https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
getting-started
  • b

    bright-horse-50102

    03/23/2022, 1:50 AM
    using
    docker.Image
    to build an image and running into some weird behavior, it doesn't seem to be respecting the registry I passed to the image. with the typescript runtime:
    const image = new docker.Image('app', {
      imageName: 'org/app:latest',
      build: {
        context: '...',
        dockerfile: '...',
      },
      registry: {
        server: '<http://ghcr.io|ghcr.io>',
        username: 'user',
        password: 'password',
      },
    });
    this logs: error: Error: ' docker push org/app:latest-3c7ccbb9189753d00babbc9390eee3fa9ae7594d2b8642241ea7b139898c695c' failed with exit code 1 The push refers to repository [docker.io/org/app] error: denied: requested access to the resource is denied it seems to me like the push is being attempted to the
    <http://docker.io|docker.io>
    registry when I've specified
    <http://ghcr.io|ghcr.io>
    as a registry
  • c

    creamy-fall-88031

    03/24/2022, 9:56 AM
    Hi. Um... this is me not really understanding TypeScript or not properly reading the API documentation, so please bare with me as it's most likely a PEBKAC issue. But at this point I really do appreciate any help. I am trying to attach a public static IP to an AKS loadbalancer created with azure native ManagedCluster constructor. This is how I create the IP, which I am sure it's all good:
    const publicIPAddress = new azure_native.network.PublicIPAddress(`ipaddr-${environmentLabel}`, {
        idleTimeoutInMinutes: 10,
        publicIPAddressVersion: "IPv4",
        publicIPAllocationMethod: "Static",
        publicIpAddressName: `ip-lb-testaks-${environmentLabel}`,
        resourceGroupName: `mc_${managedClusterName}`,
        sku: {
            name: "Standard",
            tier: "Global",
        },
        dnsSettings: {
            //domainnamelabel.location.cloudapp.azure.com => <http://testaks.northcentralus.cloudapp.azure.com|testaks.northcentralus.cloudapp.azure.com>
            domainNameLabel: "testaks"
        }
    });
    This is how I try to inject the property in containerservice.ManagedCluster constructor:
    networkProfile: {
    		networkPlugin: "azure",
    		serviceCidr: "10.10.0.0/24",
    		dnsServiceIP: "10.10.0.10",
    		dockerBridgeCidr: "172.17.0.1/16",
            loadBalancerProfile: {
                outboundIPs: {
                    publicIPs: publicIPAddress.id
                } 
            },  
    	},
    Right out of the box I get the following error on the
    publicIPs: publicIPAddress.id
    line:
    Type 'Output<string>' is not assignable to type 'Input<ResourceReferenceArgs>'.
      Type 'Output<string>' is not assignable to type 'OutputInstance<ResourceReferenceArgs>'.
        Types of property 'apply' are incompatible.
          Type '{ <U>(func: (t: string) => Promise<U>): Output<U>; <U>(func: (t: string) => OutputInstance<U>): Output<U>; <U>(func: (t: string) => U): Output<...>; }' is not assignable to type '{ <U>(func: (t: ResourceReferenceArgs) => Promise<U>): Output<U>; <U>(func: (t: ResourceReferenceArgs) => OutputInstance<U>): Output<...>; <U>(func: (t: ResourceReferenceArgs) => U): Output<...>; }'.
            Types of parameters 'func' and 'func' are incompatible.
              Types of parameters 't' and 't' are incompatible.
                Type 'string' has no properties in common with type 'ResourceReferenceArgs'.ts(2322)
    Can anyone please provide me with some clarity what I'm doing wrong here?
    s
    • 2
    • 2
  • f

    full-receptionist-92539

    03/24/2022, 10:44 AM
    Hello everyone, I have a weird question. I am using Pulumi for Snowflake management and I have created a series of resources that I want to apply to my Snowflake account. I want to create a Database and then a Schema that exist inside that database. Database code
    db_prod = snowflake.Database(
        "MY_DB",
        name="MY_DB"
    )
    Schema code
    schema = snowflake.Schema(
        f"{db_prod.name}|MY_SCHEMA",
        name="MY_SCHEMA",
        database=db_prod,
        is_managed=True
    )
    My problem is that I cannot get the name of my database based on the
    db_prod
    object. I know that the object has not been evaluated yet, but is there any way to extract the name of my database and use it in my schema? My naive solution is to assign the name of the database in a variable and then use the variable in both places.
  • f

