https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
getting-started
  • g

    glamorous-australia-21342

    10/04/2022, 7:36 PM
    I for the life of me can't figure out how Pulumi wants me to convert this output... Error:
    snaptshotRedirectCnames not empty!
        ######################
        Calling [toString] on an [Output<T>] is not supported.
        To get the value of an Output<T> as an Output<string> consider either:
        1: o.apply(v => `prefix${v}suffix`)
        2: pulumi.interpolate `prefix${v}suffix`
        See <https://pulumi.io/help/outputs> for more details.
        This function may throw in a future version of @pulumi/pulumi.
        ######################
        ######################
        Calling [toString] on an [Output<T>] is not supported.
        To get the value of an Output<T> as an Output<string> consider either:
        1: o.apply(v => `prefix${v}suffix`)
        2: pulumi.interpolate `prefix${v}suffix`
        See <https://pulumi.io/help/outputs> for more details.
        This function may throw in a future version of @pulumi/pulumi..Calling [toString] on an [Output<T>] is not supported.
        To get the value of an Output<T> as an Output<string> consider either:
        1: o.apply(v => `prefix${v}suffix`)
        2: pulumi.interpolate `prefix${v}suffix`
        See <https://pulumi.io/help/outputs> for more details.
        This function may throw in a future version of @pulumi/pulumi.
        ######################
    Function
    export function snapshotRediretionCnames(subDomains: string[]) {
      const cnames: string[] = []
      subDomains.forEach(function (subDomain) {
        // Does subdomain have -v ?
        if (subDomain.indexOf('-v') > -1) {
          // Does it exist in cnames?
          if (cnames.length > 0) {
            let networkInCnames = false
            let cnameToReplace = ''
            cnames.forEach(function (cname) {
              const subDomainNetwork = subDomain.split('-v')[0]
              if (cname.indexOf(subDomainNetwork) > -1) {
                networkInCnames = true
                cnameToReplace = cname
              }
            })
            // If network is in cname
            if (networkInCnames) {
              // Does is the version higher than what exists?
              const subDomainVersion = subDomain.replace(/[^0-9]/g, '')
              const cnameVersion = cnameToReplace.replace(/[^0-9]/g, '')
              if (subDomainVersion < cnameVersion) {
                // If the subDomain is newer than the cname we're replacing it
                const index = cnames.indexOf(cnameToReplace)
                if (index !== -1) {
                  cnames[index] = subDomain
                }
              }
            } else {
              cnames.push(subDomain)
            }
    
          } else {
            cnames.push(subDomain)
          }
        }
      })
      return pulumi.interpolate`${cnames}`
    }
    Caller:
    const allSubdomains = shotsDeployments.map((s) => s.subdomain!)
    shotsDeployments.forEach(
      (shot) =>
        new TezosShotsDeployment(
          { ...shot, allSubdomains },
          { provider: cluster.provider }
        )
    )
    
    const snapshotRedirectionCnames = snapshotRediretionCnames(allSubdomains)
    if(snapshotRedirectionCnames){
      snapshotRedirectionCnames.apply(cnames=>{
        cnames.split("\n").forEach(function(cname){
          const output = pulumi.interpolate`${cname}`
          console.log(`snaptshotRedirectCnames not empty!`)
          console.log(`######################`)
          console.log(`${snapshotRedirectionCnames}`)
          console.log(`######################`)
          const network = output.apply(cname => pulumi.interpolate`${cname.split('-v')[0]}`)
          console.log(`######################`)
          console.log(`${network}.${xtzshotsZone.name}`)
          console.log(`######################`)
        })
      })
    }
    I've tried every combination of
    pulumi.interpolate
    and
    output.apply
    that I can think of, but I can't seem to get this object parsed from an Output<T> to a string. If someone could take a look and let me know what I could be doing wrong, that would be most appreciated. šŸ˜„
    e
    • 2
    • 7
  • w

    wooden-vegetable-26535

    10/05/2022, 7:31 AM
    Hello everyone šŸ™‚ I am currently working with the pulumi rest api to provide data to a cli script. I query
    api/stacks/<org>/<project>/<stack>/export
    to get a stacks output. Some of those outputs are encrypted, and i need a way to decrypt those for my script. Is there a way to decrypt the encrypted outputs of a stack/export rest api call without using the pulumi cli/sdk? Can you point me to documenation for this use case?
    g
    e
    • 3
    • 13
  • r

