pulumi-community #python

square-dress-80180

03/24/2021, 10:24 PM

I looked at this line is the source code as the guide: https://github.com/pulumi/pulumi-docker/blob/5da13f5d840f13639b6917e54b122d0c59cfffbf/sdk/python/pulumi_docker/docker.py#L85

square-dress-80180

03/24/2021, 10:35 PM

It is this line that causes the error: https://github.com/pulumi/pulumi-docker/blob/5da13f5d840f13639b6917e54b122d0c59cfffbf/sdk/python/pulumi_docker/docker.py#L421

hundreds-painter-6367

03/27/2021, 4:22 PM

Hello everyone, maybe someone can help me?, i’m trying to deploy a starter pulumi project, but i have an issue with this. i made the next steps: •

mkdir example-stack

•

pulumi new--dir example-stack

• i choosed

aws-python

•

cd example-stack

•

pulumi up

And the console showed me this: error: failed to load language plugin python: could not read plugin [/usr/local/bin/pulumi-language-python] stdout: EOF ¿Did someone know how to solve this error? I’m on Mac with python installed on version 3.8

agreeable-ram-97887

03/27/2021, 7:00 PM

Hi people, when generating "spec" and "metadata" inputs for kubernetes resources, how would you all suggest handling inputs that should be given as multi-line literals?

icy-dress-83371

03/29/2021, 7:06 PM

HI all, excuse my stupidity here, but I am trying to work off of an Azure example that is written in typescript (which I am not supoer competent in) wonder if anyone could help convert this pulumi block to python:

Copy code

const resourceId = (resource: string) =>
  pulumi
    .all([resourceGroup.name, currentSubscription])
    .apply(
      ([resourceGroupName, subscription]) =>
        `/subscriptions/${subscription.subscriptionId}/resourceGroups/${resourceGroupName}/providers/Microsoft.Network/applicationGateways/${applicationGatewayName}/${resource}/${defaultName}`
    );

handsome-state-59775

03/29/2021, 8:01 PM

Copy code

VM_SIZE = pulumi_azure_native.containerservice.ContainerServiceVMSizeTypes(
        config.require('vmSize'),
)

is there a pitfall here that i don't see yet?

handsome-state-59775

03/30/2021, 12:39 AM

w.r.t.

ResourceOptions

, if i mark resource A as a

parent

of resource B, does it also imply a B

dependsOn

A relationship?

✅ 1

icy-dress-83371

03/30/2021, 3:06 PM

Hi all, Been working through some output related issues in python, hopefully someone can point out my stupid mistake. I am trying to use some output in a block for idintities in azure application gatways. Below is my code block (and the associated function), which are all attempts to do the same thing, but the ONLY one that works is a hardcoded string (the last line, ***'s are real values in my code):

Copy code

def get_appgw_id(gw_name):
    return Output.concat("/subscriptions/",subscription_id,"/resourceGroups/",resource_group.name,"/providers/Microsoft.ManagedIdentity/userAssignedIdentities/",gw_name)
...
...
identity=network.ManagedServiceIdentityArgs(
        type="UserAssigned",
        user_assigned_identities={
        str(Output.concat(gatewayId.id)): {},
        f"{gatewayId.id.apply(lambda id: id)}": {},
        f"{Output.concat('/subscriptions/',subscription_id,'/resourceGroups/',resource_group.name,'/providers/Microsoft.ManagedIdentity/userAssignedIdentities',gatewayId.name)}": {},
        f"/subscriptions/{subscription_id}/resourcegroups/{resource_group.name}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{gatewayId.name}": {},
        f"{get_appgw_id(gatewayId.name)}": {},
        f"/subscriptions/*****/resourcegroups/*****/providers/Microsoft.ManagedIdentity/userAssignedIdentities/*****": {},

        },
    ),

brave-knife-93369

03/31/2021, 9:37 AM

I'm trying to get an instance of pulumi.FileAsset to take an Output<str> as a parameter. This doesn't work, which is a bit frustrating. Is there a way to workaround the problem to get dynamic file contents? I found https://github.com/pulumi/pulumi/issues/3017 but maybe somebody has a trick on hand?

creamy-knife-53051

03/31/2021, 3:24 PM

Hi all. I have a code like this:

