https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
google-cloud
  • v

    victorious-helmet-11068

    08/24/2020, 3:39 PM
    I’m quite lost… suggestions?
  • v

    victorious-helmet-11068

    08/24/2020, 3:40 PM
    no problem creating via “gcloud container” with no ip aliases and autoassign range.
    g
    • 2
    • 32
  • p

    prehistoric-account-60014

    08/25/2020, 1:44 AM
    Is there a new API requirement for deploying Cloud Functions that wasn’t there before?
    Error waiting for Creating CloudFunctions Function: Error code 7, message: Build failed: Cloud Build API has not been used in project 669636788185 before or it is disabled. Enable it by visiting <https://console.developers.google.com/apis/api/cloudbuild.googleapis.com/overview?project=669636788185> then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry.
    g
    • 2
    • 2
  • t

    thousands-angle-40305

    08/25/2020, 9:36 PM
    \
  • g

    green-school-95910

    08/25/2020, 9:37 PM
    I think you meant for the other slash
    /shrug
    ¯\_(ツ)_/¯
  • d

    damp-elephant-82829

    08/28/2020, 10:38 AM
    Hello everyone, I need to pass to my container using cloud run a secret stored in google secret manager. One solution I found is obviously to get the secret in a CI/CD pipeline, store it as an env variable and pass it down to the container as a part of the configuration using Pulumi. Is this the right solution, are there better solutions?
  • d

    damp-elephant-82829

    08/28/2020, 11:53 AM
    maybe @green-school-95910 knows how to use secretEnvs
  • d

    damp-elephant-82829

    08/28/2020, 11:53 AM
    property *secretRef*
    secretRef?: outputs.cloudrun.ServiceTemplateSpecContainerEnvFromSecretRef;
    The Secret to select from. Structure is documented below.
  • d

    damp-elephant-82829

    08/28/2020, 11:53 AM
    https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/gcp/types/output/#ServiceTemplateSpecContainerEnvFromSecretRef
  • d

    damp-elephant-82829

    08/28/2020, 11:53 AM
    however this looks like an output
  • g

    green-school-95910

    08/28/2020, 12:12 PM
    secretEnvs are not for that. Those are for attaching k8s secrets when running Cloud Run on GKE/Anthos. It is not supported on managed
  • g

    green-school-95910

    08/28/2020, 12:13 PM
    Your solution is one that I would recommend if it's not critically sensitive information
  • g

    green-school-95910

    08/28/2020, 12:16 PM
    For strictly sensitive information I would recommend not to set it from the CI in plaintext. In this case you can either add an entry script to your container that will get the secret, then pass the name of the secret as an env variable
  • g

    green-school-95910

    08/28/2020, 12:17 PM
    Or to use Runtime Configurator
  • d

    damp-elephant-82829

    08/28/2020, 2:51 PM
    what is runtime configurator?
    g
    • 2
    • 4
  • d

    damp-elephant-82829

    08/30/2020, 7:25 AM
    I am applying the project seed pattern where I create a new project with pulumi starting from a root project: I create a bucket, I enable cloud run, all works, except when I create a topic subscription that fails with 403. What I don’t understand is whether my topic subscription is getting created with the service account of cloud build (where I run pulumi) or the default service account for the newly created project
  • d

    damp-elephant-82829

    08/31/2020, 10:04 AM
    creating failed error: Error creating Subscription: googleapi: Error 403: User not authorized to perform this action.
  • d

    damp-elephant-82829

    08/31/2020, 10:04 AM
    That’s really akward, @green-school-95910 do you have any hint on this? both my cloud build and my project default service acount have the role pubsub editor
    g
    • 2
    • 51
  • d

    damp-table-85095

    08/31/2020, 1:14 PM
    Hi. How can one deploy a docker container onto a Google Compute Engine instance without using Kubernetes? This is covered by https://registry.terraform.io/modules/terraform-google-modules/container-vm/google/2.0.0 in terraform.
    g
    • 2
    • 5
  • d

    damp-elephant-82829

    09/01/2020, 7:49 AM
    Hey guys, I think I have hit an infinite recursion problem, activating the service usage API fails with pulumi because… well because the service usage API has not been activated yet! cp😛rojects:Service (EnableServiceUsage): gcp😛rojects:Service (EnableServiceUsage): Step #9 - “Pulumi Create Stack”: error: Error when reading or editing Project Service : Request “List Project Services my-project” returned error: Failed to list enabled services for project my-project: googleapi: Error 403: Service Usage API has not been used in project XYZ before or it is disabled. Enable it by visiting XYZ then retry. If you enabled this API recently, wait a few minutes for the action to propagate to our systems and retry., accessNotConfigured
    w
    • 2
    • 4
  • v

    victorious-helmet-11068

    09/01/2020, 7:58 AM
    Hi all. I have some pulumi programs that works fine on my pc and was working fine in a GCP instance. From a while, launching in the instance: it seems freezed.
  • v

    victorious-helmet-11068

    09/01/2020, 7:59 AM
    I’m launching it with TF_LOG=trace and “-d” but I have no debug output.
  • v

    victorious-helmet-11068

    09/01/2020, 7:59 AM
    Stacks are on GCS.
  • v

    victorious-helmet-11068

    09/01/2020, 7:59 AM
    ideas?
  • w

    wet-soccer-72485

    09/07/2020, 10:10 PM
    Hi, I just learned of Pulumi today. I'm evaluating whether to move to it from Terraform.
  • w

    wet-soccer-72485

    09/07/2020, 10:11 PM
    I asked this question in the Github, but does anyone know if it is possible to create projects with the typescript library? Maybe like this?
    import * as pulumi from '@pulumi/pulumi';
    import * as gcp from '@pulumi/gcp';
    
    const projectName = 'my-project'
    const project = new gcp.projects.Project('my-project');
    ✅ 1
    • 1
    • 1
  • n

    nutritious-flower-51098

    09/09/2020, 12:39 PM
    is there a way of specifying a serviceaccount for
    gcp.container.Cluster
    ?
    g
    • 2
    • 2
  • s

    strong-knife-49449

    09/10/2020, 9:36 AM
    Hi 👋 - I’m struggling to replicate in Pulumi something I can do through the console UI which is to create a VPC Connector for a Cloud Run Service. Does anyone know what the right resource is that I’m looking for? Is it
    gcp_._servicenetworking_._Connection
    ?
    g
    • 2
    • 3
  • d

    damp-elephant-82829

    09/10/2020, 1:00 PM
    Hey guys, I have opened an issue on providing better instructions for testing
  • s

    strong-knife-49449

    09/10/2020, 4:19 PM
    Another silly question - when specifying a container image for cloud run I seem to have to specify the full image (with tag). This seems annoying since every time I run
    pulumi up
    it will change the running image. How are people dealing with this?
    g
    • 2
    • 1
Powered by Linen
Title
s

strong-knife-49449

09/10/2020, 4:19 PM
Another silly question - when specifying a container image for cloud run I seem to have to specify the full image (with tag). This seems annoying since every time I run
pulumi up
it will change the running image. How are people dealing with this?
g

green-school-95910

09/10/2020, 5:33 PM
It is diffing the values. Not adding a tag is the same as using the
latest
tag. The returned value will always have the tag, so it will look different for Pulumi You can just explicitly set the
latest
tag in your deployment
View count: 1