pulumi-community #golang

golang

creamy-engine-1851

12/07/2020, 8:04 PM

I have a question about types. I have a

pulumi.StringArrayOutput

that I'm exporting through

ctx.Export

. When I'm importing this through

StackReference.GetOutput

in another stack I'm getting an

pulumi.AnyOutput

. How do I convert it? Should I use

.ApplyStringArray

in some way?

gifted-city-99717

12/12/2020, 2:48 AM

Are there any plans to support crosswalk (eg: the TS awsx package) for golang? And if so when do y’all plan on releasing it? Need any beta users?

microscopic-agent-70604

12/17/2020, 12:46 PM

Hello. I have var []pulumi.Resource and var *v1.ServiceAccount. I appended SA to pulumi resource and used it as a dependency (pulumi.DependsOn). After update of pulumi-kubernetes from 2.7.1 to 2.7.2 I get this error error: program failed: cannot marshal an input of type *v1.ServiceAccount with element type v1.ServiceAccount as a value of type pulumi.Resource. Can somebody explain, why it happens and what to do? I tried to look through the changelog and found nothing.

ambitious-salesmen-39356

12/17/2020, 7:10 PM

I'm having a similar experience to @creamy-engine-1851 - it is sometimes difficult to figure out how to get the data out of many of these custom types. As an example, retrieving the cluster cachenode DNS addresses from an AWS elasticache cluster is baffling me at the moment. The object is of type

elasticache.ClusterCacheNodeArrayOutput

and despite the fact that it appears to be just a slice of maps, it's not iterable.

hallowed-agent-41624

12/18/2020, 12:48 PM

Hi, I have one minor question. I would like to deploy linkerd via its helm chart and therefore I need to set some certificates via --set-file. Is there an equivalent for helm charts in pulumi to pass a file as Value like set-file does?

tall-needle-56640

12/20/2020, 7:08 AM

In stack.go, what is the concurrency in Run() trying to accomplish? I'm not a Go programmer, but it appears that

pulumi.RunWithContext()

can be run concurrently because it is not called within a lock. Is that desired? Or is all this concurrent code just to protect the state? NOTE: I am trying to port this code to C#

prehistoric-kite-30979

12/21/2020, 12:21 PM

Hi all, I'm trying to write a text/template callback helper... I have the following code which works with a unit test, but not if I call

pulumi up

func Template(tmpl string, data interface{}) pulumi.StringOutput {
	any := pulumi.Any(data)
	return pulumi.All(tmpl, any).ApplyString(func(v interface{}) (string, error) {
		args := v.([]interface{})
		toParse := args[0].(string)
		fields := args[1].(interface{})
		Debug(fields, "test")
		var buf bytes.Buffer
		parsed, err := template.New("tmpl").Parse(toParse)
		if err != nil {
			return "", err
		}

		if err := parsed.Execute(&buf, fields); err != nil {
			return "", err
		}
		return buf.String(), nil
	})
}

important-appointment-55126

12/21/2020, 3:11 PM

@prehistoric-kite-30979 i wrote a little Go package that basically does the same thing; https://pkg.go.dev/github.com/gwatts/pulutil/template/

important-appointment-55126

12/21/2020, 3:12 PM

This example just maps some fields into a template; https://pkg.go.dev/github.com/gwatts/pulutil/template/#example-New

important-appointment-55126

12/21/2020, 3:13 PM

This one is a bit more concrete (and does an extra step of validating that the template output is valid json) https://pkg.go.dev/github.com/gwatts/pulutil/template/#example-NewJSON

prehistoric-kite-30979

12/21/2020, 3:14 PM

thanks, will take a look and see if I can work out what I've done differently

prehistoric-kite-30979

12/21/2020, 3:19 PM

What was the reason you chose to go with the

map[string]interface

interface?

important-appointment-55126

12/21/2020, 3:37 PM

seemed like the most natural way to map values into the template

ambitious-salesmen-39356

12/22/2020, 4:16 PM

Is there a better way to handle JSON policy documents (thinking AWS IAM, bucket policies here) than just a huge mangled string?

microscopic-agent-70604

12/25/2020, 8:53 PM

Hi. Is there a way to understand at runtime that it is a preview? I have logic in pulumi, that make nslookup in applier function. And it waits in the applier until nslookup returns for example 3 addresses. But during the preview my changes are not applied and code hangs in the endless loop like waiting for the wrong amount of ip addresses to return. So I'd like to remove this condition when preview is running. I've found pulumi.runtime.isDryRun() only in TypeScript.

