Hello Pulumi fam! I’m getting started with Pulumi ...
# getting-startedc
crooked-pharmacist-80040
06/30/2023, 1:31 AMHello Pulumi fam! I’m getting started with Pulumi and wanted to implement Security Policies. I’m getting a very well known error but the resolution is unclear and mostly discussed for aws. But I’m working in GKE, and Google Cloud Armor.
https://stackoverflow.com/questions/76584866/unable-to-create-securitypolicy-with-adaptive-protection-in-google-cloud-armor-v
b
billowy-army-68599
06/30/2023, 1:49 AM
can you share the full program so we can repro? my first guess is that setting the value to
Falsec
crooked-pharmacist-80040
06/30/2023, 1:53 AMThis is part of some confidential code so me sharing the whole code would be very tough. However, I tried setting enable to true and removed rule_visibility, same error.
The command I use is Pulumi up. And then I get the whole cluster except for this error.
b
billowy-army-68599
06/30/2023, 1:55 AM
do you have a minimal repro of just these resources? it’s going to be difficult to debug without a repro
billowy-army-68599
06/30/2023, 1:58 AM
ah, wait. Which version of the gcp provider are you using?
c
crooked-pharmacist-80040
06/30/2023, 2:01 AMClient is 1.27. And server is 1.25
I got this by running kubectl version.
b
billowy-army-68599
06/30/2023, 2:05 AM
that’s not the pulumi gcp provider version
billowy-army-68599
06/30/2023, 2:05 AM
what’s in your pip dependencies?
c
crooked-pharmacist-80040
06/30/2023, 2:06 AMPulumi >= 3.0.0, < 4.0.0
Pulumi-gcp == 6.39.0
Pulumi-random >= 4.0.0, <5.0.0
Google-api-Python-client==2.86.0
b
billowy-army-68599
06/30/2023, 2:09 AM
there was a bug in this resource fixed in
6.40.0 Copy code
pip3 install pulumi-gcp --upgradebillowy-army-68599
06/30/2023, 2:09 AM
I’ll respond on StackOverflow too 🙂
billowy-army-68599
06/30/2023, 2:13 AM
c
crooked-pharmacist-80040
06/30/2023, 2:15 AMSo, it should be > or >= 6.40.0?
crooked-pharmacist-80040
06/30/2023, 2:18 AMI changed the version to 6.41.0 and still the command “Pulumi up” fails with the same errror.
b
billowy-army-68599
06/30/2023, 3:00 AM
You wil need to run a successful up operation with the new provider. So:
Remove the offending broken config
Update the provider SDK
Run a Pulumi up
Readd the config
c
crooked-pharmacist-80040
06/30/2023, 3:01 AMI destroyed the whole cluster and reinstalled it after upgrading to the latest Pulumi-gcp version.
b
billowy-army-68599
06/30/2023, 3:02 AM
Okay you’ll need to file a GitHub issue then I’m afraid
c
crooked-pharmacist-80040
06/30/2023, 3:02 AMSorry, I meant, it worked. After I destroyed the cluster and upgraded to the latest one, it worked!
Thanks @billowy-army-68599 for all your help.
crooked-pharmacist-80040
06/30/2023, 3:02 AMAppreciate it.