microscopic-cpu-38113
06/06/2022, 1:39 PM--policy-pack <path-to-policy-pack-directory>
has to be supplied in the pulumi up command? In this case, seems like anyone can just alter the policies in the directory and then get their changes applied? Secondly, it seems that the Github Actions for Pulumi doesn't support policy-pack option yet, which means the policy won't be able to be enforced if the workflow is executed via Github Actions?hundreds-egg-46465
06/07/2022, 8:52 AMrefined-terabyte-65361
06/07/2022, 10:50 PMwooden-tailor-35438
06/08/2022, 3:37 AMcannot create mws vpc endpoint: ENDPOINT_NOT_FOUND: Invalid endpoint
for my vpc, when using databricks.MwsVpcEndpoint()
... but that same endpoint works with aws.ec2.VpcEndpoint.get()
brief-vr-24049
06/10/2022, 4:45 AMk8s.Provider
with a kubeconfig
that is an Output<string>
(from a kubernetes cluster dynamic resource). The k8s.Provider
seems to accept a type Input<string>
for kubeconfig
but when I then try to use this provider with a k8s.yaml.ConfigFile
, I get the error: error: TypeError: Cannot read property 'map' of undefined
from @pulumi\yaml\yaml.ts:2993:14
. The problem goes away if I use a string
for kubeconfig
instead, but I can't do that in this case because the cluster isn't created yet.
It looks like I could work around this by putting this all in an .apply
, but then I'm allocating resources in an apply which seems like a bad idea? Is this possible to do/am I doing something wrong?ancient-car-89914
06/15/2022, 3:55 PMpolite-napkin-90098
06/16/2022, 5:46 PMsalmon-rose-18548
06/17/2022, 2:17 AMsalmon-rose-18548
06/17/2022, 2:48 AMbrief-fall-32292
06/17/2022, 7:25 PMable-school-65565
06/24/2022, 8:55 PM// index.ts
const image = new docker.RemoteImage("ubuntuimage", {
name: "ubuntu:latest"
});
const container = new docker.Container(`node-${args.nodeNum}`, {
image: image.id,
});
error
docker:index:Container (node-0):
error: 1 error occurred:
* Unable to create container with image sha256:27941809078cc9b2802deb2b0bb6feed6c236cde01e487f200e24653533701eeubuntu:latest: unable to pull image sha256:27941809078cc9b2802deb2b0bb6feed6c236cde01e487f200e24653533701eeubuntu:latest: error pulling image sha256:27941809078cc9b2802deb2b0bb6feed6c236cde01e487f200e24653533701eeubuntu:latest: invalid reference format
able-school-65565
06/24/2022, 8:56 PMwonderful-bird-78843
06/26/2022, 9:54 PMrequestsSns.onEvent(`foo-runner-${region}`, new aws.lambda.CallbackFunction(`foo-runner-func-${region}`, {
callback: async (ev, ctx) => { ... },
runtime: "nodejs14.x",
provider: provider,
}));
full-truck-60641
06/27/2022, 5:46 AMpulumi plugin install resource aws v2.13.1
[resource plugin aws-2.13.1] installing
error: [resource plugin aws-2.13.1] downloading from : 403 HTTP error fetching plugin from <https://get.pulumi.com/releases/plugins/pulumi-resource-aws-v2.13.1-darwin-arm64.tar.gz>
limited-laptop-54862
06/29/2022, 8:11 AMimport * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as k8s from "@pulumi/kubernetes";
let config = new pulumi.Config();
const dbUser = new gcp.sql.User(
"users",
{
name: "testUser",
instance: "my-instance",
password: config.requireSecret("secret-db-password"),
}
);
const deployment = new k8s.apps.v1.Deployment("my-test-app", {
apiVersion: "apps/v1",
kind: "Deployment",
metadata: {
name: "my-test-app",
},
spec: {
selector: {
matchLabels: {
app: "my-test-app",
},
},
template: {
spec: {
containers: [
{
env: [
{
name: "SECRET_DB_PASS",
value: config.requireSecret("secret-db-password"),
},
],
name: "my-test-app",
},
],
},
},
},
});
export const databaseUser = dbUser.name;
export const deploymentName = deployment.metadata.name;
I’m trying to figure out why the deploymentName
output is marked as [secret]
while the databaseUser
output isn’t. My original assumption was that Pulumi’s Output
unwrapping might just be marking things as secret if they’re constructed with a secret (config.requireSecret("secret-db-password")
in this case), however this doesn’t seem to be the case given that the databaseUser
output isn’t marked as [secret]
. Any idea what might be happening here? Is this behaviour unique to the output of kubernetes deployments?crooked-laptop-67565
06/30/2022, 12:18 AMimport * as awsx from "@pulumi/awsx";
import * as eks from "@pulumi/eks";
// Create a VPC for our cluster.