    rhythmic-tailor-1242

    10/08/2022, 4:26 PM
    Hi, What is
    publicKey
    in
    aws.ec2.KeyPair
    ? is it my
    AWS_ACCESS_KEY_ID
    ?
    e
    b
    • 3
    • 3
  • e

    echoing-dinner-19531

    10/08/2022, 4:29 PM
    Looks like the policy pack can't find the "pulumi" python module. Do you have a virtual environment setup for your program?
    a
    e
    • 3
    • 4
  • e

    early-cat-34152

    10/10/2022, 8:27 AM
    My Pulumi deployment to a custom cluster in Minikube keeps hanging on "Please enter Username". This seems to come from
    kubectl
    . But
    kubectl
    on the CL works fine. How can I find out which user Pulumi is using for authentication?
    e
    • 2
    • 8
  • e

    early-cat-34152

    10/10/2022, 11:41 AM
    How to create a native Kubernetes cluster using Pulumi? That is, when I'm not using a cloud provider. Does/will Pulumi support the cluster API?
    b
    • 2
    • 1
  • r

    refined-engine-12125

    10/11/2022, 4:15 PM
    Q: How do I add resources to a VPC? E.g., I can create a VPC, but how do I add s3, dynamodb tables, clusters, fargate, etc to the vpc? Of course, I want to create the standard dev/prod/stage vpcs and have them isolated from each other, etc.
    b
    p
    • 3
    • 30
  • a

    able-ability-11203

    10/11/2022, 4:59 PM
    Hello everyone! A noob question here. I am (test-drivenly!) building a stack for DBMS, on python. Currently (at both docker and yandex-cloud providers I use) Pulumi considers stack up if resources are created, but not ready yet, and I need to wait (or, more correctly, try connecting with a backoff) before starting my tests. Is there a way to move this readiness check into stack logic, so that
    up
    command is completed on definitely ready stack? Should I do a custom provider, or a local Command perhaps? I am off k8s at the moment (as I know it has a notion of readiness probes etc), going by sole containers for dev and pure VMs for prod. This probably extends to eventual regular checks of infrastructure, that
    pulumi up
    will conduct when run by cron, as that's the IaaC way, right? šŸ˜‰ Thanks!
  • a

    able-ability-11203

    10/11/2022, 5:35 PM
    UPD: SOLVED. Hey everyone! I am trying to develop several projects using local login (
    file://~
    ), both having the same sets of stacks (like
    dev
    ). But when doing
    pulumi stack init dev
    at the second project. Pulumi tells me that stack
    dev
    already exists. My structure is like depicted here (as in docs).
    l
    b
    m
    • 4
    • 7
  • c

    creamy-window-21036

    10/11/2022, 7:40 PM
    Hi everyone, I am trying to write a microservice which will do provision infrastructure, want to store states in aws s3 bucket. Is there a way to initialize automation class using hardcoded aws credentials, I mean without aws configure ar without setting
    AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN
    from pulumi import automation as auto
    
    
    def program():
        pass
    
    
    auto.create_stack(
        stack_name="Dev",
        project_name="MyfirstProject",
        program=program,
        opts=auto.LocalWorkspaceOptions(
            project_settings=auto.ProjectSettings(
                name="Test",
                runtime="python",
                backend=auto.ProjectBackend(url="<s3://test-bucket>")
            )
        )
    )
    a
    d
    b
    • 4
    • 29
  • c

    clean-controller-92732

    10/11/2022, 11:27 PM
    Is there a way to tell pulumi to update aws tags? It appears that it has identified that there’s a difference in tags, but doesn’t actually do anything about it.
    updating stack...
    Updating (test22):
    
        pulumi:pulumi:Stack AUTOIAM-TAMTOOL-test22 running
        aws:iam:User test22  [diff: ~tags]
     ~  aws:iam:UserPolicy useast-partner-datafeed updating [diff: ~policy]
     ~  aws:iam:UserPolicy useast-partner-datafeed updated [diff: ~policy]
        pulumi:pulumi:Stack AUTOIAM-TAMTOOL-test22
    
