https://pulumi.com logo
Join the conversationJoin Slack
Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-cdk
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumi-service
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Powered by Linen
typescript
  • m

    microscopic-cpu-38113

    06/06/2022, 12:33 PM
    I am trying to implement Crossguard here, my use case is to block any resource deletion or IAM rules changes. Is there a way to allow human review on the Pulumi plan result and decide approve or reject? From the examples given in the website, it seems that the only way to get rid of the error is to remove the code changes completely
    b
    • 2
    • 1
  • m

    microscopic-cpu-38113

    06/06/2022, 1:39 PM
    Suppose if I don't subscribe to Pulumi Business Critical plan, does it mean the policy check will be done locally for which the
    --policy-pack <path-to-policy-pack-directory>
    has to be supplied in the pulumi up command? In this case, seems like anyone can just alter the policies in the directory and then get their changes applied? Secondly, it seems that the Github Actions for Pulumi doesn't support policy-pack option yet, which means the policy won't be able to be enforced if the workflow is executed via Github Actions?
    b
    • 2
    • 1
  • h

    hundreds-egg-46465

    06/07/2022, 8:52 AM
    The current release version of the pulumi sdk (3.11.2) contains protobufjs which is affected by https://security.snyk.io/vuln/SNYK-JS-PROTOBUFJS-2441248 Currently the code on master does not contain this vulnerability, is there any chance for a release soon to patch this?
    b
    • 2
    • 1
  • r

    refined-terabyte-65361

    06/07/2022, 10:50 PM
    Hello i have pulumi.ComponentResource called(Application) defined in a git repo A i want to import that ComponentResource into git repo B something like import { Application} from "git repo ";
    b
    l
    • 3
    • 7
  • w

    wooden-tailor-35438

    06/08/2022, 3:37 AM
    Anyone work with Databricks yet? I'm getting the following error
    cannot create mws vpc endpoint: ENDPOINT_NOT_FOUND: Invalid endpoint
    for my vpc, when using
    databricks.MwsVpcEndpoint()
    ... but that same endpoint works with
    aws.ec2.VpcEndpoint.get()
  • b

    brief-vr-24049

    06/10/2022, 4:45 AM
    Apologies if I'm doing something really dumb here, but I'm trying to create a
    k8s.Provider
    with a
    kubeconfig
    that is an
    Output<string>
    (from a kubernetes cluster dynamic resource). The
    k8s.Provider
    seems to accept a type
    Input<string>
    for
    kubeconfig
    but when I then try to use this provider with a
    k8s.yaml.ConfigFile
    , I get the error:
    error: TypeError: Cannot read property 'map' of undefined
    from
    @pulumi\yaml\yaml.ts:2993:14
    . The problem goes away if I use a
    string
    for
    kubeconfig
    instead, but I can't do that in this case because the cluster isn't created yet. It looks like I could work around this by putting this all in an
    .apply
    , but then I'm allocating resources in an apply which seems like a bad idea? Is this possible to do/am I doing something wrong?
    l
    h
    b
    • 4
    • 50
  • a

    ancient-car-89914

    06/15/2022, 3:55 PM
    am I missing something, or is the digitalocean VolumeAttachmentArgs just wrongly typed? droplet IDs seem to be strings, but this demands a number
    l
    • 2
    • 2
  • p

    polite-napkin-90098

    06/16/2022, 5:46 PM
    I use an AWS ec2 instance as my workstation, it has 2GiB memory, but node is using all of it when I run pulumi up which is causing the box to lock-up as there is no swap. I can increase the instance size and/or add a swap drive to it, but is this normal? I didn't expect composing some yaml to stuff in to an api to use that much memory.
    😲 1
  • s

    salmon-rose-18548

    06/17/2022, 2:17 AM
    anyone else face this? https://github.com/pulumi/pulumi-kubernetes-ingress-nginx/issues/13
    s
    • 2
    • 2
  • s

    salmon-rose-18548

    06/17/2022, 2:48 AM
    I ended up installing a helm release instead
  • b

    brief-fall-32292

    06/17/2022, 7:25 PM
    Hey everyone 👋 . Apologies in advance if this isn't exactly the right channel to share this in. If you've been wishing for typesafe `StackReference`s, this post might be of some use: https://ersenal.com/posts/pulumi-micro-stack/
    👍 1
    q
    s
    • 3
    • 2
  • a

    able-school-65565

    06/24/2022, 8:55 PM
    hello friends, I've got this weird error trying to pull an image from docker via pulumi
    // index.ts
    const image = new docker.RemoteImage("ubuntuimage", {
      name: "ubuntu:latest"
    });
    
