https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
typescript
  • f

    few-dog-41530

    05/15/2019, 5:29 PM
    hey guys. I am trying to deploy a google cloud function
  • f

    few-dog-41530

    05/15/2019, 5:29 PM
    however, I get the following error:
  • f

    few-dog-41530

    05/15/2019, 5:29 PM
    Diagnostics:
      pulumi:pulumi:Stack (calendribe-nestjs-auth0-mgmt-gcp-functions-test):
        error: update failed
     
      gcp:cloudfunctions:Function (hello):
        error: Plan apply failed: googleapi: Error 400: The request has errors, badRequest
  • f

    few-dog-41530

    05/15/2019, 5:30 PM
    any idea as to how to troubleshoot this?
    w
    • 2
    • 1
  • f

    few-dog-41530

    05/16/2019, 5:50 PM
    So I’ve been struggling with figuring out what was wrong with my function. After much troubleshooting, I figured out that google cloud doesn’t allow to set
    NODE_ENV
    as an environment variable. However, it took me forever to figure out because pulumi gave me the unhelpful error
    Error while updating cloudfunction configuration: googleapi: Error 400: The request has errors, badRequest
  • f

    few-dog-41530

    05/16/2019, 5:52 PM
    However, running
    gcloud functions deploy hello --update-env-vars NODE_ENV=production --trigger-http --runtime nodejs8
  • f

    few-dog-41530

    05/16/2019, 5:52 PM
    gives the much more helpful output:
    ERROR: (gcloud.functions.deploy) ResponseError: status=[400], code=[Bad Request], message=[The request has errors
    Problems:
    environment variable name NODE_ENV is reserved by the system: it cannot be set by users
    ]
  • f

    few-dog-41530

    05/16/2019, 5:52 PM
    is there a way for Pulumi to capture this?
  • f

    few-dog-41530

    05/16/2019, 5:58 PM
    Opened new issue: https://github.com/pulumi/pulumi-gcp/issues/150
  • a

    average-france-63073

    05/17/2019, 12:22 PM
    Hello, I'm making a mistake somewhere, probably something trivial... I'm trying to use an existing sec group, I've tried eksClusterSecuriytGroup: "group-name" nodeSecurityGroup: "group-name" I'm getting nowehere, also looked at vpcConfig, can't get that to work either, what works in clusteroptions: Object literal may only specify known properties, but 'eksClusterSecurityGroup' does not exist in type 'ClusterOptions'. Did you mean to write 'clusterSecurityGroupTags'?
  • a

    average-france-63073

    05/17/2019, 12:22 PM
    help or docs pointers appreciated, total noob.
  • a

    average-france-63073

    05/17/2019, 12:42 PM
    Essentially what i want to do is use some existing config, VPC, subnets, SecGroups, with a new EKS cluster.
    • 1
    • 1
  • c

    cuddly-barista-79466

    05/21/2019, 5:28 PM
    Question here trying to use a get function to retrieve AWS ARN by name for an array of names to then be used in creating a policy document, but i am getting hung up on the pulumi output string type to string along with the callbacks not seemingly working effectively in the policydocument. Snippet of code that I am using here
    import * as pulumi from '@pulumi/pulumi';
    import * as aws from '@pulumi/aws';
    pulumi.getStack;
    
    const sopsUsers = ['Role1', 'Role2', 'Admins'];
    
    const getsopsUsersArns = sopsUsers.map(r => {
      const role: pulumi.Output<
        pulumi.UnwrappedObject<aws.iam.GetRoleResult>
      > = pulumi.output(
        aws.iam.getRole({
          name: r
        })
      );
      return role;
    });
    
    export const sopsUsersArns = getsopsUsersArns.map(i => i.apply(a => a.arn));
    const keyPolicyDocument = pulumi.output(
      aws.iam.getPolicyDocument({
        statements: [
          {
            sid: 'Allow attachment of persistent resources',
            effect: 'Allow',
            principals: [
              {
                type: 'AWS',
                identifiers: getsopsUsersArns.map(i => i.apply(a => a.arn))
              }
            ],
            actions: ['kms:CreateGrant', 'kms:ListGrants', 'kms:RevokeGrant'],
            resources: ['*'],
            conditions: [
              {
                test: 'Bool',
                variable: 'kms:GrantIsForAWSResource',
                values: ['true']
              }
            ]
          }
        ]
      })
    );
    
    const key = new aws.kms.Key('sopsKey',
      {
        policy: keyPolicyDocument.json
      }
    );
    
