()}-${randomNo}`,
            serviceEndpoints: [{
                service: "Microsoft.Sql",
            }],
        },{
            addressPrefix: "10.0.1.0/24",
            name: `snet-aks-${pulumi.getStack()}-${randomNo}`,
        }],
        virtualNetworkName: `vnet-${pulumi.getStack()}-${randomNo}`,
    });
    This is the code I used for the cluster:
    const managedClusterName = config.get("managedClusterName") || `aks-${randomNo}`;
    const cluster = new containerservice.ManagedCluster(managedClusterName, {
        resourceGroupName: resourceGroup.name,
        resourceName: `aks-${randomNo}`,
        agentPoolProfiles: [{
            count: 2,
            maxPods: 110,
            mode: "System",
            name: "agentpool",
            nodeLabels: {},
            osDiskSizeGB: 30,
            osType: "Linux",
            type: "VirtualMachineScaleSets",
            vmSize: "Standard_B2s",
            vnetSubnetID: `/subscriptions/${subscriptionId}/resourceGroups/rsg-${pulumi.getStack()}-${randomNo}/providers/Microsoft.Network/virtualNetworks/vnet-${pulumi.getStack()}-${randomNo}/subnets/snet-aks-${pulumi.getStack()}-${randomNo}`
        }],
        dnsPrefix: resourceGroup.name,
        enableRBAC: true,
        kubernetesVersion: "1.23.3",
        linuxProfile: {
            adminUsername: "testuser",
            ssh: {
                publicKeys: [{
                    keyData: sshKey.publicKeyOpenssh,
                }],
            },
        },
        nodeResourceGroup: `MC_azure-go_${managedClusterName}`,
        servicePrincipalProfile: {
            clientId: adApp.applicationId,
            secret: adSpPassword.value,
        },
    },
    {
        dependsOn: [virtualNetwork]
    });
    but I keep getting the following error:
    azure-native:containerservice:ManagedCluster (aks-547):
        error: Code="LinkedAuthorizationFailed" Message="The client has permission to perform action 'Microsoft.Network/virtualNetworks/subnets/join/action' on scope '/subscriptions/70340165-1840-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/rsg-dev-547/providers/Microsoft.ContainerService/managedClusters/aks-547', however the linked subscription '[object Promise]' was not found."
    Quite frankly I am baffled with what I'm doing wrong here. If I try to create the cluster without
    dependsOn: [virtualNetwork]
    , the deployment fails. If I try to create the cluster after the VNET is created, then I get the above message complaining that the linked subscription cannot be found (???) BTW, the qualified name (resource path) of the cluster is correct, including the subscriptionId.
  • c

    creamy-fall-88031

    03/21/2022, 8:53 PM
    Turns out I can't just add a fully qualified resource name string to
    vnetSubnetId
    . I need to invoke
    getSubnet()
    and then pass the resulting id. But now there is another error popping up. Pulumi complains on invoking
    getSubnet()
    on a virtual network resource which is still not being created. How can one overcome this issue?
    l
    • 2
    • 18
  • a

    ancient-energy-2517

    03/21/2022, 11:11 PM
    Hi EveryOne. I am trying to create k8s cluster using this tutorial: https://www.pulumi.com/registry/packages/gcp/api-docs/container/cluster/#with-a-separately-managed-node-pool-recommended . But when I set nodeCount to 1 or 2, on GCP console I observe 3 node cluster.
    b
    • 2
    • 2
  • b

    bright-horse-50102

    03/22/2022, 6:51 PM
    The GKE examples do this a lot: https://github.com/pulumi/examples/blob/master/gcp-ts-gke/cluster.ts#L10-#L14
    // We can't create a cluster with no node pool defined, but we want to only use
    // separately managed node pools. So we create the smallest possible default
    // node pool and immediately delete it.
    Why do we only want to use seperately managed node pools? The GKE introduction docs don't do this
    l
    • 2
    • 2
  • b

    bright-horse-50102

    03/22/2022, 9:29 PM
    Is it possible to pass node.js CLI arguments to
    pulumi up
    ? I'm working with a typescript monorepo and it would be cool to have my pulumi infrastructure be a package inside of that monorepo like the others - but the monorepo manages dependencies through Yarn PnP (with corepack) which means we need to pass a
    -r ./.pnp.cjs
    flag to
    node
    for dependencies like
    @pulumi/pulumi
    to resolve
    l
    • 2
    • 5
Powered by Linen
Title
b

bright-horse-50102

03/22/2022, 9:29 PM
Is it possible to pass node.js CLI arguments to
pulumi up
? I'm working with a typescript monorepo and it would be cool to have my pulumi infrastructure be a package inside of that monorepo like the others - but the monorepo manages dependencies through Yarn PnP (with corepack) which means we need to pass a
-r ./.pnp.cjs
flag to
node
for dependencies like
@pulumi/pulumi
to resolve
l

little-cartoon-10569

03/22/2022, 9:55 PM
Yes, though it's still considered an experimental feature. You do it through Pulumi.yaml. Let me find the syntax for you...
Add a
nodeargs
property to the
runtime:options
object. So you need a block like this in your Pulumi.yaml:
runtime:
  name: nodejs
  options:
    nodeargs: -r ./pnp.cjs
You might learn more from the code.. https://github.com/pulumi/pulumi/blob/d7393a3c24af7b12ec8bcde7e8acdf9e60441a60/sdk/nodejs/cmd/pulumi-language-nodejs/main.go#L93
b

bright-horse-50102

03/22/2022, 10:26 PM
Good to know this option exists. I ended up solving my issue in a different way. Because the pulumi node SDK depends on the existance of
node_modules
on the filesystem, just
-r ./.pnp.cjs
isn't enough, but using yarn's pnpify shim is. https://github.com/pulumi/pulumi/issues/3586#issuecomment-782589776
Thank you either way!
View count: 4