bland-dog-47600
10/12/2023, 9:37 PMType Name Plan Info
pulumi:pulumi:Stack infra-production 1 error; 133 messages
Diagnostics:
pulumi:pulumi:Stack (infra-production):
# <http://github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/compute|github.com/pulumi/pulumi-gcp/sdk/v6/go/gcp/compute>
fatal error: runtime: out of memory
runtime stack:
runtime.throw({0xd7b769?, 0x20306f3?})
runtime/panic.go:1077 +0x5c fp=0xc00008bdb0 sp=0xc00008bd80 pc=0x444e3c
runtime.sysMapOS(0xc1bd400000, 0x1000000?)
I’m not sure what I can do to deal with it… Locally, pulumi update
works without problems.handsome-businessperson-23021
10/13/2023, 1:22 AMgifted-gigabyte-53859
10/13/2023, 8:33 AM$ /pulumi-deploy-executor pulumi update --stackIdentity="pinpayments/vm-aws-go/dev" --workDir="/deployment/vm-aws-go"
2Updating (pinpayments/dev)
3
4 View Live: <https://app.pulumi.com/pinpayments/vm-aws-go/dev/updates/3>
5
6 @ Updating............................
7
8 @ Updating............
9 pulumi:pulumi:Stack vm-aws-go-dev go: <http://github.com/gogo/protobuf@v1.3.2|github.com/gogo/protobuf@v1.3.2> requires
10 pulumi:pulumi:Stack vm-aws-go-dev <http://github.com/kisielk/errcheck@v1.5.0|github.com/kisielk/errcheck@v1.5.0>: missing go.sum entry for go.mod file; to add it:
11 pulumi:pulumi:Stack vm-aws-go-dev go mod download <http://github.com/kisielk/errcheck|github.com/kisielk/errcheck>
12 pulumi:pulumi:Stack vm-aws-go-dev error: error in compiling Go: unable to run `go build`: exit status 1
13 pulumi:pulumi:Stack vm-aws-go-dev **failed** 1 error; 3 messages
14 Diagnostics:
15 pulumi:pulumi:Stack (vm-aws-go-dev):
16 go: <http://github.com/gogo/protobuf@v1.3.2|github.com/gogo/protobuf@v1.3.2> requires
17 <http://github.com/kisielk/errcheck@v1.5.0|github.com/kisielk/errcheck@v1.5.0>: missing go.sum entry for go.mod file; to add it:
18 go mod download <http://github.com/kisielk/errcheck|github.com/kisielk/errcheck>
19
20 error: error in compiling Go: unable to run `go build`: exit status 1
21
22 Resources:
23
24 Duration: 10s
25
26 Error: Update failed: [resource plugin aws-6.0.2] installing
icy-yacht-9491
10/18/2023, 1:27 AMhandsome-businessperson-23021
10/19/2023, 1:19 PMcuddly-flower-91328
10/25/2023, 4:28 PMsquare-airplane-92568
10/27/2023, 4:44 PMlemon-agent-27707
10/28/2023, 12:31 AMambitious-air-92938
10/31/2023, 2:20 PMError: Preview failed: error: getting stack configuration: get stack secrets manager: operation error KMS: Decrypt, failed to sign request: failed to retrieve credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded
The IAM Role associated with the OIDC config and audience has admin privs across the whole AWS account.
Our stack config uses KMS as a secrets provider. The stack config is configured to use an AWS profile thus: awskms://alias/pulumi?region=eu-west-1&profile=<profile>&awssdk=v2
but I'm overriding that in the Deployment config with the mapping secretsprovider: <awskms://alias/pulumi?region=eu-west-1>
(at least I'm assuming that's overriding it). I've also verified that the KMS key has a policy attached to it that allows access from the whole AWS account.
