pulumi-community #typescript

bland-thailand-60821

09/27/2022, 8:18 PM

Does anyone have example or knows how to call shell script for installing in server creation ?

bland-thailand-60821

09/27/2022, 8:19 PM

Copy code

import * as pulumi from "@pulumi/pulumi";
import * as equinix_metal from "@pulumi/equinix-metal";
import * as fs from "fs";

const userData = fs.readFileSync('bs.sh','utf8');
const projectId = "xxx";
const testProjectSshKey = new equinix_metal.ProjectSshKey("testProjectSshKey", {
    publicKey: "ssh-rsa ",
    projectId: projectId,
});

const dsbasenode = new equinix_metal.Device("ds-base-node",{
  hostname: "ds-base-node",
  plan: "c3.small.x86",
  metro: "sv",
  operatingSystem: "ubuntu_20_04",
  billingCycle: "hourly",
  projectSshKeyIds: [testProjectSshKey.id],
  projectId: projectId,
  userData: fs.readFileSync('./basenode.sh'),
});
// Export the name of the project
export const dsbasenodeIP= dsbasenode.accessPublicIpv4;

bland-thailand-60821

09/27/2022, 8:19 PM

Copy code

const userData = fs.readFileSync('bs.sh','utf8'); 

userData: fs.readFileSync('./basenode.sh'),

Is above right way to call shell script @stocky-restaurant-98004 ?

stocky-account-72012

09/27/2022, 9:37 PM

hello everybody, i am pretty new to Pulumi and struggling with Outputs! i could use the help of all you experts. because i've got a lot to write, i'll stick this in a thread 🧵

green-bird-4706

09/28/2022, 12:35 AM

Hi everyone, I have a small existing project managed by Terragrunt/Terraform I am trying to migrate to Pulumi. I have tried to migrate us

tf2pulumi

but it doesn't support Terraform modules which we rely on heavily, so I abandoned that. I found a video on youtube of a livestream (

here▾

) that uses

tfstate

to import resources. I have tried to emulate that, I have this

resources.json

file:

Copy code

{
  "resources": [
    {
      "name": "lambda",
      "type": "AWS::Lambda::Function",
      "id": "ingestDataLambda"
    }
  ]
}

Which I just scraped out with JS. It was longer but I cut it down to importing one resource for simplicity. When I run

pulumi import -f resources.json --out index.ts

I get an error

Copy code

error: preview failed: failed to validate provider config: Could not automatically download and install resource plugin 'pulumi-resource-AWS'at version v5.16.0, install the plugin using `pulumi plugin install resource AWS v5.16.0`.
    Underlying error: error downloading plugin AWS to file: failed to download plugin: AWS-5.16.0: 403 HTTP error fetching plugin from <https://get.pulumi.com/releases/plugins/pulumi-resource-AWS-v5.16.0-linux-amd64.tar.gz>

I also get a

error when I run the

pulumi plugin install

. I have tried removing the

node_modules

folder and using

yarn

, using

Pulumi 3.38.0

and

Pulumi 3.40.2

. I am running:

Copy code

Description:    Debian GNU/Linux 9.13 (stretch)
Release:        9.13
Codename:       stretch

Inside Windows 11 WSL2. I have managed to deploy a simple S3 bucket to the AWS account so the Pulumi setup works, it just doesn't want to import for me. I have also tried reinstalling Pulumi on

Copy code

Description:    Ubuntu 20.04.5 LTS
Release:        20.04
Codename:       focal

But it has the exact same issue. I am currently running

v14.19.1

Thanks in advance for any help. I have searched this Slack channel and stack overflow but haven't found anything that will help.

some-continent-7311

09/28/2022, 10:21 AM

Hello all. I am writing a script that will create a GCP Cloud Storage bucket for each tenant fetched as an output from another stack. The script looks like this:

Copy code

import * as pulumi from "@pulumi/pulumi";
import { Output } from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

export = async () => {
	const environment = pulumi.getStack();
	const clusterConfig = new pulumi.StackReference(`xyz/cluster-config/${environment}`);
	const tenantIds = await clusterConfig.requireOutput("tenantIds").apply(value => value as string[]);
	const config = new pulumi.Config();
	const project = config.require('project');
	const location = config.require('location');
	const storageClass = config.require('storageClass');

	const bucketUrls = new Array();;

	for (let tenantId of tenantIds) {
		const tenantName = tenantId.split('-')[0];
		const bucketName = `xyz-${environment}-${tenantId}`;
		const bucket = new gcp.storage.Bucket(bucketName, {
			name: bucketName,
			project,
			location,
			storageClass,
			labels: {
				'tenant': tenantName,
				'env': environment,
			},
		});
		bucketUrls.push(bucket.url);
	}

	return {
		bucketUrls
	};
};

