pulumi-community #typescript

typescript

limited-rainbow-51650

04/16/2020, 12:42 PM

If I also set

"module": "ES2015"

, then I get the error:

/Users/ringods/Projects/cumundi/blueprints/libraries/packages/network/lib/index.js:1
import * as pulumi from "@pulumi/pulumi";
^^^^^^

SyntaxError: Cannot use import statement outside a module
    at wrapSafe (internal/modules/cjs/loader.js:1070:16)
    at Module._compile (internal/modules/cjs/loader.js:1120:27)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1176:10)

which points me to this article: https://stackoverflow.com/questions/58384179/syntaxerror-cannot-use-import-statement-outside-a-module The advice is to set

"type": "module"

package.json

. After doing that, yet another error on Node 12.16.2:

Error: Not supported
    at requireOrImport (/Users/ringods/Projects/cumundi/blueprints/libraries/node_modules/mocha/lib/esm-utils.js:18:25)
    at Object.exports.loadFilesAsync (/Users/ringods/Projects/cumundi/blueprints/libraries/node_modules/mocha/lib/esm-utils.js:28:26)
    at Mocha.loadFilesAsync (/Users/ringods/Projects/cumundi/blueprints/libraries/node_modules/mocha/lib/mocha.js:351:19)
    at singleRun (/Users/ringods/Projects/cumundi/blueprints/libraries/node_modules/mocha/lib/cli/run-helpers.js:107:15)

*sigh*…

limited-rainbow-51650

04/16/2020, 2:26 PM

BTW, there is a discrepancy between this part of the README of the core Pulumi SDK:

This SDK uses Node.js and we support the Active LTS and Current releases, as defined by this table.

and the `package.json`:

"engines": {
    "node": ">=8.13.0 || >=10.10.0"
}

Vrsion 8.13+ should be removed. Your

tsconfig.json

says it transpiles to

es2016

, which 8.13 definitely does not support everything off. See https://node.green/

limited-rainbow-51650

04/16/2020, 2:42 PM

V8 is also completely deprecated: https://github.com/nodejs/Release/blob/9bc5275b739fa326d76612da7c6d7859b50cb6c9/schedule.json#L38

rough-tomato-98795

04/23/2020, 6:53 AM

Hello guys, is there a way how to force recreation of resource when property is changed instead of just update.?

acceptable-army-69872

04/23/2020, 3:06 PM

There's something dirty in our codebase that worked in 1.X that throws an exception in 2.X

error TS2488: Type 'Promise<Subnet[]>' must have a '[Symbol.iterator]()' method that returns an iterator.

the code is looping thru a list of awsx vpcs that should have a vpc peer, then looping thru the subnets to create routes.

famous-sugar-52038

04/24/2020, 3:53 PM

Hi, Guys! I am truly glad to hear that Pulumi 2.0 has been released! I believe in the superpower of Pulumi. btw, Why does Pulumi use ES2016 as a default target of compiler option? This attachment is a pic of initial tsconfig after installation of Pulumi and execution of

pulumi new

fancy-jelly-61092

04/27/2020, 1:32 PM

I'm trying to create a dynamic resource (i.e. a

pulumi.dynamic.ResourceProvider

). I need credentials that will come from Config. I'm struggling to get config working in the dynamic provider though. I could pass the credentials in as arguments, but that forces every user of the resource to set them. Which I want to avoid as the values should be ambient from config (like the built in ones) I've tried getting the secrets form outside the closure, but that fails with

Error: Secret outputs cannot be captured by a closure

, and trying inside I just get

Error: undefined

on the line that tries to

requireSecret.

