https://pulumi.com logo
#getting-started
Title
# getting-started
a

able-honey-93860

12/24/2021, 12:29 AM
Is there any good documentation regarding self-managed backend? I logged into s3 and followed along the “Create a New Project” guide under AWS. I am successfully creating the buckets after running pulumi up, however I cannot understand this passphrase issue for the life of me. I understand that using pulumi’s service it does all the management for you, but I want to be self hosted so this is throwing a wrench in all their documentation and I can't really follow along. Current issue running pulumi on windows with python as the language-once successfully running pulumi up, I cannot run any command because it constantly says
Copy code
"error: constructing secrets manager of type “passphrase”: unable to find either ‘PULUMI_CONFIG_PASSPHRASE’ or ‘PULUMI_CONFIG_PASSPHRASE_FILE’ when trying to access the Passphrase Secrets Provider; please ensure one of these environments barebones is set to allow the operation to continue”
I have tried a number of ways to “set” the passphrase but no luck. First tried setting it locally in my windows environment variables list and then tried
pulumi config set —secret PULUMI_CONFIG_PASSPHRASE “Test”
And yes “Test” is the passphrase I used when running pulumi up, just trying to understand how it's all working then I would use something more secure. Along with setting it up before running pulumi up by running
pulumi stack unit dev —secrets-provider passphrase
It just continuously gives me the error above after I run any subsequent commands after a successful pulumi up. For instance after creating the bucket I run
pulumi stack output bucket_name
and then get the same passphrase error above. I have to be missing something super simple lol. I have deleted everything and redid it multiple times but no luck. I just can't find anything on my own so I appreciate any help!
b

billowy-army-68599

12/24/2021, 6:18 AM
it needs to be set as an environment variable. i dont have a windows machine, so not sure how that's done
a

able-honey-93860

12/24/2021, 8:31 AM
So I did set
PULUMI_CONFIG_PASSPHRASE
with the value
“Test”
as an environment variable, but pulumi still wasn't happy. Also felt that this was a bit odd since the password would then be stored as a plain text value in the environment variable. Is that truly expected? Seemed a bit counter intuitive lol
b

billowy-army-68599

12/24/2021, 9:00 AM
you can set a secrets manager as a stack encryption manager too, environment variables are just the default
but it definitely works with environment variables, I'd double check it was set correctly
s

sparse-butcher-73713

12/24/2021, 12:05 PM
@able-honey-93860 how did you set the env var?
and what shell, cmd or PS?
a

able-honey-93860

12/25/2021, 12:25 AM
Ok I finally got it to work. I setup the environment variable before running pulumi up and it seemed to work better than setting it up after running pulumi up. I was using ps command to set the variable as well as through SystemPropertiesAdvanced.exe. Nonetheless, it's all good now. However a new issue is happening where pulumi can't import the okta package that I installed. I confirmed the package is installed successfully because if I open python console directly I can run
import pulumi_okta as okta
just fine. So I think it might be due to pulumi using its own python exe? I installed via chocolatey, but have since uninstalled it and decided to install through the cmd command since I am more familiar with picking apart installs when they're not done via choco. This work however the environment variable set within CMD is being leveraged and I can run pulumi in cmd, but I can't run pulumi in powershell. Superrrr weird since I verified the environment variable is set in the gui, I have reloaded multiple powershell sessions and ran
refreshenv
quite a few times, however when I run
(Get-ChildItem -path env:PATH).value -split “;”
it doesn't pull in the environment variable. So odd, I am definitely more of a powershell user and never used cmd to set env variables before. I think I can figure out a fix eventually, but just another growing pain haha
Alrighty I got it now, the script only writes to user environment variable and not system. This inherently caused a lot of issues when running commands but I just manually added it to system environment variable path and we are good. Geesh there is a huge learning curve for pulumi, I've had a pretty hard time setting up just the basics from AWS native to okta. Wish there was a little more focused documentation for newbies
s

steep-beach-52652

12/25/2021, 7:32 PM
when i faced the error msg first time i started using pulumi, i just set the env var and it worked. no time spent
a

able-honey-93860

12/26/2021, 3:12 AM
Yeah it's definitely an easy way out to manually set it, but it's easy enough to include it in the script/command provided by their documentation. It's all about making it simple to setup/use so it's more readily adopted by the community. Otherwise a user will have their doubts if they have to figure out their own workaround from the first few mins of using pulumi.
Also figured out that the python package import issue was due to the requirements.txt not having the package defined. I realized the venv was being used, but it's fairly frustrating that there were no okta templates and none of the documentation relating to okta noted that adding the package to the requirements.txt was needed. Nonetheless, I'm glad to be making progress here, but it definitely hasn't been smooth so far, and im just doing the basics lol…worried for what the future holds with more complexity 🤷🏻‍♂️
3 Views