https://pulumi.com logo
Docs
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
typescript
  • f

    fierce-camera-61577

    07/11/2021, 6:46 AM
    If anyone has ever tried to modularize their Pulumi project and organize the code better than just a single big
    index.ts
    file, and also organize it so that infrastructure definition is separate from “runtime” application (e.g. Lambda code), you may have encountered issues with either compiling (module not found) or runtime (tslib not found) because you didn’t have all your runtime application code in the same part of the directory tree as the infrastructure code, and used
    import
    to either non-relative or
    ../
    paths.
    p
    d
    e
    • 4
    • 13
  • c

    curved-pharmacist-41509

    07/12/2021, 6:37 AM
    Hey team, I am on a typescript compilation speed investigation again and there are some small things which could really make a huge difference to Pulumi projects if people wanted opt in once the underlying issues were fixed. Is anyone from the team interested in working with me to get these sorted? https://github.com/pulumi/pulumi-aws/issues/772 and https://github.com/pulumi/pulumi-aws/pull/1015 are key PRs to this happening. I fixed the issues in the AWS sdk ages ago so deep imports now really speed up compilation there. But because Pulumi imports the aws-sdk I can’t get any of those benefits in projects which use Pulumi
    b
    • 2
    • 3
  • g

    green-pencil-17360

    07/12/2021, 6:13 PM
    Hello, I am creating the code pipeline using Typescript.
    stages: [
            {
                name: "Source",
                actions: [{
                    name: "Source",
                    category: "Source",
                    owner: "ThirdParty",
                    provider: "Github",
                    version: "1",
                    outputArtifacts: ["source_output"],
                    configuration: {
                        ConnectionArn: "",
                        FullRepositoryId: "",
                        BranchName: "develop",
                    },
                }],
            },
    Its returning me this error.
    Error creating CodePipeline: InvalidActionDeclarationException: ActionType (Category: 'Source', Provider: 'Github', Owner: 'ThirdParty', Version: '1') in action 'Source' is not available in region 'US_WEST_2'
    b
    • 2
    • 3
  • g

    green-pencil-17360

    07/12/2021, 6:14 PM
    Can anyone help me with this?
  • r

    refined-terabyte-65361

    07/12/2021, 7:48 PM
    Hi i am looking for example where we can pull docker images from dockerhub
    b
    • 2
    • 3
  • r

    refined-terabyte-65361

    07/12/2021, 7:49 PM
    i only see examples with build could not find anything related to pull images can someone help me to find docker api reference for pull
  • g

    green-daybreak-98726

    07/12/2021, 9:22 PM
    Team - I had to completely delete a stack due to some issues, however, when I try to recreate the stack, unfortunately the Secrets still exist due to AWS 30 day policy on deleting secrets. As a temp work around, I've had to rename those secret refs in my build so they create net new ones (adding a
    -new
    suffix for the time being). Can you think of any other way I might be able to work around an issue like this?
    b
    • 2
    • 2
  • g

    green-daybreak-98726

    07/13/2021, 1:29 AM
    follow-up question, I'm getting an error when creating lambdas that we've created before, saying that the request Entity is too large? Does this automatically get pushed to S3 if it's too big or do we have to orchestrate it?
    aws:lambda:Function (eu-west-2-dev-dbtester-func):
        error: 1 error occurred:
            * error creating Lambda Function: RequestEntityTooLargeException:
            status code: 413, request id: 84cfdf77-4668-4921-a3fd-8635f200245a
    d
    • 2
    • 4
  • l