What am I doing wrong? Can

pulumi.Config

not be used within a

ResourceProvider

? Code snippet showing config _outside_:

const config = new pulumi.Config('activeDirectoryAdmin');
const usernameSecret = config.requireSecret('username');
const passwordSecret = config.requireSecret('password');

async function runSql(a: pulumi.Unwrap<SqlCommandArgs>, command: string): Promise<never> {
    return new Promise((resolve, reject) => {
        pulumi.all([usernameSecret, passwordSecret]).apply(([username, password]: [string, string]) => {
            const sqlConnection = new tedious.Connection({

Code snippet showing config _inside_:

async function runSql(a: pulumi.Unwrap<SqlCommandArgs>, command: string): Promise<never> {
    return new Promise((resolve, reject) => {
        const config = new pulumi.Config('activeDirectoryAdmin');
        const usernameSecret = config.requireSecret('username');
        const passwordSecret = config.requireSecret('password');

acceptable-stone-35112

04/28/2020, 3:28 PM

I got into situation when I need to use outputs from StackReference in components that also generate outputs and need to assign them to index.ts module exports, so they appear in stack output. Once I wrap them in .apply() callback, exports they were producing can't be assigned anymore. Is there a clean way to work around this without writing promises that would register them in module exports once resolved?

gorgeous-animal-95046

04/28/2020, 8:31 PM

Hi, with the v2 release, i’m having trouble constructing aws policy documents based on a dynamic account id.

aws.getCallerIdentity

now returns a promise. the problem i’m having is i can’t pass the account id returned from that into a

aws.iam.getPolicyDocument

because it’s inputs are all

string

. Specifically this is for a principal identifier on an assume role policy. My old code used to be `identifiers: [

arn:aws:iam::${accountNumber}:role/terraform-eks-k8s-node

lively-oil-7382

04/28/2020, 9:07 PM

Posting in typescript channel, getting errors while executing unit tests.

lively-oil-7382

04/28/2020, 9:07 PM

internal/modules/cjs/loader.js:796 throw err; ^ Error: Cannot find module 'C:\my-network\node' at Function.Module._resolveFilename (internal/modules/cjs/loader.js:793:17) at Function.Module._load (internal/modules/cjs/loader.js:686:27) at Function.Module.runMain (internal/modules/cjs/loader.js:1043:10) at internal/main/run_main_module.js:17:11 { code: 'MODULE_NOT_FOUND', requireStack: [] }

lively-oil-7382

04/28/2020, 9:07 PM

any changes recently that might be causing this error, using pulumi 1.12.1 with Node version v12.14.1 ?

damp-jelly-5493

04/30/2020, 8:08 AM

In both Python and Golang, the exports are programmatic - eg, in Python, you call

pulumi.export('public_ip', server.public_ip)

. For

<reasons>

, I could do with doing a similar sort of thing in TypeScript - is there any way of getting TS to create outputs with a pulumi method rather than the

export const public_ip = server.public_up

rhythmic-country-29988

04/30/2020, 8:11 AM

Hi! I might need a hand on this one! I am trying to create/update a callbackFunction:

import * as aws from '@pulumi/aws';
import * as pulumi from '@pulumi/pulumi';
import { v4 as uuid } from 'uuid';

import { CognitoUserPoolTriggerEvent } from 'aws-lambda';

const name = 'mylambda';

const partitionRole = new aws.iam.Role(
  `${name}-lambda-role`, {
    assumeRolePolicy: JSON.stringify({
      "Version": "2012-10-17",
      "Statement": [
        {
            "Action": "sts:AssumeRole",
            "Principal": {
                "Service": "<http://lambda.amazonaws.com|lambda.amazonaws.com>",
            },
            "Effect": "Allow",
            "Sid": "",
        },
      ],
    })
  },
);

const attachment = new aws.iam.RolePolicyAttachment(
  `${name}-lambda-role-attachment`, {
    role: partitionRole,
    policyArn: aws.iam.ManagedPolicies.AWSLambdaFullAccess,
  },
  { dependsOn: [ partitionRole ] },
);

const preTokenLambda = new aws.lambda.CallbackFunction<CognitoUserPoolTriggerEvent, CognitoUserPoolTriggerEvent>(
  name, {
    name: `${name}-lambda-${uuid()}`,
    description: "lambda.",
    role: partitionRole,
    runtime: aws.lambda.NodeJS12dXRuntime,
    memorySize: 128,
    timeout: 30,
    reservedConcurrentExecutions: 50,
    callback: async (event) => {
      event.response.claimsOverrideDetails = {
        claimsToAddOrOverride: {
          role: 'member',
          bla: 'yes',
        },
      };
      return event;
    },
  },
  { dependsOn: [ partitionRole, attachment ]  },
);