    Resources:
        ~ 1 updated
        2 unchanged
    b
    l
    c
    • 4
    • 39
  • f

    few-carpenter-12885

    10/12/2022, 5:19 PM
    šŸ‘‹ Hey All, just starting to piece together a larger stack for the first time and starting to deal with
    Output<string>
    types. I'm dealing with a MongoDB URI, db name, and an associated username/password. I have all 4 of these as outputs, and i am trying to form them into a proper MongoDB connection string. This involves taking the URI in the format
    <mongodb+srv://mycluster.randomchars.mongodb.net>
    and inserting the username/password to form this format:
    mongodb+srv://<username>:<password>@mycluster.randomchars.mongodb.net/<dbName>
    . The problem I have is that I need to do some sort of replace in order to retain the
    mycluster.randomchars
    section of the URI - this means that
    pulumi.interpolate
    is not sufficient for my use-case. Any suggestions where I can go from here? Just keep them separate and form them properly in the application?
    b
    l
    • 3
    • 9
  • a

    ancient-nightfall-54764

    10/13/2022, 7:23 AM
    Hey All, Just want to know. I have created 2 pulumi cloudfront aws and every I run the pulumi with no changes in the code or changes code one of them, the cloudfront always update (deploying) and disabled both of cloudfront. Anybody know what is feature should I used to handle that situation? Thanks
  • w

    witty-vegetable-61961

    10/14/2022, 2:21 PM
    quick question. im spinning up some infra for an azure project. Should I use one pulumi project to provisiion all my resources or shouild I have seperate projects?
    b
    a
    • 3
    • 3
  • p

    polite-ocean-13631

    10/14/2022, 3:25 PM
    Are there any examples (preferably in Python) that use
    aws.cloudwatch.EventTarget
    with the
    ecs_target
    parameter? I have the parameter set to a
    aws.cloudwatch.EventTargetEcsTargetArgs
    with
    task_definition_arn
    set to the ARN of my task definition, but after bringing the stack up the AWS console shows no targets for the EventBridge rule, and no tasks are created from the task definition even though the
    EventTarget
    is using a rule that should run it on a schedule every few minutes.
  • p

    polite-ocean-13631

    10/14/2022, 4:22 PM
    Is it possible to export an
    Output
    wrapped value? I can't do
    pulumi.export(name='export-name', value=x)
    because
    x
    is of type
    Output
    , but when I rewrite that to use
    x.apply(fn)
    where
    fn
    calls
    pulumi.export
    the name & value don't appear with the other exported values. Tossing a
    print
    statement in there reveals in the diagnostics that it is being run, and the correct name/value pairs get through, but despite that they don't seem to get exported.
    m
    e
    • 3
    • 3
  • g

    green-bird-4706

    10/16/2022, 11:06 PM
    I want to migrate my SnowFlake provider from Terrform to Pulumi. I have set my
    private_key
    (rsa certicate) and
    private_key_passphrase
    in the Terrform provider. I would like to add these as config secrets in Pulumi, but looking at the docs it only has the option to set the path to the certificate?
    b
    • 2
    • 2
  • f

    few-plastic-88435

    10/17/2022, 12:38 PM
    Hi, Im using Pulumi with YAML. How can I make a condition to check if a resource exists to avoid that Pulumi shows me an error telling me that the resource already exists in the AWS Cloud ?. Regards,
    b
    • 2
    • 1
  • q

    quaint-hydrogen-7228

    10/18/2022, 6:52 AM
    I have been playing around a bit with Crosswalk for AWS using Python. As far as I can see, there are some example code snippets for multiple languages at the Crosswalk for AWS webpage (https://www.pulumi.com/docs/guides/crosswalk/aws/), but I could not see an actual API reference for the different classes etc available in Crosswalk. The intellisense experience in VS Code and Pylance left a bit to be desired here, so looked into the Typescript source code in Github to get a better idea of what was available beyond the code examples on the webpage. Is there another place for such docs, or is that the approach to use currently?
    p
    • 2
    • 3
  • b