However, when I run

pulumi up

I get this error:

index.ts(16,23): error TS2488: Type 'Output<string[]>' must have a '[Symbol.iterator]()' method that returns an iterator

because of this line:

Copy code

const tenantIds = await clusterConfig.requireOutput("tenantIds").apply(value => value as string[]);

What’s the proper way to convert

Ouptput<any>

string[]

and iterate the list of strings?

aloof-leather-66267

09/30/2022, 3:54 AM

Is there a way to use Pulumi with Typescript v4? I would like to use newer TS features, such as

import type

thousands-area-40147

10/06/2022, 7:53 AM

Hello friends! Trying to import another project's config, but I'm a little stuck. What exactly is the

name

in the

pulumi.Config()

constructor? Documentation says:

name is the configuration bag's logical name and uniquely identifies it. The default is the name of the current project.

Is it simply the other project's name? To which of the .yaml files in the other project's directory would it refer then? Is it possibly to specify the stack? Thanks in advance! 🙏

green-bird-4706

10/07/2022, 2:33 AM

Howdy peeps. I'm new to Pulumi, I am having issues deploying. In my organisation I assume the role

PowerUserAccess

with

saml2aws

to the

test

account and Pulumi seems to be ok pick up the credentials from the

~/.aws/credentials

file and create resources. But I cannot create IAM policies with this role due to the policies on the role. We have another account -

control

that does our deployments for us. If I login to it with

saml2aws

and modify that stacks

pulumi.dev.yaml

file to have this:

Copy code

config:
  aws:assumeRole:
    roleArn: arn:aws:iam::<<test acc id>>:role/ExternalDeployer
  aws:region: ap-southeast-2
  prima-data-ingestion:vpcId:
    secure: <<VPC ID>>

When I

pulumi up

I get:

Copy code

error: Error: invocation of aws:kms/getKey:getKey returned an error: unable to validate AWS credentials. Make sure you have:

         • Set your AWS region, e.g. `pulumi config set aws:region us-west-2`
         • Configured your AWS credentials as per <https://pulumi.io/install/aws.html>
         You can also set these via cli using `aws configure`.


        at Object.callback (/home/rhys/projects/pulumi/deploy/node_modules/@pulumi/runtime/invoke.ts:159:33)
        at Object.onReceiveStatus (/home/rhys/projects/pulumi/deploy/node_modules/@grpc/grpc-js/src/client.ts:338:26)
        at Object.onReceiveStatus (/home/rhys/projects/pulumi/deploy/node_modules/@grpc/grpc-js/src/client-interceptors.ts:426:34)
        at Object.onReceiveStatus (/home/rhys/projects/pulumi/deploy/node_modules/@grpc/grpc-js/src/client-interceptors.ts:389:48)
        at /home/rhys/projects/pulumi/deploy/node_modules/@grpc/grpc-js/src/call-stream.ts:276:24
        at processTicksAndRejections (internal/process/task_queues.js:77:11)

If I run

aws configure

and set the

Access Key ID

and

Secret Access Key

, set the correct

region

and leave the output format as

None

it doesn't make any difference. I have also tried to put this information and the

token

into

~/.aws/credentials

and it still has the same issue? How do I get Pulumi to use the role for Deployments? In Terraform it was as simple as adding this block to the AWS provider:

Copy code

assume_role {
    role_arn = "arn:aws:iam::<<test acc id>>:role/ExternalDeployer"
  }

(and I use actual values

<<test acc id>>

- just not going to put them on Slack just fyi) Thanks in advance.

high-barista-92349

10/07/2022, 10:20 AM

Hi, I have a rather newbie question, please let me know if there's a better place to ask this. I'm trying to find the best dev workflow to run and test certain pulumi SDK API as I'm learning about what the API does. Specifically, how can I add breakpoints to my code, and how can I just run a small code snippets against pulumi SDK easily? For example, ideally I would just like to run the following code:

Copy code

import * as aws from "@pulumi/aws";
import * as awsx from "@pulumi/awsx";
import * as pulumi from "@pulumi/pulumi";

const vpcId = "vpc-xxx";
const awsxVpc = new awsx.ec2.Vpc("vpc", {vpcId});
console.log(`subnets: ${await awsxVpc.publicSubnetsIds}`);
console.log(`private: ${await awsxVpc.privateSubnetIds}`);
...
// A bunch of resources generated e.g. new aws.ec2.Instance(...)

