sparse-intern-71089
12/31/2019, 6:09 PMprehistoric-account-60014
12/31/2019, 6:12 PMprehistoric-account-60014
12/31/2019, 7:14 PMerror: could not deserialize deployment: constructing secrets manager of type "service": getting access token: unmarshalling credentials file: unexpected end of JSON input
white-balloon-205
~/.pulumi
folder got corrupted and is no longer valid JSON. Likely a credentials.json
?white-balloon-205
prehistoric-account-60014
12/31/2019, 9:45 PMpulumi login
before each command and then the second issue came upprehistoric-account-60014
12/31/2019, 9:45 PMprehistoric-account-60014
12/31/2019, 9:46 PMprehistoric-account-60014
12/31/2019, 9:47 PMcurl -fsSL <https://get.pulumi.com/> | bash
export PATH=$PATH:$HOME/.pulumi/bin
pulumi login
prehistoric-account-60014
12/31/2019, 9:47 PMprehistoric-account-60014
12/31/2019, 9:48 PM#!/bin/sh
set -e
if [ -z ${PULUMI_STACK+x} ]; then
echo PULUMI_STACK is not set. Exiting...
exit 1
fi
pulumi login
pulumi stack init "$PULUMI_STACK" || true
if [[ "$PULUMI_STACK" != "production" ]] || [[ "$PULUMI_STACK" != "staging" ]]; then
pulumi config refresh --stack development || true
json="$(pulumi config --stack development --show-secrets --json)"
keys="$(echo $json | jq -r 'keys[]')"
for key in $(echo $keys | tr '\n' ' ')
do
value="$(echo $json | jq -r '.["'"$key"'"].value')"
is_secret="$(echo $json | jq -r '.["'"$key"'"].secret')"
pulumi config --stack "$PULUMI_STACK" set "$key" "$value" $(if [ $is_secret = 'true' ]; then echo '--secret'; fi)
done
fi
prehistoric-account-60014
12/31/2019, 9:48 PMprehistoric-account-60014
12/31/2019, 9:49 PMpulumi login
I added after seeing the first error but then I subsequently got the other one.prehistoric-account-60014
12/31/2019, 9:49 PMprehistoric-account-60014
12/31/2019, 9:50 PMcurl <https://sdk.cloud.google.com> | bash > /dev/null
export PATH=$PATH:/root/google-cloud-sdk/bin
KEY_FILE="$(mktemp)"
echo "$GCP_SERVICE_ACCOUNT" > "$KEY_FILE"
gcloud auth activate-service-account --key-file "$KEY_FILE"
prehistoric-account-60014
12/31/2019, 9:51 PMprehistoric-account-60014
01/03/2020, 2:24 PMmammoth-elephant-55302
02/03/2020, 7:30 PMmammoth-elephant-55302
02/03/2020, 7:30 PMmammoth-elephant-55302
02/03/2020, 7:32 PMmammoth-elephant-55302
02/03/2020, 7:33 PMprehistoric-account-60014
02/04/2020, 12:58 AMmammoth-elephant-55302
02/04/2020, 2:42 AMprehistoric-account-60014
02/04/2020, 2:43 AMprehistoric-account-60014
02/04/2020, 2:44 AMprehistoric-account-60014
02/04/2020, 2:46 AMcat "$KEY_FILE"
to see if the JSON was malformed and it seems fine. This time everything worked, though, so it’s possible it wasn’t before.prehistoric-account-60014
02/04/2020, 8:15 PMmktemp
so instead I saved the keyfile in "$HOME/key.json"
but that didn’t help.prehistoric-account-60014
02/04/2020, 8:18 PMcat
in there to make sure the key file is not malformed…white-balloon-205
prehistoric-account-60014
02/04/2020, 8:53 PMerror: could not get cloud url: unmarshalling credentials file: unexpected end of JSON input
prehistoric-account-60014
02/05/2020, 3:05 AMwhite-balloon-205
~/.pulumi/credentials.json
. What OS are you on? Are you doing anything you think could possibly lead to corrupting the contents of that file?prehistoric-account-60014
02/05/2020, 3:31 PMnode:10-alpine
image. As for what I’m doing, I don’t think there’s anything that would result in a malformed credentials file. I basically do the two things I linked towards the beginning of the thread, install Pulumi once and then deploy a stack for each service.prehistoric-account-60014
02/05/2020, 4:42 PMcat "$HOME/.pulumi/credentials.json
before running pulumi up
and see if the JSON is somehow malformed.prehistoric-account-60014
02/05/2020, 7:53 PMprehistoric-account-60014
02/05/2020, 7:55 PM{
"current": "<https://api.pulumi.com>",
"accessTokens": {
"<https://api.pulumi.com>": "[MASKED]"
},
"accounts": {
"<https://api.pulumi.com>": {
"accessToken": "[MASKED]",
"username": "miguel",
"lastValidatedAt": "2020-02-05T17:15:45.14108518Z"
}
}
prehistoric-account-60014
02/05/2020, 7:57 PMprehistoric-account-60014
02/05/2020, 7:58 PMcat "$HOME/.pulumi/credentials.json" | jq -c
to see if it’s all there or if there’s something weird with a file descriptor staying open causing the errorprehistoric-account-60014
02/05/2020, 8:10 PMprehistoric-account-60014
02/05/2020, 8:10 PM{
"current": "<https://api.pulumi.com>",
"accessTokens": {
"<https://api.pulumi.com>": "[MASKED]"
},
"accounts": {
"<https://api.pulumi.com>": {
"accessToken": "[MASKED]",
"username": "miguel",
"lastValidatedAt": "2020-02-05T20:01:08.004514991Z"
}
}
error: stack 'review-mo-pulumi-pzf6a4' already exists
error: no previous deployment
error: could not get cloud url: unmarshalling credentials file: unexpected end of JSON input
}
prehistoric-account-60014
02/05/2020, 8:11 PMprehistoric-account-60014
02/05/2020, 8:11 PMprehistoric-account-60014
02/05/2020, 8:12 PMcat "$HOME/.pulumi/credentials.json"
just before calling pulumi up
prehistoric-account-60014
02/05/2020, 8:17 PMcat "$HOME/.pulumi/credentials.json"
pulumi stack init "$PULUMI_STACK" || true
pulumi config refresh --stack makeswift/development || true
json="$(pulumi config --stack makeswift/development --show-secrets --json)"
prehistoric-account-60014
02/05/2020, 8:18 PM|| true
but the pulumi config
needs the credentials to show the secrets and that’s where it fails.white-balloon-205
prehistoric-account-60014
02/05/2020, 11:12 PMprehistoric-account-60014
02/06/2020, 4:37 AMpulumi config
. Another observation is that there are multiple scripts running in parallel configuring different stacks and reading the credentials file. I don’t know if Pulumi modifies the file while this is happening, but if it does it might mean that running Pulumi commands concurrently isn’t safe as one command might attempt to read the file while another one is modifying it. Does this ring any bells?white-balloon-205
prehistoric-account-60014
02/06/2020, 2:29 PMprehistoric-account-60014
02/06/2020, 3:03 PMprehistoric-account-60014
02/06/2020, 5:26 PM