    little-market-63455

    07/13/2021, 6:00 PM
    This is not a question but rather a discussion/feature-request. Don't know if this is the right place for it so bear with me please I have been using Pulumi with TypeScript for a while now and got familiar with the idioms and practices but I still find several related issues to result in "not so nice" code. 1. Pulumi with TypeScript lacks top-level await support which makes using
    async/await
    really awkward. you need to wrap the main code in an async funtion then call that from
    index.ts
    using the
    then/catch/finally
    syntax. Not the end of the world but truly annoying 2. You could wrap all async code in
    pulumi.output
    which is perfect for things that are resources or resource-like but not really needed for other async API calls 3. Certain things like IAM policies which are arguably part of almost every single AWS program don't support
    Input<T>
    properties. I don't want to create an independent IAM policy for every IAM role/user (mainly because that indicates they are re-usable and then you need to assign them an intuitive name) so I tend to use inline policies which suffer from the aforementioned problem. I feel either those should accept
    Input<T>
    or there should be dedicated
    IamInlinePolicyDocument
    type that does. Wrapping everything in
    all()/apply()
    is just resulting in ugly looking code when used excessively
    s
    h
    • 3
    • 8
  • r

    refined-terabyte-65361

    07/13/2021, 6:47 PM
    Hi I am trying to create ecr repo using pulumi typescript used basic example
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const foo = new aws.ecr.Repository("foo", {
        imageScanningConfiguration: {
            scanOnPush: true,
        },
        imageTagMutability: "MUTABLE",
    });
    but when my repo gets created i am expecting name to be foo but it creates repo with random id foo-719afa7 how to create repo without random id ?
    s
    • 2
    • 2
  • b

    breezy-butcher-78604

    07/14/2021, 5:57 AM
    was
    deleteBeforeReplace
    removed from resource options recently? I can't see it in the type declaration with
    @pulumi/pulumi
    v3.6.1
    ✅ 1
    h
    s
    • 3
    • 12
  • g

    green-daybreak-98726

    07/14/2021, 4:44 PM
    Is there any way for me to see exactly what's getting deployed to Lambda via "magic" callback functions?
    m
    • 2
    • 2
  • a

    ancient-eve-13947

    07/15/2021, 4:14 PM
    if I want to call an API after the regular pulumi deployments have happened, using some of the output properties of some resources, how would I go about this? More concretely: a) where do I put the code that is supposed to run after the resources have been created/updated? b) how can I use outputs in that code? c) can I somehow store custom state in Pulumi? or more generally: somehow use it's update/dependency mechanism so my API calls only execute when needed? background: I want to call the Graph API after an Azure B2C tenant has been created in order to create app registrations and upload custom policies?
    m
    • 2
    • 6
  • a

    acceptable-army-69872

    07/16/2021, 6:11 PM
    I'm trying to do something to get a "Map" of providers that I can use for populating other resource creation calls. The provider creation seems to work, but the Map stays empty and I can't use the providers anywhere.
    function createProviderMap(o_accounts: aws.organizations.Account[]): Map <string, aws.Provider> {
      let providerMap = new Map();
    
      o_accounts.map( o_account => {
        pulumi.all([o_account.id, o_account.name ]).apply ( ([id, name]) => {
          providerMap.set(name, new aws.Provider(`${id}-provider`, {
                        assumeRole: {
                            roleArn: `arn:aws:iam::${id}:role/OrganizationAccountAccessRole`,
                            sessionName: "PulumiSession",
                        },
                        profile: config_aws.require('profile'),
                        region: aws.config.requireRegion(),
                    }));
        });
      });
      console.log(providerMap);
    }
    I feel like I'm missing something big, but this is my first use of Map. Perhaps the issue is I'm creating the provider inside of a
    .all
    ...thoughts?
    s
    • 2
    • 18
  • r

    refined-terabyte-65361

    07/16/2021, 9:10 PM
    Hi I new to typescript i am trying to import a function but i am getting error below
    Import sources within a group must be alphabetized.
    import {ecr} from "./ecr/index";
    function:
    import * as aws from "@pulumi/aws";
    
    export  function ecr (ecrRepo : string){
        new aws.ecr.Repository( ecrRepo, {
            imageScanningConfiguration: {
                scanOnPush: true,
            },
            imageTagMutability: "MUTABLE",
            name: ecrRepo
    
        });
    
