https://pulumi.com logo
#getting-started
Title
# getting-started
v

victorious-megabyte-32350

07/21/2021, 10:11 AM
Hi all! I started using the pulumi github action for PRs (with PR Comments) https://www.pulumi.com/docs/guides/continuous-delivery/github-actions/#comments-by-github-actions The bot instead of commenting the short description like in the picture (I guess is a
pulumi preview --supress-outputs
) adds the all output. The step is pretty similar to the example
Copy code
- uses: pulumi/actions@v3
        with:
          command: preview
          stack-name: dev
          comment-on-pr: true
          github-token: ${{ env.GITHUB_TOKEN }}
          work-dir: ${{ env.working-directory }}
        env:
          PULUMI_ACCESS_TOKEN: ${{ env.PULUMI_ACCESS_TOKEN }}
Can someone help me with this?
w

witty-candle-66007

07/21/2021, 2:52 PM
@victorious-megabyte-32350 I have this repo where I play with pulumi and github actions. https://github.com/MitchellGerdisch/github-actions-play I have a workflow for PRs that does the short descriptions as described in the docs. You can see the workflow and the PR with the comment. I hope this helps.
I did notice that your code references
env.GITHUB_TOKEN
I’m surprised that worked since when I tried your code as-is, it threw an error and the Pulumi and Github docs indicate it is referenced as a secret (
secrets.GITHUB_TOKEN
) So I wonder if that’s part of the issue you are seeing.
v

victorious-megabyte-32350

07/21/2021, 3:02 PM
@witty-candle-66007 I'll check on that right now. Regarding the
env.GITHUB_TOKEN
is because in the job I added environment values Let me share that part of the code:
Copy code
jobs:
  InfrastructurePreview:
    name: Pulumi Preview
    runs-on: ubuntu-latest    
    env:
      working-directory: ./infrastructure
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - uses: actions/checkout@v2        
      - name: Use Node.js
        uses: actions/setup-node@v2
        with:
          node-version: '14.x'
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
          aws-region: us-west-2
          aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
      - name: Install Dependencies        
        run: yarn install --frozen-lockfile        
        working-directory: ${{ env.working-directory }}
      - uses: pulumi/actions@v3
        with:
          command: preview
          stack-name: dev
          comment-on-pr: true
          github-token: ${{ env.GITHUB_TOKEN }}
          work-dir: ${{ env.working-directory }}
        env:
          PULUMI_ACCESS_TOKEN: ${{ env.PULUMI_ACCESS_TOKEN }}
w

witty-candle-66007

07/21/2021, 3:11 PM
I see. It’s a non-issue (the env.GITHUB_TOKEN thing) then.
v

victorious-megabyte-32350

07/21/2021, 4:25 PM
Is there something that I need to configure on github or pulumi ? I mean, I'm getting something like this:
Copy code
🍹 Previewing update (company/dev)

View Live: <https://app.pulumi.com/company/infrastructure/dev/previews/4e68223d-5963-2bd8-5200-4427721b078c>


pulumi:pulumi:Stack infrastructure-dev running 
+  aws:s3:Bucket test-bucket-pr-ci create 
aws:dynamodb:Table Table1
aws:dynamodb:Table Table2
aws:s3:Bucket web-app-dev  
-  aws:s3:Bucket another-bucket delete 
pulumi:pulumi:Stack infrastructure-dev  

Outputs:
~ webApp   : {
    ...values
}
~ dynamodbTables   : {   
    ..tables
}
...rest

Resources:
+ 1 to create
~ 1 to update
- 17 to delete
19 changes. 82 unchanged
I don't know why the
outputs
is printing out
also In your PR https://github.com/MitchellGerdisch/github-actions-play/pull/1 it only shows the things you created, not the all stack like the output above
w

witty-candle-66007

07/21/2021, 5:01 PM
Right, that run was from a stack that had no resources. So I reran a test sequence as follows: • Started with an empty stack. • Project now only creates a resource group (Azure) and outputs the resource group ID • Caused PR preview change: The PR comment showed the creation list but no output. • Ran pulumi up event to get the stack created. • Update code to also create a storage account and output a storage account ID. • This caused a PR preview which showed the new SA resource and the new output promise. It’s interesting to note that the existing resource group ID output is not included in the PR comment. But it looks like this method will show outputs
You can see this current state of things in my repo.
That said, I am a bit confused by the outputs handling in my case and so want to see if I can characterize the behavior a bit and open a bug if appropriate.
But I’m also wondering if you want to open a feature request to simply not include outputs in the PR comment?
v

victorious-megabyte-32350

07/21/2021, 6:17 PM
Sorry Mitch, I had some meetings. Now I'm free. I've looked all the commits and the PR. I guess (correct me if I'm wrong) If you don't export the resource (rgId) it won't show the output section. (like in the pulumi documentation)
In my project (that now I'm taking care of) I see a tons of exports, so I'm guessing that's the issue. I'll try to make a public repo with an isolated test, to make the feature request. The output section in the PR comment, Is something that is expected to do?
w

witty-candle-66007

07/21/2021, 6:31 PM
Outputs are an expected part of the PR comment. I need to dig into why I don’t see both of my outputs in my PR comment, though. In other words, it appears to be inconsistent on my end and so may be a bug in that it is missing an output.
And yes the
export …
stuff is how stack outputs are generated.
v

victorious-megabyte-32350

07/21/2021, 6:39 PM
Awesome, Thank so much Mitch with the help.
w

witty-candle-66007

07/21/2021, 7:19 PM
I am curious if you are seeing all outputs and their values in the PR comment or only outputs that are created or updated due to the changes that the preview has identified
The reason I ask is that I only see outputs that are created or updated by the changes identified in the preview. Which makes sense since the goal of the preview is to show what is going to change.
3 Views