Does anyone know how to do a

ApplyT

(in Go) on a type like

Deployment

where each individual field is an

Output

type, but without using

All

and having to specify every field?

I'm trying to get the cluster name for a Provider I'm using to provision resources with. I could export it from the other stack which makes the kluster from where I export the kubeconfig from which I made the Provider, but I feel I should be able to get it from the Provider and thus need 1 fewer export/import. https://www.pulumi.com/registry/packages/kubernetes/api-docs/provider/#cluster_nodejs clearly shows a cluster property as one of the inputs for the Provider function and further down the page it says: "All input properties are implicitly available as output properties." But when I do:

const monProvider = new k8s.Provider("monprov", {
        kubeconfig: kubeConfig,
});
pulumi.log.warn(`${monProvider.cluster}`);

I get

index.ts(184,32): error TS2339: Property 'cluster' does not exist on type 'Provider'.

what am I doing wrong?

Hi guys Currently we use Pulumi for the deployment directly to the K8S clusters. But we need a more regulated flow and condsider to use the yaml output and decouple the "generate" process (pulumi up) and the deployment itself completly. That would mean that we would use i.e. ArgoCD as the deployment agent on the clusters, triggerd by the changes from the Pulumi Yaml Output. But I think we found there an issue, both, Argo and Pulumi are using the annotation

last-applied-configuration

. So Pulumi will see for every up changes which does not exist. Is it possible to not produce this field at all? I know about the

ignoreChanges

property (https://www.pulumi.com/docs/intro/concepts/resources/options/ignorechanges/) but this produces/writes the field anyway, just skips the diff. Any ideas? Or did I missed something in the docs? Thank you.

I’m having difficulty finding the information so here goes. I’m trying to create a Database (instance, user, password) and a Kubernetes Secret from my Pulumi Config:

$ pulumi config set --secret pulumi-product-k8s-minikube:db_user_password letmein

const user = new postgresql.Role("product_admin_user", {
    createDatabase: true,
    login: true,
    name: "product_admin_user",
    password: config.requireSecret("db_user_password")
});

const productSecretMap = new k8s.core.v1.Secret("product-api-secrets", {
    metadata: {
        namespace: productNamespace.metadata.name
    },
    data: {
        database_password: config.requireSecret("db_user_password").apply(val => val)
    }
});

Problem is, the k8s Secret needs the base64 encoded value that, I think, is being retrieved as the salt encoded value from the config. What exactly is the standard practice here (aside from using a secret manager) to transfer the database password from the config to both the Database Role and Kubernetes Secret? I figured I could store 2 password values (one base64, the other in the salt encoded) but it doesn’t feel right.

Hello, when i deploy traefikv2 helm chart the service namespace is set to default even though i set

namespace: traefikNamespace.metadata.name,

and

transformations: [
    (obj: any, opts: pulumi.CustomResourceOptions) => { 
        if (obj.kind === "Service") {
            obj.metadata.namespace == traefikNamespace.metadata.name
        }
    }
],

But work when i set

kubectl config set-context --current --namespace=NAMESPACE

Should i create an own k8s provider with correct namespace, or I am doing something wrong?

OMGoodness... that's exactly what I needed to set post-installation tasks of ArgoCD. NewSecretPatch and NewConfigMapPatch.

I discovered a breaking typo (probably there are more) in a key in

kubernetes-ingress-nginx

https://github.com/pulumi/pulumi-kubernetes-ingress-nginx/blob/master/schema.json 1. Do I understand correctly these schemas are handcrafted? 2. Is simply creating a PR with the suggested changes enough? 3. (How) can I rebuild the component locally, I don’t have any go experience or worked with these generated components, so any guide is helpful.

What is the benefit of

kubernetes-ingress-nginx

if the types are all wrong?