    flaky-yak-39108

    03/24/2022, 11:41 AM
    Maybe i should have posted my question here 😄
  • a

    astonishing-notebook-93377

    03/24/2022, 12:11 PM
    Hello everyone! I have a project in mind... I want to offer a simple webui with 2-3 fields, an option to pick an "image" and an "OK" button, people can go to that webUI, make options and click ok. After that, I want to trigger pulumi to deploy an environment with these specific options. I would like to use pulumi-python maybe with django or flask, maybe my own restAPI later on. How would I start with this? I might see a way to prepare the basic python config and everything, but im struggling with with "pulumi up" ? And how can I make that one pulumi work with different stacks? Is there an example anywhere or a write down on how to approach that?
    v
    • 2
    • 1
  • a

    astonishing-notebook-93377

    03/24/2022, 1:08 PM
    I think I found it here - https://github.com/pulumi/automation-api-examples/tree/main/python/pulumi_over_http ? Am I right?
  • d

    dry-salesmen-32588

    03/25/2022, 1:26 PM
    any hint on how to format helm values in python ? specifically tuples ? ie. helm values type:
    extraVolumes:
      - type: 'secret'
        name: 'creds'
    It doesn't really fit the "dict" pattern. that the examples used on the website/github is referring to
    • 1
    • 1
  • c

    creamy-fall-88031

    03/25/2022, 5:16 PM
    Guys, a bit of ts help please. I don't understand what pulumi is expecting here as input. There is pulumi.input<pulumi.input twice of which the first is I guess an array?
    interface ManagedClusterLoadBalancerProfileOutboundIPsArgs {
            /**
             * A list of public IP resources.
             */
            publicIPs?: pulumi.Input<pulumi.Input<inputs.containerservice.ResourceReferenceArgs>[]>;
    so...
    publicIPs: what_exactly
    ?? The following is clearly not correct:
    {
       publicIPs: ipresource.id
    }
    w
    • 2
    • 25
  • c

    chilly-plastic-75584

    03/28/2022, 2:47 AM
    Let's say I can't run pulumi on target clusters at the same time. Instead of building a multi provide plan I need to change the kubeconfig in a new run on a new agent. (Not using operator). Is Pulumi going to be "additive" if the logical urns are unique and just add new content to tracking or similar to terraform where if it doesn't exist in the current plan it's considered a destroy/remove? Dealing with some uncontrollable credentials that might require me to stop looping on cluster and instead run independently.
    • 1
    • 1
  • c

    chilly-plastic-75584

    03/28/2022, 7:08 PM
    --- Can I pass normal go flags or just ENV vars to pulumi when executing? I want to write a little logic for flipping to a yaml render output, but store state locally as it's just for experimentation. Didn't know if I could add flags/parameters or I should use env variables instead.
    b
    • 2
    • 3
  • w

    wonderful-motherboard-66151

    03/29/2022, 8:34 AM
    Has anybody an example on setting up a mysql server on azure along with a few databases? I am trying to do that, but I keep getting an error like the following, and I have no idea where to look…
    error: Could not connect to server: Error 9999: An internal error has occurred. Please retry or report your issues.
    I just found a few resources explaining some SSL stuff… But even if I disable SSL I get the same error…
    b
    • 2
    • 33
  • b

    blue-pharmacist-31672

    03/29/2022, 3:56 PM
    Hi there, I'm provisioning some SQS queue policies that are timing out when pulumi runs. I'm pretty sure this is an issue with the provider being slow because on subsequent runs more and more policies resolve. I've set a custom timeout on the resource however it still seems like the timeout is only two minutes when pulumi runs. Is this a bug? Or have I missed something in how custom timeouts are set? The creation code for the queue is this:
    new QueuePolicy(
                    $"policy-name",
                    new QueuePolicyArgs
                    {
                        QueueUrl = queue.Id,
                        Policy = policyJson
                    },
                    new CustomResourceOptions
                    {
                        Provider = provider,
                        Protect = isQueueProtected,
                        DependsOn = queue,
                        CustomTimeouts = new CustomTimeouts 
                        { 
                           Create = TimeSpan.FromMinutes(30),
                           Update = TimeSpan.FromMinutes(30),
                        }
                    }
                );
    However the error message from the pulumi deploy is where the timeout is echoed as
    2m0s
    aws:sqs:QueuePolicy (policy-name):
        error: 1 error occurred:
        	* creating urn:pulumi:*******: 1 error occurred:
        	* error waiting for SQS Queue Policy (<https://sqs.us-west-1.amazonaws.com/*****>) to be set: timeout while waiting for state to become 'equal' (last state: 'notequal', timeout: 2m0s)
    Really appreciate any advice on this. Thank you.
  • r

    rough-oyster-77458

    03/29/2022, 4:42 PM
    Hi there, I have two resources:
    resource1
    and
    resource2
    .
    resource2
    depends on
    resource1
    , but there's no explicit relationship. How can I ask Pulumi to deploy
    resource1
    first and
    resource2
    afterwards?
    b
    • 2
    • 2
  • b