    brave-motorcycle-67487

    10/18/2022, 7:58 PM
    While importing existing infrastructure, I've gotten myself into a bit of a state that I'm not sure how to get out of. If you're interested in the long context of how I got there, see https://github.com/pulumi/pulumi-aws-native/issues/660 , but right now I have a resource that's in the stack but I can't seem to do anything that will cause
    pulumi up
    to not make changes to it: • If I provide any value for the
    listener_arn
    field in the auto-generated code, Pulumi attempts to update it via AWS's API and that fails because it has to be set on creation. • If I don't provide
    listener_arn
    , Pulumi errors out because it's a required field. • If I don't define the resource at all, Pulumi errors out because it would attempt to delete it from AWS (but thankfully
    protect=True
    ) I'd like to either back out of the import or move forward in a no-op way, but I'm not sure how to do either of those. I think my options are 1. Set up
    replace_on_changes
    to let Pulumi delete and recreate the resource in AWS. Theoretically fine, but since this is in-use infrastructure and I'm just getting this set up for the first time, I'm nervous about this happening correctly. 2. Do some sort of stack edit to remove the imported resource, and try it again but with
    aws
    instead of
    aws-native
    . I'm not sure how I would do this, and it seems like the sort of dangerous path that I shouldn't be pursuing as a beginner. 3. Do some sort of stack edit to fix the imported resource so it correctly knows what is set up in AWS and doesn't try to make any changes to it. Similarly sounds risky. Any advice on a path out of this? I haven't yet learned many of the tools for dealing with problems I create in Pulumi. šŸ˜’imple_smile:
    b
    • 2
    • 4
  • b

    brave-motorcycle-67487

    10/18/2022, 8:59 PM
    related question: how do I find out what the right resource type is to pass to
    pulumi import
    ? I thought it would be the type field in the yaml tab of the docs, but that seems inconsistent: •
    type: aws-native:elasticloadbalancingv2:ListenerRule
    ->
    aws-native:elasticloadbalancingv2:ListenerRule
    •
    type: aws:s3:Bucket
    ->
    aws:s3/bucket:Bucket
    •
    type: aws:lb:ListenerRule
    -> ??? (not any of:
    aws:lb:ListenerRule
    ,
    aws:lb/listenerrule:ListenerRule
    ,
    aws:lb/loadbalancer:ListenerRule
    ) I assume there is some other place to look this up that I'm just missing
    b
    • 2
    • 4
  • f

    few-carpenter-12885

    10/19/2022, 3:30 PM
    Hello, I'm making use of the Automation API to spin up some infrastructure. However, this process takes ~5-10 mins because of the resources being created/modified. Is there a recommended way to report some sort of progress of the stack being spun up? Would hitting the Pulumi REST API to get the stack and resource statuses be a good way to do that?
    b
    • 2
    • 5
  • m

    millions-train-91139

    10/20/2022, 8:53 AM
    Hi, I created my first PR for pulumi: https://github.com/pulumi/pulumi/pull/11095 The PR is adding base functionality discussed here: https://github.com/pulumi/pulumi-postgresql/issues/167 In short - it’s about not requiring to delete child resources when deleting the parent resource in scenarios where deleting the parent resource on the provider already deletes child objects (Think about the time wasted getting valid credentials connecting to SQL databases and running queries that delete roles when you want to delete the database itself) Would love to join channels that can be relevant for extending pulumi / postgres and gcp functionality šŸ™‚
    b
    • 2
    • 1
  • h

    helpful-baker-38839

    10/20/2022, 4:19 PM
    Is there a prescribed way to track down things like
    TypeError: 'NoneType' object is not subscriptable
    ? If verbose logging is telling me what object is NoneType, I’m not finding it.
    b
    • 2
    • 2
  • f

    few-carpenter-12885

    10/21/2022, 6:55 PM
    I often run into
    Resource monitor is terminating
    errors during development. I'm assuming this is because the stack hasn't reached a final state after a failure or cancellation. I'm using the Automation API - is there any way I can safeguard against this error? Would checking the state of the stack work for this or inspecting the refresResult?
    l
    • 2
    • 5
  • s