@gorgeous-egg-16927 I updated pulumi-kubernetes from 3.19.4 to 3.20.2 and enabled server side apply but now I'm seeing all the crds updating metadata on every update, similar to this issue that was fixed before ssa was available. 🤔

Does anyone get an error when trying to move from ingress v1beta to v1? It make the

pulumi up

fail and after it works the second time

Hello, I'm trying to use

k8s.yaml.ConfigFile

to deploy CRDs into my EKS cluster (typescript) and I run into issues. Btw I'm new to typescript and as well to pulumi. So please kindly bare with me 🙏 Code:

import * as k8s from "@pulumi/kubernetes";
import * as eks from "@pulumi/eks";


export default {
    install_crds(cluster: eks.Cluster){
        new k8s.yaml.ConfigFile("argocd_namespace", {
            file: "kubernetes_cluster_components/namespaces/argocd-namespace.yaml",
        }, {providers: { "kubernetes": cluster.provider }});
    }
};

Error:

pulumi:pulumi:Stack  k8s-moralis-aws-dev-argo-test  running.    error: an unhandled error occurred: Program exited with non-zero exit code: -1
I0804 09:23:53.878138   22054 deployment_executor.go:162] deploymentExecutor.Execute(...): exiting provider canceller
     Type                 Name                           Plan     Info
     pulumi:pulumi:Stack  k8s-moralis-aws-dev-argo-test           1 error; 39 messages

Diagnostics:
  pulumi:pulumi:Stack (k8s-moralis-aws-dev-argo-test):
    Cloud Provider: aws Stack: aws-dev-argo-test

    error: an unhandled error occurred: Program exited with non-zero exit code: -1

The error message is not very descriptive, hence difficult to troubleshoot. Can someone please help me here 🙏

Hi, I've been using Pulumi for a number of years now, but only recently started using the Kubernetes provider. Is there a way to get information from a Kubernetes cluster, for example getting a list of services? Other providers have functions for this, but not Kubernetes. I'm not sure how that would work here. Thank you.

Hi there. Anyone who knows what to add as to link private repo's from ArgoCD instantiated with Pulumi?

Hey has anyone installed istio/knative with pulumi? Having trouble getting it to line up

I followed the tutorials and slowly build deployments into my EKS cluster… Now I want to deploy the entire stack on a blank slate AWS account… But,

pulumi up

fails because the cluster is not available… The deployments, services, pods, etc. do NOT wait for the EKS cluster to be available..

configured Kubernetes cluster is unreachable: unable to load schema information from the API server:…

What do I need to do for pushbutton deployment of my apps? (failover, DR, geo-redundancy, etc.)

hey all! for some reason, when i use the k8s provider in YAML-only mode (with the Go SDK), it takes about a second or two per resource. Funky, i mean, it's only generating YAMLs, right? I'm using an empty stack always, so that my entire cluster is always saved to the output. Thanks!

Hi I converted the quickstart k8s java example into Kotlin/JVM and I would like to share where: https://github.com/luistrigueiros/quickstart-pulumi-k8s-kotlin

hihi I'm trying to migrate over to SSA before the new k8s update. I added the

enableServerSideApply: true

flag to my provider and then ran

pulumi preview

and I got this error:

kubernetes:<http://elasticsearch.k8s.elastic.co/v1:Elasticsearch|elasticsearch.k8s.elastic.co/v1:Elasticsearch> (family):
    error: error reading from server: EOF

Seems like it's not working with ECK (which I installed via

k8s.yaml.ConfigGroup

All of our service images are created and hosed in ghcr.io (GitHub Container Registry)… I cannot figure out how to use Pulumi to create the registry secret to enable the download of these images (currently EKS, but plans for Digital Ocean and Google Cloud)… Any help is appreciated. 1. I have the code code create the EKS cluster… 2. I have the code to install the NGinX proxy 3. I have the code to apply the ‘services’ YAML files… Between 1 and 2, I need to install this registry secret so that the YAML files will pull from ghcr.io successfully.

Does helm.v3.Release not support transformations like charts do?