IIUC, I can only run the pulumi runtime via pulumi pre to trigger the code above and see the output because the entry point is always index.ts. For new projects this is fine as the overall resources managed is small and this is fast. However, for existing large pulumi projects, this workflow becomes very tedious and annoying because it tries to preview all the other resources that aren't changed.

calm-butcher-40899

10/08/2022, 10:09 AM

👋 Hey, do you guys use localstack for testing aws codes? I followed this guide to set up aws provider config for pulumi/aws. However, I always got some ambiguous errors when I run

pulumi up/preview

with the quickstart codes for creating an S3 bucket:

Copy code

error: could not validate provider configuration: 1 error occurred:
        * Invalid or unknown key

I tried creating a VPC resource and still got this error, which makes me feel there’s provider config issues. But when I use the same config on Terraform, everything works. I will attach in 🧵 my stack config and localstack docker-compose file for reference. Any comments and insights on the issue will be much appreciated!!

abundant-king-20145

10/10/2022, 4:42 PM

Hello! I wonder. Is there a way to add local policy packs to an automation api project? Normally, with the cli this is done by using

--policy-pack

flag. But, is there a way to do the same on an automation-api project. I cant find the option.

green-bird-4706

10/12/2022, 5:15 AM

I am trying to add the ARN of a log group at an IAM policy, but Pulumi doesn't like me doing it. I get the error

error: aws:iam/policy:Policy resource 'Amazing-Lambda-can-log-to-cloudwatch' has a problem: "policy" contains an invalid JSON: invalid character '\n' in string literal. Examine values at 'Policy.Policy'.

Here's the code, surely I can use the output of

LogGroup

in my

Policy

Copy code

export class Lambda extends pulumi.ComponentResource {
  constructor(name: string, args?: any, opts?: pulumi.ComponentResourceOptions) {

<<<>>><<<>>>

  this.cloudwatchLog = new aws.cloudwatch.LogGroup(`${name}-lambda-vpc-cloudwatch-    log`, {
    name: `/aws/lambda/amazingLambda`,
    retentionInDays: 14
  }, {parent: this});

  this.cloudwatchPolicy = new aws.iam.Policy(`AmazingLambda-can-log-to-cloudwatch`, {
    description: `Grants AmazingLambda permission to write to Cloudwatch logs for monitoring`,
    policy: `{
       "Version": "2012-10-17",
          "Statement": [
            {
              "Sid": "AmazingLambdaCanLog",
              "Effect": "Allow",
              "Action": [
                "logs:PutLogEvents",
                "logs:CreateLogStream",
                "logs:CreateLogGroup"
              ],
            "Resource": "${this.cloudwatchLog.arn}"
         }
       ]
     }`,
  }, { parent: this });

proud-pizza-80589

10/13/2022, 3:06 PM

ok, i’m losing it i think, given an array like this

Output<string>[]

how the hell do i JSON.stringify it so i get a single string with the json serialised into it

little-cartoon-10569

10/17/2022, 4:57 AM

I'm attempting to impose an API on the stack exports of one project, for use in dependent projects. For example, if my parent project exports properties from a Person resource, with properties age and name, I want my project to export a

interface Person { age: number; name: string}

that other projects can use when dereferencing a stack reference. My assumption is that it's not worth trying to use the Person interface in the exporting project. I shouldn't try to put this in my parent project's index.ts:

Copy code

export steve: Person = { age: steve.age, name: steve.name };

Instead, I should be happy with this:

Copy code

export steve = { age: steve.age, name: steve.name };