✔️ 1

fast-airplane-27344

12/29/2020, 12:08 AM

Hi, Anybody know how to create aws ASG and attach it to an EKS? Do we have an example in Golang? I can only find one in TypeScript.

magnificent-restaurant-51456

01/05/2021, 8:00 AM

Hello All, I am a beginner to pulumi. Are there texts or videos to start with creating multiple go files for each resource inside a project?

proud-animal-24343

01/06/2021, 7:46 PM

Hi, is someone able to help me understand why this line in plogin_install.go is configured to log as an error?

cmdutil.Diag().Infoerrf(diag.Message("", "%s installing"), label)

Shouldn't it us the same logging logic as other messages in that script, e.g...

logging.V(1).Infof("%s installing", label)

magnificent-restaurant-51456

01/07/2021, 6:46 AM

for pulumi over http, how should we configure azure/aws secrets?

magnificent-restaurant-51456

01/07/2021, 8:40 AM

I just tried pulumi over http using golang and it worked but I experienced delay in getting the stack in action after I submit my request to the api. It almost took 2 mins to start the execution in pulumi cloud but the execution completed in 2 mins. I only tried to create a resource group in azure which is a very small resource but I experience a little delay in starting the execution. Could you please suggest what is that missing here

broad-dog-22463

01/07/2021, 4:03 PM

@magnificent-restaurant-51456 this is because it needs to build the go project first - it's a known performance problem I'm afraid 😕

magnificent-restaurant-51456

01/12/2021, 9:42 AM

Hello, I get this error when I run the basic example given for kubernetes deployment. cannot use ctx (type *"github.com/pulumi/pulumi/sdk/go/pulumi".Context) as type *"github.com/pulumi/pulumi/sdk/v2/go/pulumi".Context in argument to "github.com/pulumi/pulumi-kubernetes/sdk/v2/go/kubernetes/apps/v1".NewDeployment. can someone help?

magnificent-restaurant-51456

01/12/2021, 11:25 AM

I tried to write an automation api with revel framework but when I declare the variable S for new stackinlinestack, I get S as invalid type. Am i missing anything?

package controllers

import (

"context"

"<http://github.com/pulumi/pulumi-azure/sdk/go/azure/core|github.com/pulumi/pulumi-azure/sdk/go/azure/core>"

"<http://github.com/pulumi/pulumi/sdk/go/pulumi|github.com/pulumi/pulumi/sdk/go/pulumi>"

"<http://github.com/pulumi/pulumi/sdk/v2/go/x/auto|github.com/pulumi/pulumi/sdk/v2/go/x/auto>"

"<http://github.com/revel/revel|github.com/revel/revel>"

type ResourceNames struct {

`RgName string `json:"rgname"`` `StorageName string `json:"storage_name"``

type CreateReq struct {

`StackName string `json:"stackname"`` `ProjectName string `json:"project_name"``

Resources   []ResourceNames

func (c App) CreateResourceGroup() revel.Result {

ctx := context.Background()

c.Params.BindJSON(&<http://c.cr|c.cr>)

program := createRgProgram(c.rn.RgName)

s, err := auto.NewStackInlineSource(ctx, <http://c.cr|c.cr>.StackName, <http://c.cr|c.cr>.ProjectName, program)

if err != nil {

if auto.IsSelectStack404Error(err) {

return c.RenderText("stack already exists")

return c.RenderText(err.Error())

s.SetConfig(ctx, "azure.clientId", auto.ConfigValue{Value: ""})

return c.Render()

func createRgProgram(Name string) pulumi.RunFunc {

return func(ctx *pulumi.Context) error {

// our program defines a s3 website.

// here we create the bucket

resourceGroup, err := core.NewResourceGroup(ctx, "testpulumi", &core.ResourceGroupArgs{

Location: pulumi.String("westindia"),

Name:     pulumi.String(Name),

Tags: pulumi.StringMap{

"Created_By": pulumi.String(""),

"Purpose":    pulumi.String("test pulumi"),

"Start_Date": pulumi.String("16-Nov-2020"),

"End_Date":   pulumi.String("16-Jan-2020"),

},

})

if err != nil {

return err

// export the website URL

ctx.Export("resourceGroupName", resourceGroup.Name)

return nil

magnificent-restaurant-51456

01/12/2021, 11:33 AM

are there any examples of managing kubernetes workload with golang?

prehistoric-kite-30979

01/15/2021, 11:55 AM

Hi all, I need something similar to a dynamic provider in Go. As this isnt supported, how have other people been doing this? My initial use case is creating a MySQL schema after creating an rds instance.