    const container = new docker.Container(`node-${args.nodeNum}`, {
          image: image.id,
    });
    error
    docker:index:Container (node-0):
        error: 1 error occurred:
            * Unable to create container with image sha256:27941809078cc9b2802deb2b0bb6feed6c236cde01e487f200e24653533701eeubuntu:latest: unable to pull image sha256:27941809078cc9b2802deb2b0bb6feed6c236cde01e487f200e24653533701eeubuntu:latest: error pulling image sha256:27941809078cc9b2802deb2b0bb6feed6c236cde01e487f200e24653533701eeubuntu:latest: invalid reference format
    ✅ 1
    b
    • 2
    • 4
  • a

    able-school-65565

    06/24/2022, 8:56 PM
    the sha is getting concated with the image name and screwing everything up
  • w

    wonderful-bird-78843

    06/26/2022, 9:54 PM
    Hey awesome Pulumi people! 👋 I'd really like to set a specific provider (so I can specify a region) for a aws.lambda.CallBackFunction, but that doesn't seem to be allowed? Am I holding it wrong?
    requestsSns.onEvent(`foo-runner-${region}`, new aws.lambda.CallbackFunction(`foo-runner-func-${region}`, {
        callback: async (ev, ctx) => { ... },
        runtime: "nodejs14.x",
        provider: provider,
    }));
    b
    • 2
    • 6
  • f

    full-truck-60641

    06/27/2022, 5:46 AM
    Hi foks Can anyone give me a tip how to get around this 403
    pulumi plugin install resource aws v2.13.1
    [resource plugin aws-2.13.1] installing
    error: [resource plugin aws-2.13.1] downloading from : 403 HTTP error fetching plugin from <https://get.pulumi.com/releases/plugins/pulumi-resource-aws-v2.13.1-darwin-arm64.tar.gz>
    👀 1
    l
    b
    • 3
    • 4
  • l

    limited-laptop-54862

    06/29/2022, 8:11 AM
    Hey pulumi gang, I’m hoping someone has an explanation for some weird output issue I’m seeing with my example stack below:
    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    import * as k8s from "@pulumi/kubernetes";
    
    let config = new pulumi.Config();
    
    const dbUser = new gcp.sql.User(
        "users",
        {
            name: "testUser",
            instance: "my-instance",
            password: config.requireSecret("secret-db-password"),
        }
    );
    
    const deployment = new k8s.apps.v1.Deployment("my-test-app", {
        apiVersion: "apps/v1",
        kind: "Deployment",
        metadata: {
            name: "my-test-app",
        },
        spec: {
            selector: {
                matchLabels: {
                    app: "my-test-app",
                },
            },
            template: {
                spec: {
                    containers: [
                        {
                            env: [
                                {
                                    name: "SECRET_DB_PASS",
                                    value: config.requireSecret("secret-db-password"),
                                },
                            ],
                            name: "my-test-app",
                        },
                    ],
                },
            },
        },
    });
    
    export const databaseUser = dbUser.name;
    export const deploymentName = deployment.metadata.name;
    I’m trying to figure out why the
    deploymentName
    output is marked as
    [secret]
    while the
    databaseUser
    output isn’t. My original assumption was that Pulumi’s
    Output
    unwrapping might just be marking things as secret if they’re constructed with a secret (
    config.requireSecret("secret-db-password")
    in this case), however this doesn’t seem to be the case given that the
    databaseUser
    output isn’t marked as
    [secret]
    . Any idea what might be happening here? Is this behaviour unique to the output of kubernetes deployments?
    w
    • 2
    • 5
  • c

    crooked-laptop-67565

    06/30/2022, 12:18 AM
    Hi, I'm trying to create a VPC via Crosswalk, to use with a new EKS cluster. However the example code from the docs doesn't compile:
    import * as awsx from "@pulumi/awsx";
    import * as eks from "@pulumi/eks";
    
    // Create a VPC for our cluster.
    const vpc = new awsx.ec2.Vpc("my-vpc");
  • c

    crooked-laptop-67565

    06/30/2022, 12:27 AM
    It does compile if I pass some basic config, such as explicitly setting the
    cidrBlock
    argument to what it's supposed to default to
    const vpc = new awsx.ec2.Vpc("my-vpc", { cidrBlock: "10.0.0.0/16" });
  • b

    best-appointment-51810

    07/01/2022, 6:33 PM
    Hello I’m aws able to create a cluster linode k8s cluster but now I’m getting this error when I try to use the kubeconfig on the next steps:
    error: configured Kubernetes cluster is unreachable: failed to parse kubeconfig data in `kubernetes:config:kubeconfig`- couldn't get version/kind; json parse error: json: cannot unmarshal string into Go value of type struct { APIVersion string "json:\"apiVersion,omitempty\""; Kind string "json:\"kind,omitempty\"" }
  • b

