Hey y all running into a new error that popped up recently I Pulumi Community #azure

Hey y'all, running into a new error that popped up...

average-translator-13806

06/14/2024, 9:43 PM

Hey y'all, running into a new error that popped up recently. I am working in Python. I create a KeyVault and add some secrets to it like so:

Copy code

key_vault = keyvault.Vault(nameOfKeyVault,
    vault_name= nameOfKeyVault,
    resource_group_name=resource_group.name,
    location=resource_group.location,
    properties={
        "sku": {
            "name": "standard",
            "family": "A"
        },
        "enable_rbac_authorization": True,
        "tenant_id": pulumi_provider_client_info.tenant_id,
        "create_mode": keyvault.CreateMode.DEFAULT,
    })

mysecret = keyvault.Secret(
    "mysecret",
    properties=azure_native.keyvault.SecretPropertiesArgs(
        value= admin_client_key,
    ),
    vault_name= key_vault.vault_name,
    resource_group_name= resource_group.name,
)

This works fine and creates the vault and the secrets. However, I have started getting the following error when trying to delete the stack with

pulumi delete -y

Copy code

azure-native:keyvault:Secret (mysecret):
    error: vaultName not found in resource state

I haven't found anything googling for this error, looking in Slack, or looking in Github. I have to manually delete the keyvault in order to destroy my stack. Any idea? I'm using Pulumi

v3.120.0

tall-librarian-49374

06/14/2024, 10:46 PM

Do you still have a stack where this error reproduces? Can you run

pulumi stack export >> state.json

, search for that resource

azure-native:keyvault:Secret

and see what's in its inputs? (please remove any sensitive values before posting anything)

average-translator-13806

06/15/2024, 7:33 PM

Copy code

{
  "urn": "urn:pulumi:tyler_poc::environment-builder::azure-native:keyvault:Secret::cuebox-tower-storage-tenant-id",
  "custom": true,
  "id": "/subscriptions/<s1>/resourceGroups/tyler_poc77157078/providers/Microsoft.KeyVault/vaults/tyler-poc-kv/secrets/cuebox-tower-storage-tenant-id",
  "type": "azure-native:keyvault:Secret",
  "inputs": {
    "properties": {
      "value": "<s2>"
    },
    "resourceGroupName": "tyler_poc77157078",
    "secretName": "cuebox-tower-storage-tenant-id",
    "vaultName": "tyler-poc-kv"
  },
  "outputs": {
    "__inputs": {
      "4dabf18193072939515e22adb298388d": "1b47061264138c4ac30d75fd1eb44270",
      "ciphertext": "v1:<s3>"
    },
    "id": "/subscriptions/<s1>/resourceGroups/tyler_poc77157078/providers/Microsoft.KeyVault/vaults/tyler-poc-kv/secrets/cuebox-tower-storage-tenant-id",
    "location": "westus3",
    "name": "cuebox-tower-storage-tenant-id",
    "properties": {
      "attributes": {
        "created": 1718478416,
        "enabled": true,
        "updated": 1718478416
      },
      "secretUri": "<uri>",
      "secretUriWithVersion": "<uri>/300fa5a9f6114c5385f3a175ce1fa190"
    },
    "type": "Microsoft.KeyVault/vaults/secrets"
  },
  "parent": "urn:pulumi:tyler_poc::environment-builder::pulumi:pulumi:Stack::environment-builder-tyler_poc",
  "dependencies": [
    "urn:pulumi:tyler_poc::environment-builder::azure-native:resources:ResourceGroup::tyler_poc",
    "urn:pulumi:tyler_poc::environment-builder::azure-native:authorization:RoleAssignment::key-vault-role-assignment-su",
    "urn:pulumi:tyler_poc::environment-builder::azure-native:keyvault:Vault::tyler-poc-kv"
  ],
  "provider": "urn:pulumi:tyler_poc::environment-builder::pulumi:providers:azure-native::default_2_45_0::6f143055-c64e-41d1-ad16-ab8ad102a8cf",
  "propertyDependencies": {
    "properties": [],
    "resourceGroupName": [
      "urn:pulumi:tyler_poc::environment-builder::azure-native:resources:ResourceGroup::tyler_poc"
    ],
    "vaultName": [
      "urn:pulumi:tyler_poc::environment-builder::azure-native:keyvault:Vault::tyler-poc-kv"
    ]
  },
  "created": "2024-06-15T19:06:56.430137Z",
  "modified": "2024-06-15T19:06:56.430137Z",
  "sourcePosition": "project:///.venv/lib/python3.12/site-packages/pulumi_azure_native/keyvault/secret.py#148"
}

Here is the whole resource. Looks like the

vaultName

is in the inputs 😆 😭

average-translator-13806

06/15/2024, 7:36 PM

Searching through the

pulumi-azure-native

codebase, the only place I can find that error string referenced is around https://github.com/pulumi/pulumi-azure-native/blob/bb89e2de1f283bce66d08bfce261d21[…]eaaf1/provider/pkg/resources/customresources/custom_keyvault.go . I tried increasing logging to see if I could get any more information but

pulumi destroy -v 4

didn't give me any additional outputs

average-translator-13806

06/15/2024, 9:12 PM

I simplified my setup way down. Now I am only creating 3 resources - a resource_group, key_vault, and secret. I also switched the stack storage from an Azure blob to my local filesystem just to see if that was causing anything. Can still replicate the issue

tall-librarian-49374

06/17/2024, 7:44 AM

Hmm, that's weird. Could you please open an issue with your repro? Thank you!

average-translator-13806

06/17/2024, 8:03 PM

https://github.com/pulumi/pulumi-azure-native/issues/3357 Thanks for the initial troubleshooting steps!

🙏 1

5 Views

Open in Slack

Previous Next