I am forcing the lambda to recreate including a uuid in its name. It uploads it correctly but then I consistently get a

function already exist

error

+  aws:lambda:Function pool creating error: Error creating Lambda function: ResourceConflictException: Function already exist: pool-lambda-80a6da40-c917-41c9-90d8-7cef62a40dcc

any ideas?

famous-bear-66383

04/30/2020, 12:22 PM

Given a project that spins up a simple

gke cluster

, how to quickly upgrade it to Pulumi 2 ? The following steps didn’t work out for me: • delete node_modules directory and package-lock.json • brew upgrade pulumi to install the new cli • npm install @pulumi/pulumi@^2.0.0 • pulumi up Error:

Previewing update (project1):
     Type                 Name                           Plan     Info
     pulumi:pulumi:Stack  project1           1 error
 
Diagnostics:
  pulumi:pulumi:Stack (project1):
    error: Running program '/Users/<user>/<company>/<project1>' failed with an unhandled exception:
    Error: Could not locate the bindings file. Tried:
     → /Users/<user>/<company>/<project1>/node_modules/deasync/build/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/build/Debug/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/build/Release/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/out/Debug/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/Debug/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/out/Release/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/Release/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/build/default/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/compiled/14.0.0/darwin/x64/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/addon-build/release/install-root/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/addon-build/debug/install-root/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/addon-build/default/install-root/deasync.node
     → /Users/<user>/<company>/<project1>/node_modules/deasync/lib/binding/node-v83-darwin-x64/deasync.node
        at bindings (/Users/<user>/<company>/<project1>/node_modules/bindings/bindings.js:126:9)
        at Object.<anonymous> (/Users/<user>/<company>/<project1>/node_modules/deasync/index.js:30:31)
        at Module._compile (internal/modules/cjs/loader.js:1185:30)
        at Object.Module._extensions..js (internal/modules/cjs/loader.js:1205:10)
        at Module.load (internal/modules/cjs/loader.js:1034:32)
        at Function.Module._load (internal/modules/cjs/loader.js:923:14)
        at Module.require (internal/modules/cjs/loader.js:1074:19)
        at require (internal/modules/cjs/helpers.js:72:18)
        at Object.<anonymous> (/Users/<user>/<company>/<project1>/node_modules/@pulumi/kubernetes/node_modules/@pulumi/pulumi/utils.js:16:17)
        at Module._compile (internal/modules/cjs/loader.js:1185:30)

Is there others to steps to make a successful migration ?

numerous-plastic-88847

05/02/2020, 9:36 AM

This might be a stupid question, coming from terraform where you could create a module to bundle a few resources together. What would the equivalent be in pulumi?

cool-processor-86981

05/05/2020, 3:28 PM

Hey everyone! Just got started with pulumi (and typescript), so sorry if this is a dumb question. When doing a

pulumi up --diff

I get stuff like

cloudfrontDistUrl: "<http://xxxxxxxx.cloudfront.net|xxxxxxxx.cloudfront.net>" => output<string>

. Is there a way to make that

output<string>

show the real output?

magnificent-accountant-19074

05/05/2020, 6:54 PM

Hello Everyone, I have a question - when I have

aws.lambda.Alias

how can I wire it up with

API

? I was not able to find any documentation on this.

breezy-butcher-78604

05/06/2020, 5:31 AM

I’m trying to loop over an array returned from a stack reference, but from what I’ve read this isn’t possible. is there another way to achieve the same goal here?