Anyone have any ideas what I'm doing wrong?ambitious-air-92938
10/31/2023, 2:22 PMaws:profile
and aws-classic:profile
to empty in the environment variables Deployment config.ambitious-air-92938
10/31/2023, 2:22 PMambitious-air-92938
11/01/2023, 10:32 AMpreview
and it's taking on average 3-5 minutes before the preview is actually run (see attached). Running the same preview locally (but executed on Pulumi Cloud) takes only a few seconds for the preview to start, as does executing via Github Actions.ambitious-air-92938
11/01/2023, 10:33 AMhundreds-helmet-81573
11/21/2023, 3:05 AMincalculable-plastic-17510
11/24/2023, 3:11 AMpulumi/actions@v3
I create an ECR image like this
const imageWebDev = new awsx.ecr.Image(
`web-${env}-image`,
{
repositoryUrl: ecrRepo.repositoryUrl,
dockerfile: `Dockerfile`,
path: "../../"
},
{ protect: true }
);
And then pass it to my ec2 task definiton like this
const taskDefinition = new awsx.ecs.EC2TaskDefinition(
`web-${env}`,
{
containers: {
app: {
name: "app",
image: imageWebDev.imageUri,
cpu: 0,
portMappings: [
{
containerPort: 3000,
hostPort: 0,
protocol: "tcp",
},
],
.
.
.
This runs fine locally but when running in the Github action I get the following error:
error: 1 error occurred:
* failed creating ECS Task Definition (web-production): ClientException: Container.image should not be null or empty.
I have tried the following
• creating a whole new stack
• using promises to ensure the task does not begin it's update before the image is finished
• added in waiting to give things time to update
• assigned the uri to a new variable and passed that to the task definition
• hard coded in the latest
image uri
This is my pulumi action
- name: Pulumi Update
uses: pulumi/actions@v3
with:
command: up
stack-name: prod
comment-on-pr: true
work-dir: ${{ env.WORKDIR }}
upsert: true
env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
modern-plastic-10593
12/08/2023, 8:26 PMexport const image = new Image(
imageName,
{
imageName: concat(repoUrl, '/', imageName, ':', 'latest'),
build: {
platform: 'linux/amd64',
dockerfile: '../Dockerfile',
context: '..',
args: {
BUILDKIT_INLINE_CACHE: '1',
},
builderVersion: 'BuilderBuildKit',
cacheFrom: {
images: [concat(repoUrl, '/', imageName, ':', 'latest')],
},
},
},
{ dependsOn: [artifactApi, repository] },
);
bland-dog-47600
12/09/2023, 12:34 AMpulumi-gcp
and compute
component, it takes about 10 minutes to compile it.damp-magazine-59707
01/12/2024, 8:15 PMlittle-cartoon-10569
01/16/2024, 2:20 AMlittle-cartoon-10569
01/18/2024, 12:33 AMThe fetched credentials are published in the AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_SESSION_TOKEN environment variables.
gifted-soccer-82610
01/18/2024, 10:31 AMruntime:
name: python
options:
virtualenv: venv
gifted-soccer-82610
01/18/2024, 10:57 AM<https://github.com/pulumi/pulumi/tree/master/sdk/python>
as conda package, any recommendations would be helpfulambitious-flag-22427
01/22/2024, 6:34 PMfamous-kitchen-30533
01/24/2024, 3:43 PMError: fetching AWS credentials: WebIdentityErr: failed to retrieve credentials
I have deployment working in normal AWS, and have copied the setup there to GovCloud (by following these instructions). Any ideas?polite-ocean-13631
01/25/2024, 6:20 PMwitty-vegetable-61961
01/26/2024, 2:28 AMlittle-cartoon-10569
02/01/2024, 11:45 PMlittle-cartoon-10569
02/05/2024, 2:20 AMpulumi preview
deployment for a temporary merge branch, optionally with a templated environment. The pulumi up on commit
feature is straight forward.polite-ocean-13631
02/07/2024, 7:14 PMdry-controller-79976
03/02/2024, 10:39 PM