https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
typescript
  • l

    limited-rainbow-51650

    04/16/2020, 12:42 PM
    If I also set
    "module": "ES2015"
    , then I get the error:
    /Users/ringods/Projects/cumundi/blueprints/libraries/packages/network/lib/index.js:1
    import * as pulumi from "@pulumi/pulumi";
    ^^^^^^
    
    SyntaxError: Cannot use import statement outside a module
        at wrapSafe (internal/modules/cjs/loader.js:1070:16)
        at Module._compile (internal/modules/cjs/loader.js:1120:27)
        at Object.Module._extensions..js (internal/modules/cjs/loader.js:1176:10)
    which points me to this article: https://stackoverflow.com/questions/58384179/syntaxerror-cannot-use-import-statement-outside-a-module The advice is to set
    "type": "module"
    in
    package.json
    . After doing that, yet another error on Node 12.16.2:
    Error: Not supported
        at requireOrImport (/Users/ringods/Projects/cumundi/blueprints/libraries/node_modules/mocha/lib/esm-utils.js:18:25)
        at Object.exports.loadFilesAsync (/Users/ringods/Projects/cumundi/blueprints/libraries/node_modules/mocha/lib/esm-utils.js:28:26)
        at Mocha.loadFilesAsync (/Users/ringods/Projects/cumundi/blueprints/libraries/node_modules/mocha/lib/mocha.js:351:19)
        at singleRun (/Users/ringods/Projects/cumundi/blueprints/libraries/node_modules/mocha/lib/cli/run-helpers.js:107:15)
    *sigh*…
  • l

    limited-rainbow-51650

    04/16/2020, 2:26 PM
    BTW, there is a discrepancy between this part of the README of the core Pulumi SDK:
    This SDK uses Node.js and we support the Active LTS and Current releases, as defined by this table.
    and the `package.json`:
    "engines": {
        "node": ">=8.13.0 || >=10.10.0"
    }
    Vrsion 8.13+ should be removed. Your
    tsconfig.json
    says it transpiles to
    es2016
    , which 8.13 definitely does not support everything off. See https://node.green/
    w
    • 2
    • 4
  • l

    limited-rainbow-51650

    04/16/2020, 2:42 PM
    V8 is also completely deprecated: https://github.com/nodejs/Release/blob/9bc5275b739fa326d76612da7c6d7859b50cb6c9/schedule.json#L38
    s
    • 2
    • 3
  • r

    rough-tomato-98795

    04/23/2020, 6:53 AM
    Hello guys, is there a way how to force recreation of resource when property is changed instead of just update.?
    w
    • 2
    • 1
  • a

    acceptable-army-69872

    04/23/2020, 3:06 PM
    There's something dirty in our codebase that worked in 1.X that throws an exception in 2.X
    error TS2488: Type 'Promise<Subnet[]>' must have a '[Symbol.iterator]()' method that returns an iterator.
    the code is looping thru a list of awsx vpcs that should have a vpc peer, then looping thru the subnets to create routes.
    f
    • 2
    • 6
  • f

    famous-sugar-52038

    04/24/2020, 3:53 PM
    Hi, Guys! I am truly glad to hear that Pulumi 2.0 has been released! I believe in the superpower of Pulumi. btw, Why does Pulumi use ES2016 as a default target of compiler option? This attachment is a pic of initial tsconfig after installation of Pulumi and execution of
    pulumi new
    .
    m
    a
    • 3
    • 5
  • f

    fancy-jelly-61092

    04/27/2020, 1:32 PM
    I'm trying to create a dynamic resource (i.e. a
    pulumi.dynamic.ResourceProvider
    ). I need credentials that will come from Config. I'm struggling to get config working in the dynamic provider though. I could pass the credentials in as arguments, but that forces every user of the resource to set them. Which I want to avoid as the values should be ambient from config (like the built in ones) I've tried getting the secrets form outside the closure, but that fails with
    Error: Secret outputs cannot be captured by a closure
    , and trying inside I just get
    Error: undefined
    on the line that tries to
    requireSecret.
    What am I doing wrong? Can
    pulumi.Config
    not be used within a
    ResourceProvider
    ? Code snippet showing config _outside_:
    const config = new pulumi.Config('activeDirectoryAdmin');
    const usernameSecret = config.requireSecret('username');
    const passwordSecret = config.requireSecret('password');
    