    sparse-intern-71089

    10/26/2022, 1:26 AM
    This message was deleted.
    l
    s
    • 3
    • 5
  • t

    thousands-area-40147

    10/26/2022, 8:56 PM
    Turns out you do in fact need the master pw to a DB cluster from time to time :melting_face: Currently it's only registered as a RandomPassword resource and not available in plaintext—is there any way to access it in plaintext without logging it to the console by using the
    .apply( v => console.log( v ) )
    method?
    b
    • 2
    • 2
  • p

    prehistoric-waitress-34998

    10/27/2022, 2:19 PM
    Hi folks, having a little problem setting up the gitlab webhook. I’ve set everything up as per the docs, but am getting a 401 in Gitlab when testing. I’ve had a search of the troubleshooting guide, and slack posts but can’t see what the issue is. The access token works fine in the CI itself. I’ve set up my pulumi org to identify with gitlab, and have deleted the original pulumi access token, logged out, logged back in via gitlab, and recreated a token in the org, but it’s still throwing an error. Can anyone help?
    b
    • 2
    • 5
  • i

    icy-pilot-31118

    10/27/2022, 3:04 PM
    Hello is there anyway I can setup MFA required to log into Pulumi for security purposes?
    b
    • 2
    • 9
  • c

    curved-application-45650

    11/01/2022, 8:35 PM
    This might be a little bit out of scope, but has anyone here had to deal with single tenant architecture using Pulumi & Kubernetes? Currently trying to figure out the best approach to handle continous delivery/continous deployments for hundreds of tenants. Each tenant has a Pulumi stack with a virtual kubernetes cluster and an almost identical environment, that can be created on demand. Codefresh (Argo CD) seems to be a good choice because of pricing, Argo Application Set and Argo Rollout, but having to render Kubernetes manifests to YAML and commit them for GitOps to work is cumbersome. I've had a look at Harness, CodeDeploy, Armory & Octopus Deploy as alternatives, but they're way too expensive. Any pointers perhaps? 😁
    g
    d
    • 3
    • 5
Powered by Linen
Title
c

curved-application-45650

11/01/2022, 8:35 PM
This might be a little bit out of scope, but has anyone here had to deal with single tenant architecture using Pulumi & Kubernetes? Currently trying to figure out the best approach to handle continous delivery/continous deployments for hundreds of tenants. Each tenant has a Pulumi stack with a virtual kubernetes cluster and an almost identical environment, that can be created on demand. Codefresh (Argo CD) seems to be a good choice because of pricing, Argo Application Set and Argo Rollout, but having to render Kubernetes manifests to YAML and commit them for GitOps to work is cumbersome. I've had a look at Harness, CodeDeploy, Armory & Octopus Deploy as alternatives, but they're way too expensive. Any pointers perhaps? 😁
g

gorgeous-minister-41131

11/02/2022, 9:18 PM
Interesting you say baking the manifests to YAML for ArgoCD is cumbersome since GitOps is the direction we are slowly taking. There are some pros and cons. I do know Pulumi lets you just render the YAML for this purpose. It's a workflow that we may end up going with since we started using ArgoCD with helmfile (currently). However, I've used the Pulumi k8s provider before and it works great as a way to abstract away the gotemplate and do last-mile transforms.
d

damp-honey-93158

11/03/2022, 9:38 AM
I’d like to discuss this too - we have ephemeral aks environments, with a ā€œprojectā€ stack to set up the main RG/Storage/Loganalytics and then developers start up as many stacks (aks clusters) as they want - which make use of the aforementioned bits. Devs are simply working with az cli + pulumi directly. We don’t yet have the per-dev environments checked into source control + pipelined.
c

curved-application-45650

11/05/2022, 7:17 PM
@damp-honey-93158 have you considered using something like https://loft.sh? It's great for dev/ephemeral environments.
As for my problem; I intend to try to solve it with the new Deployments API, Unleash, Keptn & Flagger for progressive continuous delivery/deployment.
d

damp-honey-93158

11/24/2022, 12:08 PM
@curved-application-45650 I haven't looked at this - mostly because I was trying to build a pulumi/stack based system that replicates production for use in dev - and secondly because I didn't know it existed šŸ™‚ Thanks for the tip though!
View count: 3