const vpc = new awsx.ec2.Vpc("my-vpc");
crooked-laptop-67565
06/30/2022, 12:27 AMcidrBlock
argument to what it's supposed to default to
const vpc = new awsx.ec2.Vpc("my-vpc", { cidrBlock: "10.0.0.0/16" });
best-appointment-51810
07/01/2022, 6:33 PMerror: configured Kubernetes cluster is unreachable: failed to parse kubeconfig data in `kubernetes:config:kubeconfig`- couldn't get version/kind; json parse error: json: cannot unmarshal string into Go value of type struct { APIVersion string "json:\"apiVersion,omitempty\""; Kind string "json:\"kind,omitempty\"" }
best-appointment-51810
07/01/2022, 6:34 PMconst procCluster = new linode.LkeCluster(label(date), {
k8sVersion: "1.23",
label: date,
pools: [{
count: 3,
// <https://api.linode.com/v4/linode/types>
type: "g6-standard-2",
}],
region: "us-central",
tags: ["prod"],
});
best-appointment-51810
07/01/2022, 6:35 PMconst lkeProvider = new k8s.Provider("date", {
kubeconfig: procCluster.kubeconfig
})
modern-evening-83482
07/05/2022, 8:42 PMwhite-house-70500
07/11/2022, 5:27 PMwhite-house-70500
07/11/2022, 5:30 PMnice-plastic-94318
07/12/2022, 9:11 AMwooden-hydrogen-21594
07/12/2022, 8:57 PMable-engineer-79880
07/14/2022, 4:42 AMimport * as pulumi from "@pulumi/pulumi";
import { ComponentResource, Input, Output } from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
import * as azure from "@pulumi/azure";
import { roleAssignment } from "../roleAssignment/roleAssignment";
let config= new pulumi.Config('env')
export class virtualNetwork {
constructor(name: string) {
const dpc_vnet_aue_001 = new azure.network.VirtualNetwork(name+"-aue-"+config.require('index'), {
addressSpaces:
config.requireObject(name+'-vnetrange'),
location: config.require('location'),
name: name+"-"+config.require('envid')+"-aue-"+config.require('index'),
resourceGroupName: "dpc-spi-networking-"+config.require('envid')+"-rg-aue-"+config.require('index'),
}, {
protect: true,
});
const vnet_id = dpc_vnet_aue_001.id
const aadplatforms_networkContributor = new roleAssignment(name+"aadplatforms_networkContributor", {
principleId: config.require('aadplatforms'),
principleType: "Group",
roleDefinition: config.require('networkContributor'),
//scope: pulumi.concat `${dpc_vnet_aue_001.id}`,
//scope: vnet_id,
scope: dpc_vnet_aue_001.id
}
)
}
}
I've commented some previous attempts but vscode just tells me that what I'm passing isn't a string.agreeable-window-77899
07/14/2022, 9:34 AMStackReference
My scenario is as follows:
1. I have a base infrastructure project where I have created some common AWS resources like VPC, RDS, Fargate cluster etc. Resource creation is working fine in this base project.
The fargate cluster is created like this
// Create new fargate cluster for running containers
export const fargateCluster = new awsx.ecs.Cluster(
`foo-bar`,
{
vpc: vpc,
securityGroups: [fargateSecurityGroup],
}
);
2. Now i want to import this Fargate cluster in another Pulumi project so that I can create new Fargate services and task definitions on top this common cluster. I'm doing this to accomplish that
// Get resources from infra-base
const baseInfra = new pulumi.StackReference(
`blah/blah/blah`
);
// Get fargate cluster from base infra
const fargateCluster = baseInfra.getOutput("fargateCluster");
// Define the fargate service and task definitions
const service = new awsx.ecs.FargateService(`blah blah`, {
cluster: (fargateCluster as unknown as awsx.ecs.Cluster) || undefined,
name: `blah blah`,
desiredCount: 1,
taskDefinitionArgs: { ... },
},
});
When i try to do pulumi up
I get this error
TypeError: this.cluster.autoScalingGroups.map is not a function
at new Service (/Users/amal/rasa/tooling/infra-app/node_modules/@pulumi/ecs/service.ts:60:55)
at new FargateService (/Users/amal/rasa/tooling/infra-app/node_modules/@pulumi/ecs/fargateService.ts:216:9)
at Object.<anonymous> (/Users/amal/rasa/tooling/infra-app/index.ts:103:17)
at Module._compile (node:internal/modules/cjs/loader:1103:14)
at Module.m._compile (/Users/amal/rasa/tooling/infra-app/node_modules/ts-node/src/index.ts:439:23)
at Module._extensions..js (node:internal/modules/cjs/loader:1157:10)
at Object.require.extensions.<computed> [as .ts] (/Users/amal/rasa/tooling/infra-app/node_modules/ts-node/src/index.ts:442:12)
at Module.load (node:internal/modules/cjs/loader:981:32)
at Function.Module._load (node:internal/modules/cjs/loader:822:12)
at Module.require (node:internal/modules/cjs/loader:1005:19)
What is the right way to do this? Any help is much appreciated.kind-room-82948
07/14/2022, 6:19 PMmillions-thailand-49227
07/15/2022, 5:46 PMexport const sshConfigFragments = instances.map((instance) => {
return pulumi.interpolate`Host ${instance.tagsAll["Name"]}
HostName ${instance.privateIp}
User ec2-user
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
`;
});
able-hair-32695
07/16/2022, 1:13 AM