    async function runSql(a: pulumi.Unwrap<SqlCommandArgs>, command: string): Promise<never> {
        return new Promise((resolve, reject) => {
            pulumi.all([usernameSecret, passwordSecret]).apply(([username, password]: [string, string]) => {
                const sqlConnection = new tedious.Connection({
    Code snippet showing config _inside_:
    async function runSql(a: pulumi.Unwrap<SqlCommandArgs>, command: string): Promise<never> {
        return new Promise((resolve, reject) => {
            const config = new pulumi.Config('activeDirectoryAdmin');
            const usernameSecret = config.requireSecret('username');
            const passwordSecret = config.requireSecret('password');
  • a

    acceptable-stone-35112

    04/28/2020, 3:28 PM
    I got into situation when I need to use outputs from StackReference in components that also generate outputs and need to assign them to index.ts module exports, so they appear in stack output. Once I wrap them in .apply() callback, exports they were producing can't be assigned anymore. Is there a clean way to work around this without writing promises that would register them in module exports once resolved?
    b
    • 2
    • 18
  • g

    gorgeous-animal-95046

    04/28/2020, 8:31 PM
    Hi, with the v2 release, i’m having trouble constructing aws policy documents based on a dynamic account id.
    aws.getCallerIdentity
    now returns a promise. the problem i’m having is i can’t pass the account id returned from that into a
    aws.iam.getPolicyDocument
    because it’s inputs are all
    string
    . Specifically this is for a principal identifier on an assume role policy. My old code used to be `identifiers: [
    arn:aws:iam::${accountNumber}:role/terraform-eks-k8s-node
    ]`
    f
    f
    • 3
    • 13
  • l

    lively-oil-7382

    04/28/2020, 9:07 PM
    Posting in typescript channel, getting errors while executing unit tests.
  • l

    lively-oil-7382

    04/28/2020, 9:07 PM
    internal/modules/cjs/loader.js:796     throw err;     ^ Error: Cannot find module 'C:\my-network\node'     at Function.Module._resolveFilename (internal/modules/cjs/loader.js:793:17)     at Function.Module._load (internal/modules/cjs/loader.js:686:27)     at Function.Module.runMain (internal/modules/cjs/loader.js:1043:10)     at internal/main/run_main_module.js:17:11 {   code: 'MODULE_NOT_FOUND',   requireStack: [] }
  • l

    lively-oil-7382

    04/28/2020, 9:07 PM
    any changes recently that might be causing this error, using pulumi 1.12.1 with Node version v12.14.1 ?
  • d

    damp-jelly-5493

    04/30/2020, 8:08 AM
    In both Python and Golang, the exports are programmatic - eg, in Python, you call
    pulumi.export('public_ip', server.public_ip)
    . For
    <reasons>
    , I could do with doing a similar sort of thing in TypeScript - is there any way of getting TS to create outputs with a pulumi method rather than the
    export const public_ip = server.public_up
    ?
    f
    • 2
    • 1
  • r

    rhythmic-country-29988

    04/30/2020, 8:11 AM
    Hi! I might need a hand on this one! I am trying to create/update a callbackFunction:
    import * as aws from '@pulumi/aws';
    import * as pulumi from '@pulumi/pulumi';
    import { v4 as uuid } from 'uuid';
    
    import { CognitoUserPoolTriggerEvent } from 'aws-lambda';
    
    const name = 'mylambda';
    
    const partitionRole = new aws.iam.Role(
      `${name}-lambda-role`, {
        assumeRolePolicy: JSON.stringify({
          "Version": "2012-10-17",
          "Statement": [
            {
                "Action": "sts:AssumeRole",
                "Principal": {
                    "Service": "<http://lambda.amazonaws.com|lambda.amazonaws.com>",
                },
                "Effect": "Allow",
                "Sid": "",
            },
          ],
        })
      },
    );
    
    const attachment = new aws.iam.RolePolicyAttachment(
      `${name}-lambda-role-attachment`, {
        role: partitionRole,
        policyArn: aws.iam.ManagedPolicies.AWSLambdaFullAccess,
      },
      { dependsOn: [ partitionRole ] },
    );
    
    const preTokenLambda = new aws.lambda.CallbackFunction<CognitoUserPoolTriggerEvent, CognitoUserPoolTriggerEvent>(
      name, {
        name: `${name}-lambda-${uuid()}`,
        description: "lambda.",
        role: partitionRole,
        runtime: aws.lambda.NodeJS12dXRuntime,
        memorySize: 128,
        timeout: 30,
        reservedConcurrentExecutions: 50,
        callback: async (event) => {
          event.response.claimsOverrideDetails = {
            claimsToAddOrOverride: {
              role: 'member',
              bla: 'yes',
            },
          };
          return event;
        },
      },
      { dependsOn: [ partitionRole, attachment ]  },
    );
    I am forcing the lambda to recreate including a uuid in its name. It uploads it correctly but then I consistently get a
    function already exist
    error
    +  aws:lambda:Function pool creating error: Error creating Lambda function: ResourceConflictException: Function already exist: pool-lambda-80a6da40-c917-41c9-90d8-7cef62a40dcc
    any ideas?
    w
    • 2
    • 3
  • f