    const alias = new aws.kms.Alias('alias/sopsKey',
      {
        targetKeyId: key.keyId
      }
    );
    
    export const kmsKeyName = alias.name;
    b
    • 2
    • 5
  • l

    lively-lifeguard-43619

    05/30/2019, 1:54 PM
    hello, wondering if anyone here has integrated their pulumi scripts to leverage hashicorp vault...looking for examples/ideas/direction? .... a little more context, I had previously setup my terraform scripts to pull gcloud credentials from vault + read/write secrets. looking to do the same with pulumi
  • s

    stocky-spoon-28903

    05/30/2019, 2:12 PM
    Hi @lively-lifeguard-43619! Right now we don’t have a Vault provider, but because your program is actual code, there’s no reason you can’t use one of the javascript SDKs for vault to query values and configure them from there
  • l

    lively-lifeguard-43619

    05/30/2019, 2:15 PM
    thanks @stocky-spoon-28903...would it make sense to use the terraform bridge with the terraform vault provider?
  • s

    stocky-spoon-28903

    05/30/2019, 2:17 PM
    That really depends - the Terraform vault provider ends up with secret values stored in the state file
  • s

    stocky-spoon-28903

    05/30/2019, 2:17 PM
    If that is acceptable to you we could pretty easily bridge the vault provider
  • l

    lively-lifeguard-43619

    05/30/2019, 2:39 PM
    i wasn't too concerned about that because i was storing the state file in a google cloud bucket with limited access...i guess i'll try out some Javascript SDKs
  • b

    billions-lock-80282

    06/06/2019, 10:35 AM
    Hi, I've created EKS and EFS resources in AWS but now want to update the nodeUserData property of the EKS cluster as a separate action. Can anyone please advise how to do this? Its a property of the ClusterOptions interface.
  • s

    sticky-camera-42272

    06/07/2019, 1:54 PM
    Hello everyone. I am trying to use Pulumi to create an AWS codebuild resource, but the documentation is a little unclear on how to connect to a private GitHub repo. The projectArgs#source property docs (https://pulumi.io/reference/pkg/nodejs/pulumi/aws/codebuild/#ProjectArgs-source) say that the
    Source blocks are documented below
    but they don't actually seem to be documented anywhere. Are there any examples of how to do what I need?
    g
    c
    • 3
    • 6
  • s

    square-bear-79319

    06/12/2019, 3:36 PM
    Hello everyone. Am trying to create unit tests for a Pulumi project which installs a specific version of istio on an existing cluster. The version of the istio is provided as part of the Pulumi.dev.yaml. When running the Unit tests, mu understanding is this has to be passed as part of the
    PULUMI_CONFIG="{ \"aws:region\": \"us-east-1\", \"istio_version\": \"1.1.7\" }"
    , but it does not seem to work. When i output the config values. it only has the value of the name which is part of
    PULUMI_NODEJS_PROJECT="wawa-runtime-istio";
    . In general, PULUMI_CONFIG does not seem to take the values provided and is not working as intended. Any help on this is much appreciated.
    Config { name: 'wawa-runtime-istio' }
    
    
    Error: repo istio-undefined not found
    Error: repo istio-undefined not found
    (node:22548) UnhandledPromiseRejectionWarning: Error: Error: Command failed: helm fetch istio-undefined/istio-init --untar --version undefined --destination C:\Users\guptak1\AppData\Local\Temp\1\tmp-22548iGyXL4S208pz
    Error: repo istio-undefined not found
    w
    • 2
    • 4
  • j

    jolly-egg-4894

    06/13/2019, 2:24 PM
    const topic = new aws.sns.Topic("sns");
    
    topic.onEvent("event", async (event) => {
    	console.log(event);
    });
    error: Plan apply failed: deleting urn:pulumi:pulumi-peoplehr::pulimi-peoplehr::cloud:topic:Topic$aws:sns/topic:Topic::sns: InvalidParameter: Invalid parameter: TopicArn
  • c

    cuddly-barista-79466

    06/13/2019, 6:56 PM
    How would I convert this Terraform to Typescript? This is part of the vsphere Clone/Customize when creating a new VM. Would like to be able to increment an IP Address while in a loop
    ipv4_address    = "${cidrhost(var.vsphere_vm_int1_network_address, var.vsphere_vm_int1_network_address_start + count.index)}"
    s
    • 2
    • 2
  • g

    gray-manchester-37402

    06/18/2019, 5:57 PM
    Hi everyone. Is it possible to use a custom resource like Istio Gateway or any other custom kubernetes resources as YAML (or JSON-ified YAML)? I know it's a method available that can load from file, but then I end up with both a set of javascript/typescript files and a bunch of YAML files.
    w
    • 2
    • 2
  • p