➕ 1

lemon-agent-27707

01/26/2021, 7:02 PM

Announcement: We just removed some numerical types from the Go SDK that were unused in our type system (no providers consumed or produced these types). This results in a substantial improvement to binary sizes for go. We've seen ~50% decrease in resulting binary size from the tests we've done. We don't expect that anyone was consuming these types, but if so you'll now be responsible for converting numerical types. If we've overlooked a serious use case here, please let us know. https://github.com/pulumi/pulumi/pull/6143

🎉 3

mammoth-honey-6147

02/01/2021, 4:16 PM

noobie question - How do I print an array of Pulumi types with

ctx.Export

? I've tried looping round:

for _, subnet := range subnets {
			ctx.Export("Subnet CIDR", subnet.CidrBlock)
			ctx.Export("Subnet AZ", subnet.AvailabilityZone)
		}

But, predictably, it only prints the last element in the array

big-state-95297

02/11/2021, 8:48 PM

Question - What happens to an error returned by the function passed to

ApplyT(...)

? E.g.

eksCluster.NodeSecurityGroup.ApplyT(func() (*ec2.SecurityGroupRule, error) { return nil, fmt.Errorf("Test failure")})

. Can I inspect the error and return error from

pulumi.Run

if the inner function fails?

salmon-account-74572

02/26/2021, 8:00 PM

I know the answer is going to be "use `Apply`", but I'm having some trouble with the specifics. 🙂 I'm trying to get the IP address of an instance launched on EC2 as a string. So far I've tried

ApplyT

and

ApplyString

variations of this snippet:

ipAddrList[0] = bastion.PrivateIp.ApplyString(func(ipAddr string) string {
	return string(ipAddr)
})

What am I missing?

👀 1

icy-london-58403

03/04/2021, 5:56 PM

Hi All. I’m trying to build an egress VPC in AWS. I want the traffic to flow through the new AWS Network Firewall and then to the NAT. So I’m setting up the route tables to point to the endpoint (network interface) of each network firewall subnet attachment in my VPC. There is one firewall subnet per az and I’m usually in 4 AZs. The image shows just one of those AZs. I’ve created the following network firewall:

go
import (
	"fmt"

	"<http://github.com/pulumi/pulumi-aws/sdk/v3/go/aws/ec2|github.com/pulumi/pulumi-aws/sdk/v3/go/aws/ec2>"
	"<http://github.com/pulumi/pulumi-aws/sdk/v3/go/aws/ec2transitgateway|github.com/pulumi/pulumi-aws/sdk/v3/go/aws/ec2transitgateway>"
	"<http://github.com/pulumi/pulumi-aws/sdk/v3/go/aws/networkfirewall|github.com/pulumi/pulumi-aws/sdk/v3/go/aws/networkfirewall>"
	"<http://github.com/pulumi/pulumi/sdk/v2/go/pulumi|github.com/pulumi/pulumi/sdk/v2/go/pulumi>"
)
---
	vpc.NetworkFirewall, err = networkfirewall.NewFirewall(ctx, args.Vpc.Name, &networkfirewall.FirewallArgs{
		Name:                           pulumi.String(args.Vpc.Name),
		Description:                    pulumi.String("default policy"),
		DeleteProtection:               nil,
		FirewallPolicyArn:              networkFirewallPolicy.Arn,
		FirewallPolicyChangeProtection: nil,
		SubnetChangeProtection:         nil,
		SubnetMappings:                 firewallSubnets,
		Tags:                           nil,
		VpcId:                          vpc.VPC.ID(),
	}, pulumi.Parent(vpc))
	if err != nil {
		ctx.Log.Error(fmt.Sprintf("Error creating firewall: %s", err), nil)
	}

