https://pulumi.com logo
#aws
Title
# aws
r

rapid-ability-26103

12/18/2023, 7:33 PM
b

billions-river-87988

12/18/2023, 7:39 PM
what is the error?
r

rapid-ability-26103

12/18/2023, 7:41 PM
aws-auth already exists
b

billions-river-87988

12/18/2023, 7:50 PM
you probably need to use ConfigMapPatch resource instead of trying to recreate the
aws-auth
configmap: https://www.pulumi.com/ai/conversations/b10f8c0d-f785-44b7-9362-7b21e505c0c6?prompt=Create+an+kubernetes.core%2Fv1.ConfigMapPatch+resource
keep in mind, the AI is just like a hint in the right direction, its code cant be necessarily be trusted
r

rapid-ability-26103

12/18/2023, 8:12 PM
@billions-river-87988 Do you know also how can i create a sequential deployment 2 helm charts ?
import * as k8sHelm from "@pulumi/kubernetes/helm";
resource:
k8sHelm.v3.Chart
Seems also that dependsOn option wont take effect here
b

billions-river-87988

12/18/2023, 8:15 PM
Let me ask around, i'll get back to you
so
dependsOn
is supposed to work in this case- can you give me a more detailed example?
r

rapid-ability-26103

12/18/2023, 8:35 PM
will talk with my partner tomorrow and will give you much more details about it, thanks
@billions-river-87988 Still seems that ConfigMapPatch cant update existing config:
Copy code
error: resource kube-system/aws-auth was not successfully created by the Kubernetes API server : Server-Side Apply field conflict detected. see <https://www.pulumi.com/registry/packages/kubernetes/how-to-guides/managing-resources-with-server-side-apply/#handle-field-conflicts-on-existing-resources> for troubleshooting help
    : Apply failed with 1 conflict: conflict with "pulumi-kubernetes" using v1: .data.mapRoles
Copy code
const awsAuthConfigMapData = pulumi.output(cluster.core.cluster.arn).apply(arn => JSON.stringify({
  "groups": ["system:masters", "system:bootstrappers"],
  "rolearn": arn,
  "username": "system:node:{{EC2PrivateDNSName}}",
}));

const awsAuthConfigMap = new k8s.core.v1.ConfigMapPatch("aws-auth", {
  metadata: {
      name: "aws-auth",
      namespace: "kube-system",
  },
  data: {
      mapRoles: awsAuthConfigMapData,
  },
}, { provider: provider, dependsOn: [cluster] });
b

billions-river-87988

12/18/2023, 9:22 PM
ah, you can override that-
PULUMI_K8S_ENABLE_PATCH_FORCE="true" pulumi up
it will tell k8s that pulumi is now in charge of
.data.mapRoles
also be sure you are merging existing role data with your new one (like in your original example).