    best-appointment-51810

    07/01/2022, 6:34 PM
    This is the code that creates the cluster:
    const procCluster = new linode.LkeCluster(label(date), {
        k8sVersion: "1.23",
        label: date,
        pools: [{
            count: 3,
            // <https://api.linode.com/v4/linode/types>
            type: "g6-standard-2",
        }],
        region: "us-central",
        tags: ["prod"],
    });
  • b

    best-appointment-51810

    07/01/2022, 6:35 PM
    and where I try to use the kubctl on the provider:
    const lkeProvider = new k8s.Provider("date", {
        kubeconfig: procCluster.kubeconfig
    })
  • m

    modern-evening-83482

    07/05/2022, 8:42 PM
    Hello Everyone, Is there a way to add a new capacity provider to an ECS cluster backed by ASG to an already existing ecs cluster that has a capacity provider.
  • w

    white-house-70500

    07/11/2022, 5:27 PM
    👋 Hello, team!
  • w

    white-house-70500

    07/11/2022, 5:30 PM
    I'm looking for a little help / handholding. I'm wanting to use pulumi to create a stack based on docker-compose using aws fargate and images from a private repository. Has anyone got any samples or tutorials they can point me in the direction of ? There is so many options, and I've tried aws, ecs-cli, co-pilot etc and am hoping the pulumi will be the magic sauce 😉 Most of the samples I've found so far have been for very basic single-image stacks and mine unfortunately is a little more compilcated 😉
    c
    • 2
    • 3
  • n

    nice-plastic-94318

    07/12/2022, 9:11 AM
    I am trying to read data from an external source (I have created earlier in the pipeline) in Typescript and based on that build the pulumi with state (from the external source where I have customers and users) for the resources needed for each user and customer. I will then only call the Pulumi Pipeline when changes happen. Is it possible at all ? I have not gotten it to work but it might be something I am missing. Mainly it is from index.ts call the async function and get that to work. Is there any example of something like this ? #typescript
    a
    s
    • 3
    • 6
  • w

    wooden-hydrogen-21594

    07/12/2022, 8:57 PM
    Hello everyone 👋 I couldn't find example in TS how to set up Route53 / ALB / ECS / Fargate / RDS in VPC with needed SGs. Could anyone share such example?
  • a

    able-engineer-79880

    07/14/2022, 4:42 AM
    Using Pulumi Outputs as a string input is breaking my brain... It should be simple and I've tried using concat, interpolate and .apply but nothing seems to allow me to access the string of the output. How do I take an output of a vnet id and pass it as a string to call another class? Here's my code
    import * as pulumi from "@pulumi/pulumi";
    import { ComponentResource, Input, Output } from "@pulumi/pulumi";
    import * as azure_native from "@pulumi/azure-native";
    import * as azure from "@pulumi/azure";
    import { roleAssignment } from "../roleAssignment/roleAssignment";
    
    let config= new pulumi.Config('env')
    
    export class virtualNetwork {
        constructor(name: string) {
            const dpc_vnet_aue_001 = new azure.network.VirtualNetwork(name+"-aue-"+config.require('index'), {
                addressSpaces:
                    config.requireObject(name+'-vnetrange'),
                location: config.require('location'),
                name: name+"-"+config.require('envid')+"-aue-"+config.require('index'),
                resourceGroupName: "dpc-spi-networking-"+config.require('envid')+"-rg-aue-"+config.require('index'),
            }, {
                protect: true,
            });
            const vnet_id = dpc_vnet_aue_001.id
            const aadplatforms_networkContributor = new roleAssignment(name+"aadplatforms_networkContributor", {
                principleId: config.require('aadplatforms'),
                principleType: "Group",
                roleDefinition: config.require('networkContributor'),
                //scope: pulumi.concat `${dpc_vnet_aue_001.id}`,
                //scope: vnet_id,
                scope: dpc_vnet_aue_001.id
            }
            )
        }   
    }
    I've commented some previous attempts but vscode just tells me that what I'm passing isn't a string.
    l
    s
    • 3
    • 11
  • a

    agreeable-window-77899

    07/14/2022, 9:34 AM
    Hello folks, I need some advice on the right way to use Pulumi
    StackReference
    My scenario is as follows: 1. I have a base infrastructure project where I have created some common AWS resources like VPC, RDS, Fargate cluster etc. Resource creation is working fine in this base project. The fargate cluster is created like this
    // Create new fargate cluster for running containers
    export const fargateCluster = new awsx.ecs.Cluster(
      `foo-bar`,
      {
        vpc: vpc,
        securityGroups: [fargateSecurityGroup],
      }
    );
    2. Now i want to import this Fargate cluster in another Pulumi project so that I can create new Fargate services and task definitions on top this common cluster. I'm doing this to accomplish that
    // Get resources from infra-base
    const baseInfra = new pulumi.StackReference(
      `blah/blah/blah`
    );
    
