t

    thankful-controller-17230

    1 month ago
    Anybody know if
    pulumi policy
    is going to be supported for local execution?
    error: File state backend does not support resource policy
    hacking around things … but this isn’t promising:
    Previewing update (camus-infra):
    panic: fatal: An assertion has failed: failed to convert err no analyzer plugin 'pulumi-analyzer-policy-python' found in the workspace or on your $PATH, install the plugin using `pulumi plugin install analyzer policy-python` to Error, did this come from an RPC endpoint?
    and
    $ pulumi plugin install analyzer policy-python
    <https://pulumi.com/docs/reference/install/> for manual instructions and release notes.
    error: 404 HTTP error fetching plugin from <https://api.github.com/repos/pulumi/pulumi-policy-python/releases/latest>. If this is a private GitHub repository, try providing a token via the GITHUB_TOKEN environment variable. See: <https://github.com/settings/tokens>
    b

    billowy-army-68599

    1 month ago
    @thankful-controller-17230 it works already:
    pulumi up --policy-pack
    pulumi policy
    is the mechanism to public server side policies to the pulumi service
    t

    thankful-controller-17230

    1 month ago
    hmmm. I’m probably doing something wrong. I did:
    mkdir policy
    pulumi policy new --dir policy gcp-python
    pulumi preview -s camus-infra --policy-pack policy
    but the preview fails with:
    panic: fatal: An assertion has failed: failed to convert err no analyzer plugin 'pulumi-analyzer-policy-python' found in the workspace or on your $PATH, install the plugin using `pulumi plugin install analyzer policy-python` to Error, did this come from an RPC endpoint?
    I am running in a slightly nonstandard pulumi python env (
    bazel
    wrapped build targets and “pyenv” style python environment), which might be part of the problem. I’ll try to repro with a more minimal config
    the other pulumi auto-fetched plugins work though … so policy is special in some way
    also only running
    3.37.0
    but the release notes for
    3.37.1
    don’t seem relevant
    b

    billowy-army-68599

    1 month ago
    how did you install pulumi?
    pulumi-analyzer-policy-python
    should be in the same path as the binary
    are you running on windows?
    t

    thankful-controller-17230

    1 month ago
    oh interesting. It’s there. probably an issue with my crazy
    bazel
    wrapper
    I have
    bazel
    grab the release binary for the platform and bundle it with all the python libs, then have a wrapper script that finds the binary and executes it in the python environment. This gets everyone running exactly the same
    pulumi
    environment with no local python lib wrangling or headaches
    but at the expense of maintaining this weirdo sandbox 🙂
    thanks for the pointer for where to look for the leaky plumbing 🙂
    updated
    $PATH
    in my wrapper and it works! thanks @billowy-army-68599