My Pulumi State Shows the VPC Endpoints are there and under

Firewall Status

of the resource: `firewallStatuses`:

json
[
  {
    "syncStates": [
      {
        "attachments": [
          {
            "endpointId": "vpce-038548f15fa6927f9",
            "subnetId": "subnet-057838182632334cf"
          }
        ],
        "availabilityZone": "us-west-2b"
      },
      {
        "attachments": [
          {
            "endpointId": "vpce-052c1fe00e3002431",
            "subnetId": "subnet-0f24562826576b492"
          }
        ],
        "availabilityZone": "us-west-2d"
      },
      {
        "attachments": [
          {
            "endpointId": "vpce-033845950fa44833d",
            "subnetId": "subnet-02512de4df02e02cd"
          }
        ],
        "availabilityZone": "us-west-2a"
      },
      {
        "attachments": [
          {
            "endpointId": "vpce-0f21d83ca409e4aaf",
            "subnetId": "subnet-049fbb85c726d1b36"
          }
        ],
        "availabilityZone": "us-west-2c"
      }
    ]
  }
]

I just don’t know how to get those out of the Firewall in golang. The docs show an outpu of the NetworkFirewall:

FirewallStatuses

[]FirewallFirewallStatus

So I would think I would just range over this and get the ID’s one at a time. But you can’t range over it and my IDE thinks that the type of

NetworkFirewall.FirewallStatuses

networkfirewall.FirewallFirewallStatusArrayOutput

I can’t seem to get anything useful out of this. Any thoughts?

✅ 1

Title

icy-london-58403

03/04/2021, 5:56 PM

go
import (
	"fmt"

	"<http://github.com/pulumi/pulumi-aws/sdk/v3/go/aws/ec2|github.com/pulumi/pulumi-aws/sdk/v3/go/aws/ec2>"
	"<http://github.com/pulumi/pulumi-aws/sdk/v3/go/aws/ec2transitgateway|github.com/pulumi/pulumi-aws/sdk/v3/go/aws/ec2transitgateway>"
	"<http://github.com/pulumi/pulumi-aws/sdk/v3/go/aws/networkfirewall|github.com/pulumi/pulumi-aws/sdk/v3/go/aws/networkfirewall>"
	"<http://github.com/pulumi/pulumi/sdk/v2/go/pulumi|github.com/pulumi/pulumi/sdk/v2/go/pulumi>"
)
---
	vpc.NetworkFirewall, err = networkfirewall.NewFirewall(ctx, args.Vpc.Name, &networkfirewall.FirewallArgs{
		Name:                           pulumi.String(args.Vpc.Name),
		Description:                    pulumi.String("default policy"),
		DeleteProtection:               nil,
		FirewallPolicyArn:              networkFirewallPolicy.Arn,
		FirewallPolicyChangeProtection: nil,
		SubnetChangeProtection:         nil,
		SubnetMappings:                 firewallSubnets,
		Tags:                           nil,
		VpcId:                          vpc.VPC.ID(),
	}, pulumi.Parent(vpc))
	if err != nil {
		ctx.Log.Error(fmt.Sprintf("Error creating firewall: %s", err), nil)
	}

My Pulumi State Shows the VPC Endpoints are there and under

Firewall Status

of the resource: `firewallStatuses`:

json
[
  {
    "syncStates": [
      {
        "attachments": [
          {
            "endpointId": "vpce-038548f15fa6927f9",
            "subnetId": "subnet-057838182632334cf"
          }
        ],
        "availabilityZone": "us-west-2b"
      },
      {
        "attachments": [
          {
            "endpointId": "vpce-052c1fe00e3002431",
            "subnetId": "subnet-0f24562826576b492"
          }
        ],
        "availabilityZone": "us-west-2d"
      },
      {
        "attachments": [
          {
            "endpointId": "vpce-033845950fa44833d",
            "subnetId": "subnet-02512de4df02e02cd"
          }
        ],
        "availabilityZone": "us-west-2a"
      },
      {
        "attachments": [
          {
            "endpointId": "vpce-0f21d83ca409e4aaf",
            "subnetId": "subnet-049fbb85c726d1b36"
          }
        ],
        "availabilityZone": "us-west-2c"
      }
    ]
  }
]

I just don’t know how to get those out of the Firewall in golang. The docs show an outpu of the NetworkFirewall:

FirewallStatuses

[]FirewallFirewallStatus

So I would think I would just range over this and get the ID’s one at a time. But you can’t range over it and my IDE thinks that the type of

NetworkFirewall.FirewallStatuses

networkfirewall.FirewallFirewallStatusArrayOutput

I can’t seem to get anything useful out of this. Any thoughts?