    // Get fargate cluster from base infra
    const fargateCluster = baseInfra.getOutput("fargateCluster");
    
    // Define the fargate service and task definitions
    const service = new awsx.ecs.FargateService(`blah blah`, {
      cluster: (fargateCluster as unknown as awsx.ecs.Cluster) || undefined,
      name: `blah blah`,
      desiredCount: 1,
      taskDefinitionArgs: { ... },
      },
    });
    When i try to do
    pulumi up
    I get this error
    TypeError: this.cluster.autoScalingGroups.map is not a function
            at new Service (/Users/amal/rasa/tooling/infra-app/node_modules/@pulumi/ecs/service.ts:60:55)
            at new FargateService (/Users/amal/rasa/tooling/infra-app/node_modules/@pulumi/ecs/fargateService.ts:216:9)
            at Object.<anonymous> (/Users/amal/rasa/tooling/infra-app/index.ts:103:17)
            at Module._compile (node:internal/modules/cjs/loader:1103:14)
            at Module.m._compile (/Users/amal/rasa/tooling/infra-app/node_modules/ts-node/src/index.ts:439:23)
            at Module._extensions..js (node:internal/modules/cjs/loader:1157:10)
            at Object.require.extensions.<computed> [as .ts] (/Users/amal/rasa/tooling/infra-app/node_modules/ts-node/src/index.ts:442:12)
            at Module.load (node:internal/modules/cjs/loader:981:32)
            at Function.Module._load (node:internal/modules/cjs/loader:822:12)
            at Module.require (node:internal/modules/cjs/loader:1005:19)
    What is the right way to do this? Any help is much appreciated.
    a
    c
    • 3
    • 10
  • k

    kind-room-82948

    07/14/2022, 6:19 PM
    Anyone have any performance tips for larger stacks? We've got a couple stacks with 1000+ objects with a mix of GCP and K8s objects and running a refresh+up can take 10-15 minutes at this point. Doesn't seem to be specific to certain objects either since all stacks are different. I've run the debug tracing and haven't been able to get much out of that yet.
    w
    • 2
    • 13
  • m

    millions-thailand-49227

    07/15/2022, 5:46 PM
    👋 Folks, I’m new to pulumi. My goal is to write out an ssh config file based on an array of instances that I’ve created. Can someone please point me to the correct way of writing this array of Output interpolated strings to a file?
    export const sshConfigFragments = instances.map((instance) => {
      return pulumi.interpolate`Host ${instance.tagsAll["Name"]}
        HostName ${instance.privateIp}
        User ec2-user
        UserKnownHostsFile /dev/null
        StrictHostKeyChecking no
    `;
    });
    c
    • 2
    • 6
Powered by Linen
Title
m

millions-thailand-49227

07/15/2022, 5:46 PM
👋 Folks, I’m new to pulumi. My goal is to write out an ssh config file based on an array of instances that I’ve created. Can someone please point me to the correct way of writing this array of Output interpolated strings to a file?
export const sshConfigFragments = instances.map((instance) => {
  return pulumi.interpolate`Host ${instance.tagsAll["Name"]}
    HostName ${instance.privateIp}
    User ec2-user
    UserKnownHostsFile /dev/null
    StrictHostKeyChecking no
`;
});
c

clever-sunset-76585

07/15/2022, 5:46 PM
What is the type of
instances
? And are you wanting to write the file to your local machine?
m

millions-thailand-49227

07/15/2022, 5:47 PM
instances is an array of
new aws.ec2.Instance
Yes, I want to write the file to my local machine
c

clever-sunset-76585

07/15/2022, 5:59 PM
Something like this should work:
pulumi.all(sshConfigFragments).apply(f => fs.writeFileSync("~/.ssh/config", f.join("\n\n")));
🙌 1
You'll have an array of
Output
values that you need to wait on and
pulumi.all
does that. Similar to
Promise.all
. Note that
pulumi
in my snippet is just an import alias for
@pulumi/pulumi
.
...and
fs
is an import alias for Node's native
fs
module.
m

millions-thailand-49227

07/15/2022, 6:49 PM
Thanks @clever-sunset-76585! This worked!
😛artypus: 1
View count: 5