    }
    Can someone help me fix this Thanks
    a
    • 2
    • 2
  • r

    rough-window-15889

    07/17/2021, 9:16 PM
    Anyone have any advice for nice refractors in Pulumi code? The more I work in it the more I find myself balancing an acts between making it too yaml based by making objects in the environment yaml files which defeats some of the point of pulumi or maybe I’m overthinking. Anyone have any good examples of some clean refactors they’ve done that they’re proud of or would like to show off?
  • e

    elegant-crayon-4967

    07/19/2021, 7:37 PM
    curious if anyone has a good example TS code for creating resources if param was passed in or not and returning either the string returned, or the pulumi equivalent. For example, if in a config file a certificate arn is passed in, then use that cert arn when creating a cloudfront resource, but if the cert isn’t passed in, then create the cert and pass in the cert arn
    p
    d
    • 3
    • 5
  • e

    echoing-zebra-28421

    07/20/2021, 4:56 PM
    I have this example. It's one route with a method type post
    new aws.apigatewayv2.Route(
         test-route,
        {
          apiId: apigw.id,
          routeKey: "POST /api/pets",
          target: pulumi.interpolate`integrations/${integration.id}`,
        },
        { provider },
      );
    But, I need to create a route to pass a parameter to the endpoint
    new aws.apigatewayv2.Route(
         test-route,
        {
          apiId: apigw.id,
          routeKey: "GET /api/pets/3",
          target: pulumi.interpolate`integrations/${integration.id}`,
        },
        { provider },
      );
  • e

    echoing-zebra-28421

    07/20/2021, 4:58 PM
    How do I create the route that receives a parameter in the url of
    /api/pets/$id
    ?
    m
    • 2
    • 2
  • s

    stocky-france-59380

    07/22/2021, 1:20 AM
    Is this type of unmarshalling allowed?
    config:
      aws:region: us-east-1
      pulumi_node:application-dashboards:
      - namespace: api-platform
        topic:
        - ap-topic-1
        - ap-topic-2  
        applications:
        - name: template-api-reference
          topic:
          - tar-topic-1
          - tar-topic-2
        - name: msk-healthcheck-consumer
        - name: msk-healthcheck-producer
    let pulumiConfig = new pulumi.Config()
    let applicationDashboards = pulumiConfig.getObject<ApplicationDashboards[]>("application-dashboards")
    
    export interface ApplicationDashboards {
        namespace: string
        topic: string[]
        applications: {
            name: string
            topic: string[]
        }[]
    }
    This produces the output below
    console.log(JSON.stringify(applicationDashboards))
    console.log(applicationDashboards)
    [{"applications":[{"name":"template-api-reference","topic":["tar-topic-1","tar-topic-2"]},{"name":"msk-healthcheck-consumer"},{"name":"msk-healthcheck-producer"}],"namespace":"api-platform","topic":["ap-topic-1","ap-topic-2"]}]
        [
          {
            applications: [ [Object], [Object], [Object] ],
            namespace: 'api-platform',
            topic: [ 'ap-topic-1', 'ap-topic-2' ]
          }
        ]
    l
    • 2
    • 24
  • a

    astonishing-tiger-81216

    07/22/2021, 2:01 PM
    Is something like this possible with pulumi?
    const orgCertificate = new acm.Certificate('org-certificate', {
        domainName: orgZone.name,
        validationMethod: 'DNS'
    })
    
    let validationRecords: pulumi.Output<string>[] = []
    
    for (let i in orgCertificate.domainValidationOptions) {
        validationRecords.push(
            new route53.Record(`org-validation-record-${i}`, {
                name: orgCertificate.domainValidationOptions[i].resourceRecordName,
                type: orgCertificate.domainValidationOptions[i].resourceRecordType,
                records: [ orgCertificate.domainValidationOptions[i].resourceRecordValue ],
                zoneId: orgZone.zoneId,
                ttl: 60,
                allowOverwrite: true
            }).fqdn
        )
    }
    
    new acm.CertificateValidation('org-certificate-validation', {
        certificateArn: orgCertificate.arn,
        validationRecordFqdns: validationRecords
    })
    I get this error:
    error: Running program '/Users/mallison/workspace/gdsgroup/equiv/immersify' failed with an unhandled exception:
        Error: Missing required property 'name'
    at new Record (/Users/MYNAME/workspace/DIR/DIR/DIR/node_modules/@pulumi/route53/record.ts:246:23)
    ✅ 1
    w
    • 2
    • 3
  • g

