most-lighter-95902
07/06/2022, 11:21 PMvalues
key in the Pulumi helm release resource?narrow-translator-93508
07/07/2022, 6:54 AMPulumi
and helm
, no problem to install ArgoCD
but when I try to configure dex.config
section, it expects a string
rather than a map
and when I pass a string it is not rendered with the right structure in the config mapnarrow-translator-93508
07/07/2022, 6:55 AM_, err := helm.NewRelease(
a.Context, "argocd", &helm.ReleaseArgs{
Chart: pulumi.String("argo-cd"),
RepositoryOpts: helm.RepositoryOptsArgs{
Repo: pulumi.String("<https://argoproj.github.io/argo-helm>"),
},
Namespace: pulumi.String(a.Config.Require("namespace")),
Version: pulumi.String(a.Config.Require("version")),
Values: pulumi.Map{
"dex": pulumi.Map{
"enabled": pulumi.Bool(true),
},
"server": pulumi.Map{
"config": pulumi.Map{
"dex.config": pulumi.Map{
"connectors": pulumi.MapArray{
pulumi.Map{
"config": pulumi.StringMap{
"issuer": pulumi.String("<https://accounts.google.com>"),
"clientID": a.Config.RequireSecret("client-id"),
"clientSecret": a.Config.RequireSecret("client-secret"),
},
"type": pulumi.String("oidc"),
"id": pulumi.String("google"),
"name": pulumi.String("Google"),
},
},
},
},
},
},
},
)
narrow-translator-93508
07/07/2022, 6:55 AMmap
it generates this error messagenarrow-translator-93508
07/07/2022, 6:55 AMDiagnostics:
kubernetes:<http://helm.sh/v3:Release|helm.sh/v3:Release> (argocd):
error: error validating "": error validating data: ValidationError(ConfigMap.data.dex.config): invalid type for io.k8s.api.core.v1.ConfigMap.data: got "map", expected "string"
narrow-translator-93508
07/07/2022, 6:56 AMnarrow-translator-93508
07/07/2022, 6:56 AMnarrow-translator-93508
07/07/2022, 10:19 AMnarrow-translator-93508
07/07/2022, 10:19 AMnarrow-translator-93508
07/07/2022, 10:19 AMpulumi.All(
a.Config.RequireSecret("client-id"), a.Config.RequireSecret("client-secret"),
).ApplyT(
func(args []interface{}) error {
dex := &OIDCConfig{
Connectors: []*OIDCConnector{
{
Config: map[string]interface{}{
"issuer": "<https://accounts.google.com>",
"clientID": args[0].(string),
"clientSecret": args[1].(string),
},
Type: "oidc",
Name: "Google",
ID: "google",
},
},
}
d, err := yaml.Marshal(&dex)
if err != nil {
return errors.Wrap(err, "SetupArgoCD: failed creating dex config")
}
_, err = helm.NewRelease(
a.Context, "argocd", &helm.ReleaseArgs{
Chart: pulumi.String("argo-cd"),
RepositoryOpts: helm.RepositoryOptsArgs{
Repo: pulumi.String("<https://argoproj.github.io/argo-helm>"),
},
Namespace: pulumi.String(a.Config.Require("namespace")),
Version: pulumi.String(a.Config.Require("version")),
Values: pulumi.Map{
"dex": pulumi.Map{
"enabled": pulumi.Bool(true),
},
"server": pulumi.Map{
"config": pulumi.Map{
"dex.config": pulumi.String(d),
},
},
},
},
)
if err != nil {
return errors.Wrap(err, "SetupArgoCD: failed installing helm chart")
}
return nil
},
)
narrow-translator-93508
07/07/2022, 10:21 AMmap
represented as string
curved-morning-41391
07/07/2022, 11:29 PMkubectl wait --for=condition=available --timeout=600s deployment/cert-manager-webhook -n cert-manager
in pulumi?glamorous-australia-21342
07/07/2022, 11:34 PMglamorous-australia-21342
07/07/2022, 11:35 PMglamorous-australia-21342
07/07/2022, 11:35 PMcurved-morning-41391
07/08/2022, 2:24 AMglamorous-australia-21342
07/08/2022, 2:25 AMcurved-morning-41391
07/08/2022, 2:33 AMkubectl version
?most-lighter-95902
07/10/2022, 5:39 PMcurved-morning-41391
07/11/2022, 10:17 PMConfigFile
rough-author-69114
07/12/2022, 8:50 AMpulumi_gcp.container.Cluster
and then want to deploy Strimzi operator with pulumi_kubernetes.helm.v3.Chart
. The problem I run into is that I don't personally have access to the cluster until I run gcloud container clusters get-gredentials <cluster_name> --region <region>
and generate the configuration, with certificates, for the cluster. I have a few ideas but I feel like I'm missing something that should work better.
Idea 1:
I can run the command to get the credentials from gcloud with pulumi_command.local.Command
after the creation of the cluster and before the Chart.
I don't particularly like this idea because it changes the state of my personal environment. For the time being it is not a problem, but once we start working with multiple clusters and multiple developers it is bound to cause problems.
And then I'm out of ideas. I'll start by trying idea 1 but I hope I can get some more information here.white-chef-55657
07/14/2022, 1:09 PMkubeletExtraConfig
(https://eksctl.io/usage/customizing-the-kubelet/) with pulumi ?wet-noon-14291
07/14/2022, 9:56 PMdependsOn
work with ConfigFile
? I have two typescript classes, A and B, that both extends ComponentResource
class. In both A and B I use the ConfigFile
resource. First I create A and when creating B I set that it depends on A, but for some reason it seems like all the resources in A isn't running when B is provisioned... is that by design? Do I need to depend on the actual ConfigFile
that A creates for it to work? I thought A wouldn't be done until everything I create in the constructor of A is done.adamant-terabyte-3965
07/15/2022, 4:50 PMpulumi up
it tries to create all resources, which causes it to error out with the following error:
kubernetes:core/v1:ServiceAccount (aws-lb-controller-sa):
error: resource kube-system/lb-serviceaccount was not successfully created by the Kubernetes API server : serviceaccounts "lb-serviceaccount" already exists
At this point the ServiceAccount for my load balancer exists on the kube-system
namespace, and doesn't need creation in the new namespace. How do I get Pulumi to discover existing resources (in this case, my load balancer ServiceAccount) in a different namespace or at least not try and error out attempting to recreate the existing ServiceAccount? I've tried to run pulumi refresh
on my newly created stack, but it doesn't seem to change anything.steep-portugal-37539
07/15/2022, 5:58 PMclusterAdmins
. So then perhaps it should be a dedicated role that doesn’t get used for anything else to create the cluster.wet-noon-14291
07/18/2022, 10:28 PMChart
resource, what is the recommended way to read output values from the resource... like the public ip of a loadbalancer that was created? Is the recommended approach to do an apply
on the ready
property and the loop through the resources?most-lighter-95902
07/18/2022, 10:56 PMquaint-book-39362
07/20/2022, 1:39 AMquaint-book-39362
07/20/2022, 1:39 AMnarrow-translator-93508
07/21/2022, 6:45 PMPulumi TLS
self signed certificate for generating a Kubernetes TLS secret
?