Getting some weird error

Exception: Cannot read properties of null (reading 'data')
    error: TypeError: Cannot read properties of null (reading 'data')
        at /root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/cluster.ts:580:103
        at /root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/output.ts:383:31
        at Generator.next (<anonymous>)
        at /root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/pulumi/output.js:21:71
        at new Promise (<anonymous>)
        at __awaiter (/root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/pulumi/output.js:17:12)
        at applyHelperAsync (/root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/pulumi/output.js:229:12)
        at /root/.pulumi/plugins/resource-eks-v0.41.2/node_modules/@pulumi/output.ts:302:65
        at processTicksAndRejections (node:internal/process/task_queues:96:5)
    error: an unhandled error occurred: Program exited with non-zero exit code: 1

hey chat

whats the right way to pass nested value to helm.v3.Release? i am trying to pass

serviceAccount.create: false

but its not picking up https://github.com/aws/eks-charts/tree/master/stable/aws-load-balancer-controller i have tried both { serviceAccount: { create: false }} and 'serviceAccount.create': false

Hello, I’m trying to deploy the same chart in two different clusters (in the same Pulumi project), but I’m having issue with naming: I can’t use the same Pulumi logical name for my two chart resources (else Pulumi complains about duplicate resource URN) and I didn’t find a way to override the release name used when templating the chart. Is it a deliberate choice to not let the user modify the release name (maybe I just didn’t see how to do it) or is it a missing feature which could be implemented (potentially by me when I’ve time)?

Hi, is there any example on how to generate a

k8s.Provider

for an existing EKS cluster? I would like to be able to do something like

eks.getClusterOutput({...}).provider

, as I would be able to if I had just created with

new eks.Cluster({...}).provider

. Failing that, at least how I can generate the

kubeconfig

file text from

eks.getClusterOutput().something

.

Hi there team 👋 I'm trying to pulumify some k8s config and hit a bit of a bump in the road when trying to convert the k8s yaml to pulumi using kube2pulumi.

unable to run program: Error: unknown resource type 'kubernetes:<http://garo.tietoevry.com/v1alpha1:GithubActionRunner|garo.tietoevry.com/v1alpha1:GithubActionRunner>'

  on pcl-087019550.pp line 0:
   1: resource "github_actions_runner_operatorRunner_poolGithubActionRunner" "kubernetes:<http://garo.tietoevry.com/v1alpha1:GithubActionRunner|garo.tietoevry.com/v1alpha1:GithubActionRunner>" {

unknown resource type 'kubernetes:<http://garo.tietoevry.com/v1alpha1:GithubActionRunner|garo.tietoevry.com/v1alpha1:GithubActionRunner>'

Is there anything i can do locally to get the program to recognise the resource type? I'm installing the CRDs etc using helm, but need to deploy the actual deployment separately

Does Pulumi currently not support StatefulSets with the OnDelete update strategy? My observations: 1. When updating a StatefulSet using the OnDelete strategy, Pulumi will (erroneously?) wait on

Waiting for StatefulSet update to roll out (0/n Pods ready)

2. If you do update the pods yourself while Pulumi is waiting, Pulumi will continue to wait on

Waiting for StatefulSet update to roll out (n/n Pods ready)

, and eventually error and time out because

.status.currentRevision

was not updated to

.status.updatedRevision

:

Diagnostics:
  kubernetes:apps/v1:StatefulSet (interactions-app):
    error: 3 errors occurred:
        * the Kubernetes API server reported that "default/interactions-app-b2ecafa3" failed to fully initialize or become live: 'interactions-app-b2ecafa3' timed out waiting to be Ready
        * 32 out of 32 replicas succeeded readiness checks
        * StatefulSet controller failed to advance from revision "interactions-app-b2ecafa3-646dcff454" to revision "interactions-app-b2ecafa3-569b7cb476"

Relevant issue? https://github.com/pulumi/pulumi-kubernetes/issues/1066

How do you provide

scheme

in in spec? typescript is complaining about it

apiVersion: elbv2.k8s.aws/v1beta1
kind: IngressClassParams
metadata:
  name: awesome-class
spec:
  scheme: internal
  ipAddressType: dualstack
  tags:
  - key: org
    value: my-org

hey peeps, im installing a helm chart to install an operator and all the CRDs i need, and then im using the pulumi k8s.

CustomResource

to try and deploy an instance of the resource which is configured on the cluster with the helm chart. I've got pulumi creating it, and it all looks good but no pods are actually being deployed, if i manually run

kubectl apply -f

on the yaml file, then it works fine but not when ive converted it to a JS object format, cant help but thinking the

CustomResource

might not be what im after?