    gifted-island-55702

    07/23/2021, 9:43 AM
    Hi. I have an issue with using an npm module that contains code of my dynamic provider (let’s call it
    my-provider
    ). I add it as a dependency in my pulumi program using git url (so I have
    "my-provider": "git+ssh……"
    in my pulumi program package.json). Now when I try to run
    pulumi up
    I’m getting:
    TypeError: Class constructor Resource cannot be invoked without 'new'
    . Both my provider module and my pulumi program tsconfig.json is the following:
    {
      "compilerOptions": {
        "strict": true,
        "outDir": "bin",
        "target": "es2016",
        "module": "commonjs",
        "moduleResolution": "node",
        "sourceMap": true,
        "experimentalDecorators": true,
        "pretty": true,
        "noFallthroughCasesInSwitch": true,
        "noImplicitReturns": true,
        "forceConsistentCasingInFileNames": true
      },
      "files": [
        "index.ts"
      ]
    }
    Any hints what I might be doing wrong?
    l
    • 2
    • 7
  • b

    busy-soccer-65968

    07/26/2021, 9:23 PM
    How do you all recommend installing CRDs. I found
    crd2pulumi
    which generates the types, but it seems to not install the CRD since 1.0.5 here . is there a recommended way to allow pulumi to control installing it as well as getting types.
    w
    • 2
    • 2
  • r

    refined-terabyte-65361

    07/27/2021, 12:40 AM
    Hi what does this mean
    config:
      foo:bar: dev
    i am see this in Pulumi.dev.yaml
    l
    • 2
    • 2
  • r

    refined-terabyte-65361

    07/27/2021, 12:45 AM
    how to access config from code ?
    l
    r
    • 3
    • 9
  • a

    astonishing-tiger-81216

    07/27/2021, 10:36 AM
    Hi, I have a function with a simple ternary expression that doesn’t work and always evals to true. Can anyone tell me where I’m going wrong?
    const iamId = (): (pulumi.Input<string> | pulumi.Output<string>) => {
                return account.name.apply(name => name.includes('iam')) ? account.id : args.iamAccountId
            }
    l
    • 2
    • 8
  • r

    refined-terabyte-65361

    07/27/2021, 6:59 PM
    Hi I am working with existing pulumi project where i see
    Pulumi.dev.yaml
    Pulumi.test.yaml
    Pulumi.prod.yaml
    and
    index.ts
    in pulumi.foo.yaml file there are some variables which are being used by index.ts how does pulumi know where to access variable from eg: there is a variable present in all 3 files Pulumi.dev.yaml
    foo:project: dev
    Pulumi.test.yaml
    foo:project: test
    Pulumi.prrod.yaml
    foo:project: prod
    how does pulumi up know where to get the variable from ?
    b
    b
    • 3
    • 6
  • r

    refined-terabyte-65361

    07/28/2021, 7:45 PM
    Hi how to check more info on pulumi errors ?
    r
    • 2
    • 2
  • r

    refined-terabyte-65361

    07/28/2021, 9:09 PM
    Hi i accidentally cancelled pulumi deployment i tried to export the state and import it but now my stack is all messed up its referencing old pending_operations names all over the stack how to clean up pulumi stack and redo deployment from scratch ? i tried to remove the stack completely, by running 'pulumi stack rm but dint help
    l
    m
    +2
    • 5
    • 6
  • l

    little-whale-73288

    07/29/2021, 2:21 PM
    Hello, what's the kosher way to put
    Output<string>
    into
    aws.iam.GetPolicyDocumentArgs
    ? this attempt:
    const policy = aws.iam.getPolicyDocument({statements: [{
        actions: ["sts:AssumeRoleWithWebIdentity"],
        principals: [{
            identifiers: [bitbucket.oidcProvider.arn], // this is line 14
            type: "Federated",
        }],
        condition: {
            test: "StringLike",
            variable: bitbucket.oidcProvider.url.apply(url => `${url.replace("https://", "")}:sub`),
            values: ["...."],
        }
    }]})
    results in:
    pulumi.ts(14,23): error TS2322: Type 'Output<string>' is not assignable to type 'string'.
    a
    e
    +2
    • 5
    • 12
Powered by Linen
Title
l