    bright-receptionist-28471

    03/29/2022, 9:18 PM
    Is it possible to get config values from a default provider? I want to get the default project assigned to the GCP default provider. To work around I can add another config key for project, but it seems strange to have both
    gcp:project
    and
    <namespace>:project
    set in config
    p
    • 2
    • 6
  • c

    chilly-plastic-75584

    03/29/2022, 11:23 PM
    What's the proper way to set a value such as a sensitive database connection string as an exported value, yet it's a secret, so that it could be imported as a stack reference for another stack that needs to setup configs to this database. I'm using Go fyi.
    b
    l
    • 3
    • 6
  • b

    bright-horse-50102

    03/30/2022, 12:51 AM
    how can I deploy something from Google's Kubernetes App Marketplace to a GCP GKE cluster with Pulumi? I struggled to find documentation for this https://console.cloud.google.com/kubernetes/application https://github.com/kubernetes-sigs/application/blob/master/README.md
  • r

    rough-oyster-77458

    03/30/2022, 6:36 PM
    Hi, Why if I set
    parent=parent_id
    to a resource Pulumi wants to delete this resource? Is that expected behaviour?
    b
    l
    • 3
    • 6
  • c

    chilly-plastic-75584

    03/30/2022, 7:34 PM
    I'm stuck on a critical issue for readying a new pulumi prod deployment. I have to run azure service connections and kubernetes service connections. I know azure one is supported but I need to now deployment k8 deployment to kubernetes using k8 SVC role. Before I had secret kubeconfig embedded. Now I need to rely on service connection to kubernetes using SVC account credential. Is this possible with azure DevOps extension in Pulumi or is there another approach I should look at?
  • k

    kind-island-70054

    03/31/2022, 10:52 AM
    I’m trying to setup continuous deployment within my CI. So I created a GCP service account, in a global project, and I gave it select access rights to my environments projects so that it can only update what I think it should be able to.
    // Define Semaphore SA access rights
    ["roles/run.developer"].map(
      (role) =>
        new gcp.projects.IAMMember(`semaphoreci-${role}`, {
          project: configs.gcp.project,
          role,
          member: pulumi.interpolate`serviceAccount:${configs.semaphore.serviceAccountEmail}`,
        })
    );
    It fails to deploy though when I try to get the project number this way:
    gcp.organizations.getProject().then((project) => project.number)
    I tried adding several roles to my service account so that it can execute that command but it keeps failing saying that I need to allow the Cloud Resource Manager API (it is already enabled). Anyone knows how to allow a service account from another project to be able to execute that command?
    ✅ 1
    • 1
    • 2
  • q

    quaint-river-59320

    03/31/2022, 3:11 PM
    Good morning. Trying to generate a random password for an RDS database and then save the password as a secret to AWS Secret Manager. The secret gets created, but the password is always "{}". What am I doing wrong?
    //Create RDS Secret
            var config = new Pulumi.Config();
            string dbUser = config.Get("rdsUser").ToString();
    
            var password = new Random.RandomPassword("chpm-rds-password", new Random.RandomPasswordArgs
            {
                Length = 16,
                Special = true
            });
    
    
    
            var rdsSecret = new AwsClassic.SecretsManager.Secret("CHPM-DB-Secret");
            var secretObject = new
            {
                UserName = dbUser,
                Password = password.Result,
                Endpoint = "test"
            };
    b
    • 2
    • 12
  • b

    brave-doctor-12316

    04/01/2022, 7:03 PM
    is anyone wrote aws lambda canaries synthetics using Pulumi? I dont see anything in its CloudWatch sdk.
  • c