    plain-businessperson-30883

    06/19/2019, 3:18 PM
    I’m having some trouble with
    aws.iam.getPolicyDocument
    . I need to set a KMS Key in the
    resources
    field, but I get an error
    error TS2322: Type 'Output<string>' is not assignable to type 'string'.
    . It seems the interface expects a string
    resources?: string[];
    . Is there a way to convert the
    Output<string>
    to
    string
    ? The only thing I see is to not use the
    aws.iam.getPolicyDocument
    . I see other thread here with a similar issue, but no answer was given: https://pulumi-community.slack.com/archives/CJ909TL6P/p1558459714056300
  • w

    white-balloon-205

    06/19/2019, 3:19 PM
    In general, you have to call
    .getFoo
    inside an
    .apply
    on the Output.
  • p

    plain-businessperson-30883

    06/19/2019, 3:19 PM
    I tried, but the apply still returns an Output.
    w
    • 2
    • 15
  • s

    swift-postman-59572

    06/22/2019, 12:16 AM
    Hello! I was wondering if anyone has created an ECS cluster that is placed inside an existing security group. This is what I'm currently work with and it's complaining that I'm passing a string and not a type of awsx.ec2.securityGroupOrId[]
    const config = new pulumi.Config();
    const existingSecurityGroup = config.require('existingSG');
    const cluster = new awsx.ecs.Cluster(`app-${env}`, {
      securityGroups: [existingSecurityGroup],
      vpc: vpc,
      name: `app-${env}`
    });
    w
    • 2
    • 3
  • e

    early-match-56268

    06/22/2019, 9:27 PM
    hi! Could someone help me figure out how to get resources registered with pulumi? my project is structured like
    pulumi
    ├── Pulumi.dev.yaml
    ├── Pulumi.yaml
    ├── README.md
    ├── gcp
    │   ├── README.md
    │   ├── index.ts
    │   └── k8s.ts
    ├── index.ts
    ├── k8s
    │   ├── index.ts
    │   ├── namespace.ts
    │   └── secret.ts
    ├── package-lock.json
    ├── package.json
    └── tsconfig.json
    and in the
    pulumi/index.ts
    import * as gcp from './gcp'
    
    export let devKubeconfig = gcp.devKubeconfig
    My problem is that none of resources in the
    pulumi/k8s/
    dir are getting picked up by pulumi when i run
    pulumi up
    . If I import the resources and then export one of them in the
    pulumi/index.ts
    then they show up. Trying to figure out what I am doing wrong
    c
    g
    • 3
    • 5
Powered by Linen
Title
e

early-match-56268

06/22/2019, 9:27 PM
hi! Could someone help me figure out how to get resources registered with pulumi? my project is structured like
pulumi
├── Pulumi.dev.yaml
├── Pulumi.yaml
├── README.md
├── gcp
│   ├── README.md
│   ├── index.ts
│   └── k8s.ts
├── index.ts
├── k8s
│   ├── index.ts
│   ├── namespace.ts
│   └── secret.ts
├── package-lock.json
├── package.json
└── tsconfig.json
and in the
pulumi/index.ts
import * as gcp from './gcp'

export let devKubeconfig = gcp.devKubeconfig
My problem is that none of resources in the
pulumi/k8s/
dir are getting picked up by pulumi when i run
pulumi up
. If I import the resources and then export one of them in the
pulumi/index.ts
then they show up. Trying to figure out what I am doing wrong
c

cuddly-barista-79466

06/24/2019, 3:15 PM
we use this NPM Package for Environment configs within Pulumi https://www.npmjs.com/package/config
And the more specific implementation of it is managed by setting a pulumi config variable on the stack which is used by the NPM Config package referenced here: https://github.com/lorenwest/node-config/wiki/Environment-Variables#node_config_env
g

gentle-diamond-70147

06/24/2019, 4:18 PM
@early-match-56268 you must import your k8s resources from somewhere in your application. They will not automatically be picked up in sub-directories. Also, you must use an exported object otherwise Node will "optimize" it away as unused. This is explained in more detail at https://www.typescriptlang.org/docs/handbook/modules.html#optional-module-loading-and-other-advanced-loading-scenarios.
e

early-match-56268

06/25/2019, 12:44 AM
thanks, did not know about the unused optimization. exporting the resources fixes the issue
👍 1
g

gentle-diamond-70147

06/25/2019, 1:17 AM
It confused me at first too. 🙂
View count: 1