Copy code

for i in range(replicas):
    vm_fqdn = dns_zone.apply(lambda a: f"couchbase{i + 1}-{db_name}.{a}")
    dns.RecordSet(f'couchbase{i + 1}-recordset-pubzone',
        managed_zone = dns_name,
        name = vm_fqdn,
        rrdatas=[replica.network_interfaces.apply(lambda a: a[0].get('networkIp'))],
        ttl = 300,
        type = "A",
        opts=pulumi.ResourceOptions(depends_on=[couch]))

I think that 'apply' inside a loop is evaluated only on the last step. Finally I have only one dns record. (maybe is related to future/promises) ? How can manage this situation?

astonishing-branch-30086

04/01/2021, 9:31 AM

What is the correct failure status/exception to return when a CRUD operation in a dynamic resource provider fails? I'm following the example here to build a dynamic resource provider in Python. The create() operation of my resource can fail as there a lot of status checks are involved. What status or exception should I return to get a clean failure status in the

pulumi up

output? In the best case I want to see a message that explains the reason of failure. Thanks!

handsome-state-59775

04/05/2021, 9:15 AM

Having issues using secrets from config:

Copy code

CONFIG_PROJ = p.Config()
REGISTRY_USERNAME = CONFIG_PROJ.require('registryUsername')
REGISTRY_PASSWORD = CONFIG_PROJ.require_secret('registryPassword')

registry_credentials_encoded = base64.b64encode(
    f'{REGISTRY_USERNAME}:{REGISTRY_PASSWORD}'.encode(),
).decode()

When used to create a k8s secret, the decoded version shows the

REGISTRY_PASSWORD

section having the value

<pulumi.output.Output object at 0x152478cd0>

instead of the actual value. Tried

REGISTRY_PASSWORD.apply(lambda s: s)

and

pulumi.Output.all(REGISTRY_PASSWORD).apply(lambda s: s)

as well, with the same result (diff mem location of course). 1. What am I doing wrong here? 2. What's the idiomatic way of resolving the future of an

Output

with if no transformations are required?

✅ 1

adamant-cricket-25794

04/07/2021, 3:08 PM

hello guys. maybe someone here can give me a hand on this one ? I have some code to create service accounts in GCP and bind this accounts to some roles using IAMBindings my issue is that every time I run pulumi up, pulumi updates the service account rolebindings. I guess this is caused by the for loop I am using to create them ? this is my code:

Copy code

serviceAccounts = [
    ("droneci", "droneci", "Drone Service Account", ["roles/storage.admin"]),
    (
        "spinnaker",
        "spinnaker",
        "Spinnaker Service Account",
        [
            "roles/container.admin",
            "roles/container.clusterAdmin",
            "roles/container.developer",
            "roles/storage.admin",
        ],
    )
]

def bindToRole(name: str, sa: Account, args: Optional[dict] = None):
    """Given a GCP IAM Service Account and a list of roles, create a IAMBinginh between them."""
    for i, role in enumerate(args["roles"]):
        IAMBinding(
            f"{name}-{i}",
            members=[sa.email.apply(lambda email: f"serviceAccount:{email}")],
            project=args["project"],
            role=role,
        )

for saName, saId, saDesc, saRoles in serviceAccounts:
    sa = Account(
        saName, project=conf.get("project"), account_id=saId, display_name=saDesc
    )
    bindToRole(
        f"{saName}-roleBinding", sa, {"project": conf.get("project"), "roles": saRoles}
    )
    saKey = util.createServiceAccountKey(f"{saName}-key", sa)
    export(name=f"{saName}-serviceAccount-key", value=saKey)
    export(name=f"{saName}-serviceAccount-secret", value=util.clientSecret(saKey))
    export(name=f"{saName}-serviceAccount-email", value=sa.email)

and this is an example of the changes it trys to make every time I run this:

Copy code

~ gcp:projects/iAMBinding:IAMBinding: (refresh)
        [id=my-project/roles/storage.admin]
        [urn=urn:pulumi:dev::my-stack::gcp:projects/iAMBinding:IAMBinding::spinnaker-roleBinding-3]
        [provider=urn:pulumi:dev::my stack::pulumi:providers:gcp::default_4_17_0::620feff3-c68d-4f3f-b35d-715c080f8b7d]
        --outputs:--
      ~ etag     : "BwW/YsjdngI=" => "BwW/YucGdm0="
      ~ members  : [
          ~ [0]: "serviceAccount:spinnaker@my-project.iam.gserviceaccount.com" => "serviceAccount:droneci@my-project.iam.gserviceaccount.com"
        ]

any idea why this might be happening ?