    calm-tent-21096

    04/03/2022, 6:40 PM
    still having trouble creating resources with user-assigned identities:
    var languageIdentity = new AzureNative.ManagedIdentity.UserAssignedIdentity(name, new AzureNative.ManagedIdentity.UserAssignedIdentityArgs
            {
                ResourceGroupName = _cognitiveRg.Name,
                ResourceName = name
            });
            languageIdentity.Id.Apply(id =>
            {
                var langStorageAssignment = new AzureNative.Authorization.RoleAssignment("lang-storage-assignment", new AzureNative.Authorization.RoleAssignmentArgs
                {
                    PrincipalType = AzureNative.Authorization.PrincipalType.ServicePrincipal,
                    PrincipalId = languageIdentity.PrincipalId,
                    RoleDefinitionId = "/subscriptions/xxx/providers/Microsoft.Authorization/roleDefinitions/ba92f5b4-2d11-453d-a403-e96b0029c9fe", // storage blob data contributor
                    Scope = _coreRef.GetOutput("StorageAccountId").Apply(sa => Convert.ToString(sa) ?? string.Empty)
                });
                var searchContributorAssignment = new AzureNative.Authorization.RoleAssignment("lang-search-contributor", new AzureNative.Authorization.RoleAssignmentArgs
                {
                    PrincipalType = AzureNative.Authorization.PrincipalType.ServicePrincipal,
                    PrincipalId = languageIdentity.PrincipalId,
                    RoleDefinitionId = "/subscriptions/xxx/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c",
                    Scope = _searchService?.Id ?? throw new Exception("Search Service not available")
                });
                language = new Account(name, new AccountArgs
                {
                    Kind = "TextAnalytics",
                    AccountName = name,
                    Identity = new AzureNative.CognitiveServices.Inputs.IdentityArgs
                    {
                        Type = AzureNative.CognitiveServices.IdentityType.UserAssigned,
                        UserAssignedIdentities =
                        {
                            { 
                                id,
                                new AzureNative.CognitiveServices.Inputs.UserAssignedIdentityArgs { PrincipalId = languageIdentity.PrincipalId } 
                            }
                        }
                    },
    // ...
  • c

    calm-tent-21096

    04/03/2022, 6:41 PM
    the Identity section for
    language
    doesn't work, but it's the only way I can see that compiles
  • c

    calm-tent-21096

    04/03/2022, 6:41 PM
    does someone have an example of (any) resource being created with user-assigned identity?
    e
    • 2
    • 3
  • i

    important-sugar-9877

    04/04/2022, 12:08 PM
    Hello, whats the currently recommended way to use existing ServiceCatalog/Cloudformation templates with pulumi and python? What i have tried so far: 1. The template converter (https://www.pulumi.com/cf2pulumi/) but that leads to a bug https://github.com/pulumi/pulumi-aws-native/issues/429 2. Importing (for example) IAM users with “pulumi import aws:iam/user:User…” but the resulting code is missing properties that are present/configurable in my existing template So how would i best go about using an existing IAMUser template, import it into pulumi and pass in the required variables to create different IAM users?
    e
    • 2
    • 11
  • s

    stocky-butcher-62635

    04/04/2022, 3:33 PM
    Hello. Completely new to this. I've inherited a
    csproj
    that looks like this. What do I do with it?
  • s

    stocky-butcher-62635

    04/04/2022, 3:35 PM
    I downloaded something and added
    C:\Users\Richard Barraclough\.pulumi\bin
    to my
    %PATH
    but running the programme just says
    System.InvalidOperationException: 'Program run without the Pulumi engine available; re-run using the
    pulumi
    CLI'
    b
    • 2
    • 3
  • s

    stocky-butcher-62635

    04/04/2022, 3:36 PM
    It can't possibly do anything in Azure because it has no credentials. I see there are two things in the pulumi website that seem to correspond to the two yml files, but again there are no credentials so I don't see how they're relevant
    b
    • 2
    • 1
  • s

    stocky-butcher-62635

    04/04/2022, 3:53 PM
    OK, so it's not actually a C# programme, it's just something for the
    pulumi
    command to read. And it needs AzureCLI installing So what about the yml files? Thre seems to be some information that's written in C# and some more information that's written in yml?
    b
    • 2
    • 12
  • a

    acoustic-tiger-77630

    04/04/2022, 6:36 PM
    Hey guys. I am new around here and on Pulumi. Coming from a Terraform provider development background. I am curious to know what materials, videos, etc you recommend as a starting point, to start developing a Pulumi provider. Thanks
    g
    • 2
    • 2
Powered by Linen
Title
a

acoustic-tiger-77630

04/04/2022, 6:36 PM
Hey guys. I am new around here and on Pulumi. Coming from a Terraform provider development background. I am curious to know what materials, videos, etc you recommend as a starting point, to start developing a Pulumi provider. Thanks
g

great-queen-39697

04/04/2022, 9:14 PM
We've got a few things to get you started. • Our YT channel has some videos on providers: https://www.youtube.com/c/PulumiTV/search?query=provider • We've got a boilerplate for building a native provider (and I'd read that and then ask more questions as there may be things that might be confusing!): https://github.com/pulumi/pulumi-provider-boilerplate • And a blog post for you: https://www.pulumi.com/blog/dynamic-providers/ These are about native providers. If you want to build off of the Terraform community's bridge, there's some other ones for you. Do these help?
a

acoustic-tiger-77630

04/04/2022, 10:45 PM
Thank you Laura. I’ll take a look at these resources shortly. Much appreciated the prompt response 🙂
🙌 1
View count: 3