    famous-bear-66383

    04/30/2020, 12:22 PM
    Given a project that spins up a simple
    gke cluster
    , how to quickly upgrade it to Pulumi 2 ? The following steps didn’t work out for me: • delete node_modules directory and package-lock.json • brew upgrade pulumi to install the new cli • npm install @pulumi/pulumi@^2.0.0 • pulumi up Error:
    Previewing update (project1):
         Type                 Name                           Plan     Info
         pulumi:pulumi:Stack  project1           1 error
     
    Diagnostics:
      pulumi:pulumi:Stack (project1):
        error: Running program '/Users/<user>/<company>/<project1>' failed with an unhandled exception:
        Error: Could not locate the bindings file. Tried:
         → /Users/<user>/<company>/<project1>/node_modules/deasync/build/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/build/Debug/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/build/Release/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/out/Debug/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/Debug/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/out/Release/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/Release/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/build/default/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/compiled/14.0.0/darwin/x64/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/addon-build/release/install-root/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/addon-build/debug/install-root/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/addon-build/default/install-root/deasync.node
         → /Users/<user>/<company>/<project1>/node_modules/deasync/lib/binding/node-v83-darwin-x64/deasync.node
            at bindings (/Users/<user>/<company>/<project1>/node_modules/bindings/bindings.js:126:9)
            at Object.<anonymous> (/Users/<user>/<company>/<project1>/node_modules/deasync/index.js:30:31)
            at Module._compile (internal/modules/cjs/loader.js:1185:30)
            at Object.Module._extensions..js (internal/modules/cjs/loader.js:1205:10)
            at Module.load (internal/modules/cjs/loader.js:1034:32)
            at Function.Module._load (internal/modules/cjs/loader.js:923:14)
            at Module.require (internal/modules/cjs/loader.js:1074:19)
            at require (internal/modules/cjs/helpers.js:72:18)
            at Object.<anonymous> (/Users/<user>/<company>/<project1>/node_modules/@pulumi/kubernetes/node_modules/@pulumi/pulumi/utils.js:16:17)
            at Module._compile (internal/modules/cjs/loader.js:1185:30)
    Is there others to steps to make a successful migration ?
    w
    • 2
    • 1
  • n

    numerous-plastic-88847

    05/02/2020, 9:36 AM
    This might be a stupid question, coming from terraform where you could create a module to bundle a few resources together. What would the equivalent be in pulumi?
    g
    c
    • 3
    • 4
  • c

    cool-processor-86981

    05/05/2020, 3:28 PM
    Hey everyone! Just got started with pulumi (and typescript), so sorry if this is a dumb question. When doing a
    pulumi up --diff
    I get stuff like
    cloudfrontDistUrl: "<http://xxxxxxxx.cloudfront.net|xxxxxxxx.cloudfront.net>" => output<string>
    . Is there a way to make that
    output<string>
    show the real output?
  • m

    magnificent-accountant-19074

    05/05/2020, 6:54 PM
    Hello Everyone, I have a question - when I have
    aws.lambda.Alias
    how can I wire it up with
    API
    ? I was not able to find any documentation on this.
    f
    • 2
    • 7
  • b

    breezy-butcher-78604

    05/06/2020, 5:31 AM
    I’m trying to loop over an array returned from a stack reference, but from what I’ve read this isn’t possible. is there another way to achieve the same goal here?
    const vpcStackRef = new pulumi.StackReference("main-vpc", { name: cfg.require("vpcStack") });
    
    for (const routeTableId of vpcStackRef.requireOutput("privateRouteTableIds")) {
        // create new aws.ec2.Route resource
    }
    s
    • 2
    • 1
  • l

    limited-rainbow-51650

    05/06/2020, 7:03 PM
    On Google Cloud, resources need to be created in a Google Cloud Project. I have a custom component around some Google Cloud networking. I would very much like to pass a full object rather than a primitive to my abstraction. What do I mean with this? Well, I do not want to pass the project id as a
    string
    . I would like to pass a full object. The problem I have is this: if the project is created in the same stack, I have a
    gcp.organizations.Project
    instance, with
    Output
    properties. If the project was already created in another stack, I look it up via
    getProject
    and I am returned a
    Promise<GetProjectResult>
    . The properties of a
    GetProjectResult
    instance are the primitive types (not
    Output
    ). So I can’t substitute one for the other just because the resource is created in another stack. Any way around this?
    g
    • 2
    • 10
  • m

