https://pulumi.com logo
Join Slack
Powered by
Hey Pulumi, We have a problem regarding a blob st...
# general
i
Hey Pulumi, We have a problem regarding a blob storage configuration update. Specifically we added a cors value and this leads to the following error in the preview: Any advice?
Copy code
+- azure-native:storage:BlobServiceProperties blobServiceProperties replace [diff: ~accountName,cors]
 ++ azure-native:storage:BlobServiceProperties blobServiceProperties create replacement [diff: ~accountName,cors]
 ++ azure-native:storage:BlobServiceProperties blobServiceProperties replace [diff: ~accountName,cors]; error: Duplicate resource URN 'urn:pulumi:Staging::cloud::azure-native:storage:BlobServiceProperties::blobServiceProperties'; try giving it a unique name
e
I think "cors" requires the resource to be re-created so you also need to give it a new unique name or set deleteBeforerReplace
i
Is there no other way in which the storage would not be deleted? The system is already used in production, so a storage delete is not an option for us.
In azure it is possible to add a cors property on the fly without changing anything else on the blob storage
r
Based on the output you shared, the account name has changed. This will cause Pulumi to recreate the resource. You can apply the CORS policy change safely by reverting the acocunt name change.
i
The change has no name change in it though:
previous:
Copy code
export const documentStorage = createStorage({
    parentKey: "DocumentStorage", 
    name: "bsdocuments", 
    receiveAccount: a => documentStorageAccount= a
});
new:
Copy code
export const documentStorage = createStorage({
    parentKey: "DocumentStorage", 
    name: "bsdocuments", 
    corsRules: !isProduction() ?
    [
        {
            allowedHeaders: ["*"],
            allowedMethods: ["GET", "POST", "PUT"],
            allowedOrigins: ["*"],
            exposedHeaders: ["*"],
            maxAgeInSeconds: 60,
        }
    ] : [],
    receiveAccount: a => documentStorageAccount= a
});
e
--diff should give a full diff showing what exactly changed with account name
i
Thanks, I will run that
Actually it looked like a diff in the name, type and id in the preview:
Copy code
name                          : "default" => Output<T>
    type                          : "Microsoft.Storage/storageAccounts/blobServices" => Output<T>
I changed it now so the cors is set as the last parameter in the parameter object, now I have no diff anymore, but still the same error
e
Output<T> there seems odd, especially for type
How does createStorgate create the blob service exactly?
i
Copy code
function createStorage(args: IStorageSettings): ISetting[] {
    const storageAccount= createStorageAccount(args.name, args.corsRules);
    if (args.receiveAccount)
        args.receiveAccount(storageAccount);

    const connectionString = createConnectionString(storageAccount);
    const appSettingsKey= `${args.parentKey}__ConnectionString`;
    return [
       {
            name: appSettingsKey,
            value: connectionString
       }
    ];
}

function createStorageAccount(name: string, corsRules?: types.input.storage.CorsRuleArgs[], resourceGrp?: string): storage.StorageAccount {
    const result= new storage.StorageAccount(name, {
        resourceGroupName: resourceGrp ?? resourceGroupName,
        kind: storage.Kind.StorageV2,
        sku: { name: storage.SkuName.Standard_RAGRS }
    }, {protect: true});
    if (corsRules) {
        new storage.BlobServiceProperties("blobServiceProperties", {
            accountName: result.name,
            blobServicesName: "default",
            cors: {
                corsRules
            },
            defaultServiceVersion: "2017-07-29",
            resourceGroupName: resourceGroupName,
        });
    }
    return result;
}
Those are the 2 methods that are used to create the storage
e
Copy code
new storage.BlobServiceProperties("blobServiceProperties", {
Shouldn't that make use of "name" as well to make sure it's unique? Call this method twice and you'll get two objects called "blobServiceProperties"
i
True, that is the problem actually. Thanks a lot, I overlooked that completely (we have cors now in 2 different storages)
2 Views
Open in Slack
PreviousNext
Powered by