https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
google-cloud
  • a

    adorable-activity-71456

    09/09/2022, 8:02 PM
    We have a two stack set up (dev/prod) we built out the dev side just fine (@pulumi/gcp@6.32) and when we went to run it on the prod side we get a bunch of strange errors:
    Bestowinc/bestow-self-hosted/main (pulumi:pulumi:Stack)
    error: update failed
     
    prod-tai-windows-server-ip (gcp:compute:Address)
    error: error reading from server: EOF
     
    prod-tai-nat (gcp:compute:RouterNat)
    error: error reading from server: EOF
     
    prod-tai-sql-server (gcp:sql:DatabaseInstance)
    error: error reading from server: EOF
    Any Ideas? Full diagnostics in a thread…
    • 1
    • 1
  • b

    blue-leather-96987

    09/11/2022, 10:14 PM
    I am running into a weird issue. My Cloud Run services do not have their environment variables stored in pulumi. The https://www.pulumi.com/registry/packages/gcp/api-docs/cloudrun/service/#servicetemplatespeccontainer resource in the pulumi state is actually barely populated, it's not even an array
    • 1
    • 1
  • a

    adorable-activity-71456

    09/12/2022, 6:23 PM
    Hey, any joy/idea on this from Friday? https://pulumi-community.slack.com/archives/CRFUR2DGB/p1662753735357129
  • b

    brash-alligator-49865

    09/13/2022, 7:36 PM
    Hi everyone, lovely to be here! Love GCP and lova Pulumi!
  • q

    quiet-laptop-13439

    09/15/2022, 1:36 PM
    anyone knows how pulumi caches gcp credentials? I'm getting ACCESS_TOKEN_EXPIRED and logging in again doesn't help
  • q

    quiet-laptop-13439

    09/16/2022, 9:20 AM
    crickets
  • b

    brash-alligator-49865

    09/18/2022, 9:56 AM
    Hi all, was anyone able to make KMS work? I tried both options with existing project/region/keyring in https://www.pulumi.com/docs/intro/concepts/secrets/
  • b

    brash-alligator-49865

    09/18/2022, 9:56 AM
    but when i set up a secret it continues to use Pulumi local yaml 😕
  • b

    brash-alligator-49865

    09/18/2022, 9:56 AM
    Is it just me?
  • b

    brash-alligator-49865

    09/18/2022, 9:57 AM
    I also believe the semantic is wrong: the example asks you to provide a KEY but I believe you should provide a KEYRING to support multiple secrets:
  • b

    brash-alligator-49865

    09/18/2022, 9:57 AM
    pulumi stack init my-stack --secrets-provider="<gcpkms://projects/acmecorpsec/locations/us-west1/keyRings/prod/cryptoKeys/payroll>"
  • b

    brash-alligator-49865

    09/18/2022, 9:57 AM
    i would have thought this would make much more sense:
    pulumi stack init my-stack --secrets-provider="<gcpkms://projects/acmecorpsec/locations/us-west1/keyRings/prod/>"
  • b

    brash-alligator-49865

    09/18/2022, 9:59 AM
    unless I just misunderstood and the KMS key is single and its just used to decrypt the local keys? This would make also sense.
    g
    • 2
    • 1
  • f

    famous-kite-52506

    09/22/2022, 1:32 PM
    @sparse-park-68967 Hi, I was wondering was is the ETA for the native gcp provider release (out of preview)? In the meantime, I guess it is safer to use the classic provider?
    g
    e
    • 3
    • 2
  • g

    gorgeous-country-43026

    09/23/2022, 8:16 AM
    Hmm. It looks like Google APIs do not allow managing Firebase projects via normal
    gcloud auth
    authenticated users but you are forced to use a service account? Is this true and is there any way to go around this? I mean,
    gcloud auth
    is much better security wise for IaC unless one setups infrastructure setup into CI/CD but then one cannot really do development locally. Any tips or tricks or am I screwed?
  • b

    bulky-minister-91867

    09/23/2022, 12:45 PM
    Hello all, I am trying to use "Google native" and GCS backend together. I need them to use different service accounts. "Google native" unlike "GCP classic" does not allow to set credentials in the code. And I am having issues with the credentials conflicting with each other. I tried a few things but couldn't get it to work. Does someone know a way around this issue maybe?
  • g

    gentle-nightfall-2327

    09/26/2022, 4:57 PM
    Hi Peeps, does anyone here perhaps have a take on creating resources cross project?
  • g

    gentle-nightfall-2327

    09/26/2022, 5:00 PM
    My situation is that I registered Domains via Google Domains in a "shared" project and would now like to front services in Cloud Run with subdomains of these domains.
    👀 1
  • f

    future-window-78560

    09/26/2022, 5:14 PM
    Hello Team, Can we use same bucket name in different accounts For eg#
    bucket01
    in
    <mailto:gcpacc11@gmail.com|gcpacc11@gmail.com>
    and
    bucket01
    in
    <mailto:gcpacc22@gmail.com|gcpacc22@gmail.com>
    especially when
    <mailto:gcpacc11@gmail.com|gcpacc11@gmail.com>
    is deleted I get this error so I have to change the bucket name in the script every time which is a manual step in the automation process and we need to avoid that
    googleapi: Error 409: The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again., conflict
    b
    • 2
    • 1
  • f