const vpcStackRef = new pulumi.StackReference("main-vpc", { name: cfg.require("vpcStack") });

for (const routeTableId of vpcStackRef.requireOutput("privateRouteTableIds")) {
    // create new aws.ec2.Route resource
}

limited-rainbow-51650

05/06/2020, 7:03 PM

On Google Cloud, resources need to be created in a Google Cloud Project. I have a custom component around some Google Cloud networking. I would very much like to pass a full object rather than a primitive to my abstraction. What do I mean with this? Well, I do not want to pass the project id as a

string

. I would like to pass a full object. The problem I have is this: if the project is created in the same stack, I have a

gcp.organizations.Project

instance, with

Output

properties. If the project was already created in another stack, I look it up via

getProject

and I am returned a

Promise<GetProjectResult>

. The properties of a

GetProjectResult

instance are the primitive types (not

Output

). So I can’t substitute one for the other just because the resource is created in another stack. Any way around this?

many-dress-88879

05/06/2020, 11:00 PM

Hey @here, how can i use pulumi to upload multiple files to a Google storage bucket? is this supported?

wooden-lighter-66320

05/06/2020, 11:51 PM

Hey all; been ramping up on Pulumi this week and I have one code organization question that hasn't quite been satisfied by the examples code repo. Let's say you have a stack with - a Queue resource, which has - an IAM role group associated, - and an onEvent lambda callback, - which in turn depends on a Table The Table and Queue are used elsewhere. Are there emerging best practices about how to structure your stack into folders and modules to make maintaining these sorts of interconnected systems simpler?

wooden-lighter-66320

05/06/2020, 11:51 PM

Would very much welcome any advice 🙏

green-morning-1318

05/07/2020, 12:00 AM

I structure my code based on the “business domain” it’s a part of and for each of those domains I have a Pulumi stack. Like I have a “data domain” which takes care of my DynamoDB (and export the ARN and name as stack variables) and in my “order domain” I use the stack variables from the other domain to create the right IAM roles for my Lambdas

green-morning-1318

05/07/2020, 12:02 AM

I took the idea of separating it into business domains that you can logically deploy separately from the team at A Cloud Guru. During the last serverless conference they spoke about their journey. While they use CloudFormation, the same ideas are valid 🙂 (at least that’s the way it works for me)

wooden-lighter-66320

05/07/2020, 12:15 AM

Within a specific business domain, sometimes resources will still have complex relationships. Is it misguided to try to separate all resources into their own .ts module?

wooden-lighter-66320

05/07/2020, 12:16 AM

this is very much a local-files-in-repo code structure question more than it is an infra question 🙂

green-morning-1318

05/07/2020, 12:16 AM

ah 😄 I misunderstood that, sorry 😳

green-morning-1318

05/07/2020, 12:17 AM

I’m not a typescript expert, but it makes sense to have reusable components be their own module

breezy-butcher-78604

05/07/2020, 12:57 AM

my personal take is you should only be striving for re-usability where it makes sense and you should limit the amount of abstraction you use over the base resources provided by your chosen cloud. Making things too generic and/or re-usable takes more time and will often require more code and more testing to ensure it works in the large number of possible use cases. If you're only using a component in one or two places, just make it work for those cases and move on. If things change in future you can always refactor. I also try and limit how much abstraction i use. For example I refrain from making custom resources where possible and when I do make custom resources I try to make them composed of base resources only (like the base

pulumi.aws

resources rather than composing things with

pulumi.awsx

resources and/or other custom resources). The main reason being is because it then increases the learning curve for other developers to understand what that custom resource does and how it works. Most developers (as opposed to SREs or operations engineers) working on infrastructure code will only have a basic understanding of the cloud provider they're using so putting too much abstraction on top of the base resources they may know about makes it harder for them to learn and contribute. if you don't work in a team then the second point is probably less important but I'd still recommend the first. This is just my personal opinion though and it seems to work for me.

👍 1

Title

breezy-butcher-78604

05/07/2020, 12:57 AM

pulumi.aws

resources rather than composing things with

pulumi.awsx

👍 1

View count: 1