https://pulumi.com logo
r

rapid-parrot-1735

07/03/2023, 10:53 PM
What's the general strategy for bringing an old pulumi app up to date again? It's been running untouched for a long time now and it's time to upgrade it. Typescript, aws, cloudflare.
bumping dependencies one small step at a time doesn't seem to work as I get stuck in npm hell
lots of things have changed in the api, so I can't bump to newest and build, and I can't really figure out what changes I have to make. Lots of things were implicit, like presumably using the default vpc, or
portMapping: [myLoadbalancer]
in fargate, etc
is setting up a fresh project and trying to get it to match the old deploy a good approach? can I do that in the same stack? will the plan be ruined by old providers needing to be updated, creating diffs?
it's super important that I can at least get the currently working setup back up again if the migration fails, and this is where I'm the most worried atm
l

little-cartoon-10569

07/03/2023, 11:00 PM
What problems are you encountering? I'm not aware of any major API changes within the Pulumi libraries except for AWSX, and that can be resolved by changing your awsx imports to awsx.classic.
Or by locking your awsx dependency version to 0.40.1
r

rapid-parrot-1735

07/04/2023, 8:41 AM
awsx.classic was a huge missing puzzle piece, thanks @little-cartoon-10569! Now I'm down to one error and one warning:
Copy code
Diagnostics:
  pulumi:providers:cloudflare (default_5_5_0):
    error: pulumi:providers:cloudflare resource 'default_5_5_0' has a problem: could not validate provider configuration: Invalid or unknown key. Check `pulumi config get cloudflare:accountId`.
 
  pulumi:pulumi:Stack (backend-prod):
    warning: aws:ec2/getSubnetIds:getSubnetIds verification warning: The aws_subnet_ids data source has been deprecated and will be removed in a future version. Use the aws_subnets data source instead: <https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/subnets>
l

little-cartoon-10569

07/04/2023, 8:44 AM
The first one looks easy. Remove cloudflare:accountId from your stack yaml file.
The second one looks like you're using aws.getSubnetIds() and that needs to be changed to aws.getSubnets(). That function will probably need different params and has a different return value.
r

rapid-parrot-1735

07/04/2023, 8:47 AM
we're not using
getSubnetIds
directly at least. Could it this?
Copy code
const dbSubnets = new aws.rds.SubnetGroup('dbsubnets', {
  subnetIds: vpc.publicSubnetIds,
})
l

little-cartoon-10569

07/04/2023, 8:49 AM
No, that's RDS not EC2. Maybe it's inside awsx.. not sure.
r

rapid-parrot-1735

07/04/2023, 8:50 AM
it looks like it's previewing without errors otherwise šŸ˜®šŸ˜
l

little-cartoon-10569

07/04/2023, 8:51 AM
It's only a warning. Maybe it can be ignored for now. Or you could search the Pulumi GitHub projects for issues with that error message.
r

rapid-parrot-1735

07/04/2023, 8:54 AM
there's this merged two weeks ago, so perhaps that's not released yet https://github.com/pulumi/pulumi-aws/pull/2557
no, that's in
v6
and last release is
v5.41.0
huge thanks for the help @little-cartoon-10569! I've spent over 20 hours trying to figure this out, and you solved it in like 2 minutes
l

little-cartoon-10569

07/04/2023, 8:55 AM
Looks like it might fix the warning though. You'll just have to live with it for now.
r

rapid-parrot-1735

07/04/2023, 8:56 AM
I have no problems living with the warning, as long as
pulumi up
keeps working šŸ˜„
l

little-cartoon-10569

07/04/2023, 8:56 AM
It's 10% experience, 50% internet searching, and 75% guessing.
r

rapid-parrot-1735

07/04/2023, 8:57 AM
well, I didn't even manage to find out that
aws.classic
existed in those 20+ hours šŸ™‚
l

little-cartoon-10569

07/04/2023, 8:57 AM
Maybe 12% experience then :)
r

rapid-parrot-1735

07/04/2023, 8:57 AM
once again, huge thanks! I'll try releasing this in about 8-10 hours, after the load peak
the diffs are: ā€¢ lots of providers changed ā€¢ lots of new outputs ā€¢ subnet changed, as always, since it rotates around aws availability zones ā€¢ cloudflare record will be changed, as always
which to me looks like a clean preview and like this is going to work
Tried it out, got a credentials error, didn't change any Pulumi.prod.yaml config, just bumped versions and replaced
awsx
with `awsx.classic`:
Copy code
Diagnostics:
    pulumi:providers:aws (default_5_41_0):
      error: rpc error: code = Unknown desc = unable to validate AWS credentials.
      Details: failed to get shared config profile, backend-prod
      Make sure you have set your AWS region, e.g. `pulumi config set aws:region us-west-2`.
aws:profile
and
aws:region
are set; nothing else under the
aws
namespace. I can run previews locally, and I am using
aws-actions/configure-aws-credentials
for credentials The github actions job that's failing to auth is very similar to and based on the
Update
task at https://www.pulumi.com/docs/using-pulumi/continuous-delivery/github-actions/ Any hints? :)
l

little-cartoon-10569

07/04/2023, 8:04 PM
Did you commit a change to aws:profile which is using your computer's config? If this build (on GitHub?) is using one of the normal AWS auth actions (e.g. aws-actions/configure-aws-credentials) then it requires that the normal env vars are going to be used by your provider. If you're using the default AWS provider and you've set
aws:profile
, then it will use that, not the env vars.
If this is the problem, then just remove
aws:profile
from your stack file.
In order to use your AWS profile locally but not in your CI, you need to handle that yourself. Either via custom logic in a non-default provider, or locally by setting AWS_PROFILE instead of aws:profile.
r

rapid-parrot-1735

07/05/2023, 12:03 AM
I got it running now! Huge thanks for all the help!
15 Views