    future-window-78560

    09/26/2022, 5:24 PM
    Also, Team!! We need to know if creating a new GCP project is possible without specifying any project_ID in the pulumi script? Our purpose is to have a console-free IAC which is possible through pulumi but we have to create a GCP project manually first because we need a project ID as input for creating a new GCP project.
    a
    • 2
    • 1
  • b

    brash-alligator-49865

    09/28/2022, 6:25 PM
    HAfsa, AFAIK Resource Manager doesnt allow you to create a project without a starting project. So my humble opinion is that you cant.
    ✅ 1
  • a

    aloof-leather-66267

    10/03/2022, 3:21 AM
    How can I import a
    gcp:serviceAccount/key:Key
    with the
    serviceAccountId
    ? When I run
    pulumi import
    with the
    name
    and
    id
    , I get a warning that
    serviceAccountId
    is missing, even if I add it to the JSON file. I can still complete the import, but the state is created without the
    serviceAccountId
    , and if I add it to the code, Pulumi thinks it's a different resource and wants to replace the imported one.
    f
    • 2
    • 3
  • d

    delightful-monkey-90700

    10/03/2022, 5:12 PM
    I'm trying to use a GCP Secret to coordinate a job between a Schedule which runs periodically and an Google Cloud Run function which it invokes via HTTP (since that seems to be the only mechanism for doing this). How do I get the value of a Secret within Pulumi, to pass to the Job ?
    b
    • 2
    • 2
  • i

    incalculable-flag-48574

    10/04/2022, 3:00 PM
    Hi, I created a static web site on gcp with the template static-website-gcp-typescript and now I want to secure the HttpProxy with SSL. I found this doc (https://www.pulumi.com/registry/packages/gcp/api-docs/compute/sslcertificate) with a "SSL Certificate Target Https Proxies" section but it's empty (coming soon!). Do you know when this config would be available and would you have an example ? Thanks a lot.
    m
    r
    • 3
    • 6
  • b

    billowy-nightfall-59212

    10/18/2022, 9:53 PM
    Hi, I am trying to create a service account and assign it a role. Here is the sample code.
    p, err := serviceaccount.NewAccount(ctx, "prom-frontend",
    		&serviceaccount.AccountArgs{
    			AccountId:   pulumi.String("prom-frontend"),
    			DisplayName: pulumi.String("prom-frontend"),
    			Project:     pulumi.String(c.Project),
    		})
    	if err != nil {
    		return err
    	}
    
    	// create Project Iam policy binding for the service account to the role roles/storage.admin
    	_, err = serviceaccount.NewIAMBinding(ctx, "foo-bar-iam-binding", &serviceaccount.IAMBindingArgs{
    		Role: pulumi.String("roles/storage.admin"),
    		Members: pulumi.StringArray{
    			pulumi.String("serviceAccount:prom-frontend@experiments.iam.gserviceaccount.com"),
    		},
    		ServiceAccountId: p.Name,
    	})
    	if err != nil {
    		return err
    	}
    b
    • 2
    • 4
  • j

    jolly-addition-88642

    10/18/2022, 10:28 PM
    Hi everyone! Pulumi noob here. I have an existing cert in GCP and I'm trying to do an import of a self managed cert but I always get warnings about a missing private_key. I figure I am running the command incorrectly. Do I need to specify a private key file during the import, though that is not an available option for this command.. When doing an import with terraform it worked fine with just a reference to the cert name and id in GCP. pulumi import gcp:compute/sSLCertificate:SSLCertificate test_cert my_gcp_project/test_cert Any help appreciated. https://www.pulumi.com/registry/packages/gcp/api-docs/compute/sslcertificate/ Error:
    warning: One or more imported inputs failed to validate. This is almost certainly a bug in the `gcp` provider. The import will still proceed, but you will need to edit the generated code after copying it into your program.
        warning: gcp:compute/sSLCertificate:SSLCertificate resource 'test_cert' has a problem: Missing required argument: The argument "private_key" is required, but no definition was found.. Examine values at 'SSLCertificate.PrivateKey'.
  • b

    billowy-nightfall-59212

    10/20/2022, 6:14 PM
    A friendly ping! I would appreciate some help.
    b
    • 2
    • 2
  • m

    microscopic-cpu-38113

    10/25/2022, 11:22 AM
    does anyone have any reference or website to share regarding the migration of existing production workload that's managed by Terraform to Pulumi? Our workload mostly are deployed on GCP but seems like the gcp-native providers doesn't even support a project import, please share your migration experience if any, TIA!
  • t

    thousands-pizza-93362

    10/25/2022, 11:47 PM
    How do i change the health check path for cloudrun?
  • t

    thousands-pizza-93362

    10/25/2022, 11:47 PM
    I cant find the option anywhere in the cloud run service files
Powered by Linen
Title
t

thousands-pizza-93362

10/25/2022, 11:47 PM
I cant find the option anywhere in the cloud run service files
View count: 4