✅ 1

I need this to happen in the same pulumi up command so the same execution that creates the VPC also creates the firewall and the subnets and the route tables.

billowy-army-68599

03/04/2021, 6:06 PM

@icy-london-58403 you can range over it, but you'll need to use an

apply

because

networkfirewall.FirewallFirewallStatusArrayOutput

isn't actually known until it's created. I don't have a concrete example of your particular use case, but there's an example of ranging over an

ArrayOutput

here: https://github.com/pulumi/examples/blob/e942d6130cd402d48db56889581ce2db1879803f/kubernetes-go-guestbook/components/serviceDeployment.go#L55-L63

icy-london-58403

03/04/2021, 6:14 PM

@billowy-army-68599 let me give it a try. Thanks

@billowy-army-68599 any chance you know what’s wrong with this?

func (vpc *VPC) GetFirewallEndpointIDByZone(ctx *pulumi.Context, zone string) pulumi.StringOutput {
	ready := pulumi.All(vpc.NetworkFirewall.FirewallStatuses)
	return ready.ApplyT(func(statuses []networkfirewall.FirewallFirewallStatus) string {
		found := false
		for _, status := range statuses {
			for _, syncState := range status.SyncStates {
				getZoneResult, err := aws.GetAvailabilityZone(ctx, &aws.GetAvailabilityZoneArgs{
					AllAvailabilityZones: nil,
					Filters:              []aws.GetAvailabilityZoneFilter{},
					Name:                 syncState.AvailabilityZone,
					State:                nil,
					ZoneId:               nil,
				})
				if err != nil {
					ctx.Log.Error(fmt.Sprintf("Error: %s", err), nil)
				}
				if getZoneResult.ZoneId == zone {
					found = true
					return *syncState.Attachments[0].EndpointId
				}
			}
		}
		if !found {
			ctx.Log.Error(fmt.Sprintf("Error: Could not find firewall endpoint id in zone %s", zone), nil)
		}
		return ""
	}).(pulumi.StringOutput)
}

Error:

panic: applier must have 1 input parameter assignable from []interface {}

billowy-army-68599

03/04/2021, 10:20 PM

hmm, not offhand. @lemon-agent-27707 any ideas?

white-balloon-205

03/05/2021, 9:35 AM

Why did you want to use

All

here? That returns an

ArrayOutput

which has an underlying type of

[]interface{}

which is why applyt expects the argument to be of that type. You could change it to match what the error notes, and then convert. But I have a feeling you just don’t need the All call at all? (And would then pass a more strongly typed value to ApplyT so that you could use the applier you have above).

icy-london-58403

03/05/2021, 4:10 PM

@white-balloon-205

All

is just being used out of inexperience and ignorance

im trying it without

That did it!

// GetFirewallEndpointIDByZone
func (vpc *VPC) GetFirewallEndpointIDByZone(ctx *pulumi.Context, zone string) pulumi.StringOutput {
	ready := vpc.NetworkFirewall.FirewallStatuses
	return ready.ApplyT(func(statuses []networkfirewall.FirewallFirewallStatus) string {
		found := false
		for _, status := range statuses {
			for _, syncState := range status.SyncStates {
				getZoneResult, err := aws.GetAvailabilityZone(ctx, &aws.GetAvailabilityZoneArgs{
					AllAvailabilityZones: nil,
					Filters:              []aws.GetAvailabilityZoneFilter{},
					Name:                 syncState.AvailabilityZone,
					State:                nil,
					ZoneId:               nil,
				})
				if err != nil {
					ctx.Log.Error(fmt.Sprintf("Error: %s", err), nil)
				}
				if getZoneResult.ZoneId == zone {
					found = true
					return *syncState.Attachments[0].EndpointId
				}
			}
		}
		if !found {
			ctx.Log.Error(fmt.Sprintf("Error: Could not find firewall endpoint id in zone %s", zone), nil)
		}
		return ""
	}).(pulumi.StringOutput)
}

@white-balloon-205 and @billowy-army-68599 thanks so much 😃

Building a Proof of Concept Multip VPC Cross Account network that utilizes the AWS Network Firewall and Transit Gateway to share NAT gateways to all other VPCs as well as provide firewall rules for ingress and egress. I wouldn’t mind contributing it to some examples repo when I’m done -- if such a thing exists or is needed.

Diagram is work in progress too. But it’s roughly correct

white-balloon-205

03/06/2021, 4:32 AM

Awesome! We’re working on pulling together a site to link out to great components/examples - this looks like a great addition. @billowy-army-68599 is likely the right person to help make sure this gets added there!

👍 1

View count: 3