little-whale-73288

07/29/2021, 2:21 PM
Hello, what's the kosher way to put
Output<string>
into
aws.iam.GetPolicyDocumentArgs
? this attempt:
const policy = aws.iam.getPolicyDocument({statements: [{
    actions: ["sts:AssumeRoleWithWebIdentity"],
    principals: [{
        identifiers: [bitbucket.oidcProvider.arn], // this is line 14
        type: "Federated",
    }],
    condition: {
        test: "StringLike",
        variable: bitbucket.oidcProvider.url.apply(url => `${url.replace("https://", "")}:sub`),
        values: ["...."],
    }
}]})
results in:
pulumi.ts(14,23): error TS2322: Type 'Output<string>' is not assignable to type 'string'.
a

astonishing-tiger-81216

07/29/2021, 2:27 PM
Hey @little-whale-73288, This one feels familiar from vague memories. Could you try?
identifiers: [bitbucket.oidcProvider.arn.apply(arn => arn)],
I’m afraid that’s my best guess right now.
l

little-whale-73288

07/29/2021, 2:28 PM
@astonishing-tiger-81216 nope, it's still not a string 😞.
a

astonishing-tiger-81216

07/29/2021, 2:32 PM
Ah ok. Sorry. Better leave it to someone more capable. Can’t think why and don’t want to suggest casting which feels wrong for some reason. Good luck 🤞
l

little-whale-73288

07/29/2021, 2:41 PM
thanks 🙂
this seems to be working, but meh:
assumeRolePolicy: bitbucket.oidcProvider.arn.apply(
        providerArn => pulumi.all([bitbucket.oidcProvider.arn, bitbucket.oidcProvider.url]).apply(
            ([arn, url]) =>
            aws.iam.getPolicyDocument({statements: [{
                actions: ["sts:AssumeRoleWithWebIdentity"],
                principals: [{
                    identifiers: [arn],
                    type: "Federated",
                }],
                conditions: [{
                    test: "StringLike",
                    variable: `${url.replace("https://", "")}:sub`,
                    values: ["..."],
                }],
            }]}).then(doc => doc.json)
        )
    )
👍 1
then the diff is useless:
assumeRolePolicy   : output<string>
e

echoing-actor-55539

07/29/2021, 3:59 PM
try something like this
identifiers: [pulumi.interpolate`{bitbucket.oidcProvider.arn}`]
👍 1
☝️ 1
c

clever-sunset-76585

07/29/2021, 4:32 PM
@echoing-actor-55539’s right.
pulumi.interpolate
is your friend for these sorts of things when using JS/TS. So try:
identifiers: [pulumi.interpolate`${bitbucket.oidcProvider.url.replace("https://", "")}:sub`]
Oh I misread the error message. The problem is that
identifiers
doesn’t take an
Output<string>
. So yeah you will need to use an outer
apply
to get the plain string value. As for the string interpolation you are doing inside
variable
you could use
pulumi.interpolate
for such.
l

little-cartoon-10569

07/29/2021, 10:39 PM
In this case you should cast to PolicyDocument, not use the
getPolicyDocument()
function. (Code untested.. I'm particularly not confident in the LHS of the condition...)
Untitled.ts
This means that you don't need
apply()
to generate the document. You only need
apply()
to transform fields. Or in this case,
pulumi.interpolate
.
c

clever-sunset-76585

07/29/2021, 10:43 PM
Yeah I guess what was the reason for using
aws.iam.getPolicyDocument
@little-whale-73288. If it was to simply construct a policy document that you can use with a
Policy
resource, you could just use the
aws.iam.PolicyDocument
type as @little-cartoon-10569 suggests. That is overall better than trying to encapsulate everything inside an
apply
.
View count: 1