https://pulumi.com logo
Title
a

average-school-38756

12/21/2020, 4:14 PM
Anyone have a convention for using pulumi CLI to force a new ECS deployment (for example, after a Secret is changed)?
f

fast-cpu-35756

12/21/2020, 4:19 PM
I will do that through ECS CLI, deploy with --force flag I think from Pulumi perspective, changing a secret doesn’t mean it should redeploy
a

average-school-38756

12/21/2020, 4:40 PM
Yeah, thanks. Might be cool for Pulumi to add management command support to their CLI, just to trigger custom scripts. But managing correctly-deployed resources might simply be out-of-scope for the CLI. Maybe the automation API could be used for something like this? Haven't looked into that yet.
c

chilly-hairdresser-56259

12/21/2020, 5:03 PM
You could add a flag or something to the Pulumi config file to force new deployments (there is a parameter to force new deployment): https://www.pulumi.com/docs/reference/pkg/aws/ecs/service/
a

average-school-38756

12/21/2020, 6:45 PM
Thanks, that's a cool idea
@chilly-hairdresser-56259 i implemented this idea and it's working well for me. Thanks again.
f

freezing-finland-22895

12/21/2020, 7:49 PM
I think if you add the secret resource to the depends_on parameter it would also redeploy
a

average-school-38756

12/21/2020, 8:01 PM
i'm updating secret values manually in the AWS console (equivalent to creating https://www.pulumi.com/docs/reference/pkg/aws/secretsmanager/secretversion/), so Pulumi state wouldn't know about the change, i think, since each new version isn't tracked in Pulumi state.