    many-dress-88879

    05/06/2020, 11:00 PM
    Hey @here, how can i use pulumi to upload multiple files to a Google storage bucket? is this supported?
    g
    g
    • 3
    • 10
  • w

    wooden-lighter-66320

    05/06/2020, 11:51 PM
    Hey all; been ramping up on Pulumi this week and I have one code organization question that hasn't quite been satisfied by the examples code repo. Let's say you have a stack with - a Queue resource, which has - an IAM role group associated, - and an onEvent lambda callback, - which in turn depends on a Table The Table and Queue are used elsewhere. Are there emerging best practices about how to structure your stack into folders and modules to make maintaining these sorts of interconnected systems simpler?
  • w

    wooden-lighter-66320

    05/06/2020, 11:51 PM
    Would very much welcome any advice 🙏
  • g

    green-morning-1318

    05/07/2020, 12:00 AM
    I structure my code based on the “business domain” it’s a part of and for each of those domains I have a Pulumi stack. Like I have a “data domain” which takes care of my DynamoDB (and export the ARN and name as stack variables) and in my “order domain” I use the stack variables from the other domain to create the right IAM roles for my Lambdas
  • g

    green-morning-1318

    05/07/2020, 12:02 AM
    I took the idea of separating it into business domains that you can logically deploy separately from the team at A Cloud Guru. During the last serverless conference they spoke about their journey. While they use CloudFormation, the same ideas are valid 🙂 (at least that’s the way it works for me)
    w
    • 2
    • 12
  • w

    wooden-lighter-66320

    05/07/2020, 12:15 AM
    Within a specific business domain, sometimes resources will still have complex relationships. Is it misguided to try to separate all resources into their own .ts module?
  • w

    wooden-lighter-66320

    05/07/2020, 12:16 AM
    this is very much a local-files-in-repo code structure question more than it is an infra question 🙂
  • g

    green-morning-1318

    05/07/2020, 12:16 AM
    ah 😄 I misunderstood that, sorry 😳
  • g

    green-morning-1318

    05/07/2020, 12:17 AM
    I’m not a typescript expert, but it makes sense to have reusable components be their own module
  • b

    breezy-butcher-78604

    05/07/2020, 12:57 AM
    my personal take is you should only be striving for re-usability where it makes sense and you should limit the amount of abstraction you use over the base resources provided by your chosen cloud. Making things too generic and/or re-usable takes more time and will often require more code and more testing to ensure it works in the large number of possible use cases. If you're only using a component in one or two places, just make it work for those cases and move on. If things change in future you can always refactor. I also try and limit how much abstraction i use. For example I refrain from making custom resources where possible and when I do make custom resources I try to make them composed of base resources only (like the base
    pulumi.aws
    resources rather than composing things with
    pulumi.awsx
    resources and/or other custom resources). The main reason being is because it then increases the learning curve for other developers to understand what that custom resource does and how it works. Most developers (as opposed to SREs or operations engineers) working on infrastructure code will only have a basic understanding of the cloud provider they're using so putting too much abstraction on top of the base resources they may know about makes it harder for them to learn and contribute. if you don't work in a team then the second point is probably less important but I'd still recommend the first. This is just my personal opinion though and it seems to work for me.
    👍 1
Powered by Linen
Title
b

breezy-butcher-78604

05/07/2020, 12:57 AM
my personal take is you should only be striving for re-usability where it makes sense and you should limit the amount of abstraction you use over the base resources provided by your chosen cloud. Making things too generic and/or re-usable takes more time and will often require more code and more testing to ensure it works in the large number of possible use cases. If you're only using a component in one or two places, just make it work for those cases and move on. If things change in future you can always refactor. I also try and limit how much abstraction i use. For example I refrain from making custom resources where possible and when I do make custom resources I try to make them composed of base resources only (like the base
pulumi.aws
resources rather than composing things with
pulumi.awsx
resources and/or other custom resources). The main reason being is because it then increases the learning curve for other developers to understand what that custom resource does and how it works. Most developers (as opposed to SREs or operations engineers) working on infrastructure code will only have a basic understanding of the cloud provider they're using so putting too much abstraction on top of the base resources they may know about makes it harder for them to learn and contribute. if you don't work in a team then the second point is probably less important but I'd still recommend the first. This is just my personal opinion though and it seems to work for me.
👍 1
View count: 1