I assume that the type wrangling I'd have to go through to make the one interface usable in both places is likely to be complicated, and to hide intent. In the parent project, the interface would contain a pile of `pulumi.Output`s (from all the resources providing the values I want to export)). In the dependent projects, all the values are known at the same time so the only Output I need in code is the one wrapping the Person object(

const steve: pulumi.Output<Person> =  stackref.requireOutput("steve") as pulumi.Output<Person>

). Is there an easy / clear way to use the one interface in both places? Am I correct in not even trying?

little-cartoon-10569

10/18/2022, 2:47 AM

I'm having issues with CallbackFunction and AWS lambdas, at least when called form Jest (unit test context).

jolly-window-25842

10/18/2022, 9:13 AM

Hi everyone, I'm trying to launch my first pulumi based infra, however I have an issue: I have an index.ts file which imports a cluster.ts file. In the cluster.ts file I need to access an output from index.ts, however I can't find a way to do it. Did anyone here have the same need and managed to do it? thanks!

helpful-easter-62786

10/18/2022, 5:54 PM

Anyone know how to use

zod

library with a dynamic resource provider? Inside my provider's

create

function it blows up like so:

Copy code

...which indirectly referenced
   function 'bound parse': which could not be serialized because
     it was a native code function.

green-bird-4706

10/20/2022, 10:58 PM

I am wanting to get the SecretString
value from AWS Secrets Manager. I'm using the AWS providers

aws.secretsmanager.getSecretOutput

and am able to retrieve the secret object with all it's metadata, but not the JSON of the secret string that I need. I am considering using the

aws-sdk

but would have thought this is something Pulumi could do for me?

wooden-queen-83060

10/21/2022, 10:45 AM

Any way to add typings when trying to get an output from a stack reference?

icy-controller-6092

10/24/2022, 4:29 AM

is there any way to get this working:

Copy code

new aws.iam.Policy('mypolicy', {
  ...,
  policy: JSON.stringify({
    ... Resource: other.resource.arn ...
  })
})

icy-controller-6092

10/24/2022, 4:30 AM

other.resource.arn is an Output<string>

icy-controller-6092

10/24/2022, 4:36 AM

I think I’ve figured it out….

policy: pulumi.output({ … }).apply(v => JSON.stringify(v))

little-cartoon-10569

10/26/2022, 5:45 AM

Is there a way to set up package.json and tsconfig.json to allow a single repo be a Pulumi project (root dir) and an NPM package (when some interfaces etc. are built into /dist)? The best I'm getting is to use a separate tsconfig.release.json to change the outDir (so that normally I'm not putting anything in /dist), but I can't figure out how to make /dist be the root dir of the package. I've set

"publishPath": "dist"

in my package.json, but I'm still getting all my files in /dist/..., and there's no /index.js to handle default imports, etc... 😞

early-grass-93513

10/28/2022, 5:42 AM

Hi, I'm having an issue using the aws magic lambda handlers. It appears that all dependencies configured in the package are getting included in the node_modules dirs in the zip files of all lambdas configured in our project. This is an issue because some of the lambdas are used as edge functions and the size limit is quite small. Is there some way of choosing which dependencies get included per lambda?

fast-island-38778

10/31/2022, 5:01 PM

aws.iam.Role.get

requires an

id

input which is the`The unique provider ID of the resource to lookup` . I am using the default AWS provider,

pulumi stack --show-ids

gives me the provider ID, but is there an example for how I can get this

id

programmatically?

careful-book-62830

11/01/2022, 8:37 PM

Hi. I am using ESM instead of CJS in infrastracture code written in Pulumi. But now I have issues with

pulumi

itself. Is there a way to not use

module: "commonjs"

defined in here ?Thank you in advance

thankful-gpu-3329

11/01/2022, 8:55 PM

Hey all. I’m new to Pulumi and have been working through the TS examples in awsx docs…and it looks like either the docs or the typings are incorrect. The example for creating a new VPC uses:

const vpc = new awsx.ec2.Vpc("custom");

<- but according to

@pulumi/awsx

this is insufficient/invalid. https://joeysharesthings.com/9gyxoc

thankful-gpu-3329

11/01/2022, 8:56 PM

I’ve found issues like this in all of the examples I’ve been trying to work through/with–including the

examples

in the repository. It has made getting started with everything a little frustrating.

thankful-gpu-3329

11/01/2022, 9:05 PM

Looks like there’s issues running

pulumi up

using TS from the docs as well: https://joeysharesthings.com/wHmxRM