This message was deleted.

I am doing

-v 3

and

--debug

but I don’t see anything meaningful in the logs

Resources are asking to be replaced because the provider is part of the URN (Universal Resource Name, how Pulumi uniquely identifies resources). If the provider has changed, then the URN has changed, and the resource needs to be replaced.

I was trying to use aliases, however I’m a bit confused on how to use them to reference the default provider, because I am unaware of what’s the default provider URN. Just to clarify, the “new” provider should have an alias to the default global provider’s URN, correct?

Here’s an example of provider aliasing I just got from a colleague:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const config = new pulumi.Config("aws");
const provider = new aws.Provider("aws", {
    profile: config.require("profile"),
    region: <aws.Region>config.require("region")
    // where the below string is the URN of the default provider
}, { aliases: ["urn:pulumi:phil::provider-alias::pulumi:providers:aws::default_5_30_1"] });

// Create an AWS resource (S3 Bucket)
const bucket = new aws.s3.Bucket("my-bucket", {}, { provider: provider });

// Export the name of the bucket
export const bucketName = bucket.id;

The default provider’s URN should be accessible in the Pulumi state, assuming you haven’t already run an update (which I think you were holding on because of the resource replacements). That will give you what you need to put in the alias.

That makes sense! I will give it a try, thank you! Btw what’s the

_5_30_1

suffix in the alias?

Provider version (referencing version 5.30.1 of the AWS provider, in this example).

I think the solution the comment gives works but is very opinionated and some people might find it insecure, so what I would explain in the docs is that the kubeconfig generated by the DO API expires after 7 days. What happened to me is that it expired indeed and when trying to do

pulumi up

, it complained about missing credentials, which further confused me due do the fact that it had worked in the past.

Got it, thank you. Let me formulate all that into an issue and see what we can do!

awesome! Let me know if you need feedback or anything. 🙏🙏

I’ve opened this issue: https://github.com/pulumi/pulumi-digitalocean/issues/445 Feel free to upvote the issue and/or add more information, details, clarification, etc. Thank you!

Great! DD

Greetings. I’ve got the same issue and tried to replace the kubeconfig with the proposed

createTokenKubeconfig

. I’ve specified the alias for the k8s provider, but it still wants to replace everything, here are diff details:

pulumi:pulumi:Stack: (same)
    [urn=urn:pulumi:qa.provision::crm::pulumi:pulumi:Stack::crm-qa.provision]
    ++pulumi:providers:kubernetes: (create-replacement)
        [id=a318d097-7f31-40f1-baf7-51a549ebec6f]
        [urn=urn:pulumi:qa.provision::crm::pulumi:providers:kubernetes::doks]
        enableServerSideApply: "true"
        kubeconfig           : [secret]
        version              : "3.24.2"
    +-pulumi:providers:kubernetes: (replace)
        [id=a318d097-7f31-40f1-baf7-51a549ebec6f]
        [urn=urn:pulumi:qa.provision::crm::pulumi:providers:kubernetes::doks]
        enableServerSideApply: "true"
        kubeconfig           : [secret]
        version              : "3.24.2"
    --pulumi:providers:kubernetes: (delete-replaced)
        [id=a318d097-7f31-40f1-baf7-51a549ebec6f]
        [urn=urn:pulumi:qa.provision::crm::pulumi:providers:kubernetes::doks]

any suggestions on how to deal with this?