strong-bird-34772

04/08/2021, 9:29 AM

§`34rd 44ss`SAs vf eC D§§

strong-bird-34772

04/08/2021, 9:29 AM

§1§§§§§§§§§§§§§§§

shy-sunset-67287

04/08/2021, 10:51 AM

I’ve just started getting an unhandled error from Pulumi. Worked totally fine on 2 other stacks and then blew up on production 🤦‍♂️ Is this a known issue anywhere or should I make a bug report?

Untitled

fierce-market-67222

04/08/2021, 12:18 PM

hello, i have an issue i want to create IAMMember and keep getting erros like this, the connection to GKE is done in the env and other objects work….

fierce-market-67222

04/08/2021, 12:18 PM

Copy code

self.user_email_iam_role = iam.IAMMember(
            resource_name="gcp-default-account-iam",
            member=self.user_email,
            role="roles/iam.serviceAccountUser",
            service_account_id=<http://self.sa|self.sa>
        )

fierce-market-67222

04/08/2021, 12:19 PM

do i need something more?

fierce-market-67222

04/08/2021, 12:22 PM

Copy code

<http://self.sa|self.sa> = iam.Account(
            resource_name="xx",
            project="xx",
            account_id="xx",
            display_name="xx"
        ),

fierce-market-67222

04/08/2021, 12:23 PM

Copy code

Error creating service account: googleapi: Error 403: Permission iam.serviceAccounts.create is required to perform this operation on project projects/xx., forbidden

fierce-market-67222

04/08/2021, 12:23 PM

and yes i have the rights good configured…

broad-church-78931

04/08/2021, 12:57 PM

Does anyone know if there are some good ways to abstract Pulumi code with Python? Some samples on the internet?

fast-magician-55948

04/08/2021, 3:01 PM

I haven't touched pulumi for a while - coming back to it today, ran into

Diagnostics:

pulumi:pulumi:Stack (clearbooks-dev):

Traceback (most recent call last):

File "C:\ProgramData\chocolatey\lib\pulumi\tools\Pulumi\bin\pulumi-language-python-exec", line 14, in <module>

import pulumi

ModuleNotFoundError: No module named 'pulumi'

It looks like the Pulumi SDK has not been installed. Have you run pip install?

If you are running in a virtualenv, you must run pip install -r requirements.txt from inside the virtualenv.

error: an unhandled error occurred: Program exited with non-zero exit code: 1

fast-magician-55948

04/08/2021, 3:01 PM

I have installed pulumi

fast-magician-55948

04/08/2021, 3:01 PM

I've rerun pip install

mysterious-oyster-86659

04/12/2021, 5:02 PM

Hi Everyone😃 Our stack is currently written with TypeScript (TS) and have implemented Airflow in AWS. Now, we need to dynamically reference TS resources in Python and have no idea how to do that in manageable way (without just hard-coding them). Is there a way to do this? Note that this is also posted in #typescript channel too.

enough-leather-70274

04/13/2021, 3:18 AM

Sorry folks, I'm feeling a bit stupid right now... I'm trying to log out the string value of a stack reference from one stack in another.

few-pillow-1133

04/14/2021, 12:56 PM

Hey Guys, Dependency seems to be failing for me when creating data factory in azure

Copy code

raise Exception(
    Exception: 'depends_on' was passed a value that was not a Resource.
    error: an unhandled error occurred: Program exited with non-zero exit code: 1

boundless-angle-56560

04/14/2021, 1:23 PM

Hi Everyone, I am scratching my head over one thing. I am implementing my own dynamic provider and this provider accepts a file as an input parameter. I want this provider to update itself if the file's content changes. Shall I use pulumi.FileAsset for that? I mean, shall my resource accept FileAsset as an input paramater? If so, I am not sure how to work with the FileAsset in my dynamic provider impementation as it seems that the object doesn't expose anything (like for example getting the contents of the file).