https://pulumi.com logo
Join Slack
Powered by
how is pulumi expected to work from a CI/CD tool (...
# general
f
how is pulumi expected to work from a CI/CD tool (i.e. CircleCI) when deploying to kubernetes? doesn't seem to be a simple way to handle cluster auth with microstacks
c
@fancy-magazine-29876 what do you mean by “microstacks”?
f
basically our infra project (and subsequently stacks for staging/prod )are totally separate from all other applications
and we are using local login
c
f
how would i reference the infra stack though?
its in a different repo and we arent using pulumi cloud login
c
The 
scripts
directory shows you how you can do this.
This line creates a Kubernetes provider out of the kubeconfig file, which is a stack output of the managed compute stack.
it’s super easy.
f
but all the code is in the same repo
am i missing something?
c
Why does that matter? They’re different stacks, right?
They don’t share anything at all.
f
so how does it get the stack info?
where is that state referenced
c
In the line above the k8s app is inspecting the stack output of the managed compute stack.
whichever stack provisions the GKE cluster exports the kubeconfig file, the app stack references it.
Right?
f
ya, so i'm assuming you can't use local login with that then
pulumi cloud pricing is prohibitive with the approach we are going for
c
It should work with any backend?
f
i'm still missing how if i have stacks with local state, how a stack in one repo could reference the output of a stack in another
c
const infrastructureStack = new pulumi.StackReference(infrastructureStackName);
f
ya i get that
c
Does that not work with the local backend?
is that what you’re saying?
cc @microscopic-florist-22719
f
a stack reference to a stack with local state only would have to read from disk
so i would have to clone the repos of all stacks i want to reference
i haven't actually tried it because i dont see how it would work
m
that's correct--local stack references would need access to any state you'd like to share
👍 1
f
i.e if i'm working in 
~/projects/infra
i 
cd
to it then i do 
pulumi login file://$(PWD)
i see no issues doing this with cloud login, but it's really cost-prohibitive
a S3 state option would be great - i could probably hack something together but builtin functionality would go a long way
c
@fancy-magazine-29876 yeah, this is probably harder than it could be. I’m not sure what the priority is right now. @white-balloon-205 @big-piano-35669?
If you don’t want to use the managed offering you can get head into your other repository, 
pulumi stack output <whatever> | pbcopy
and then 
pulumi config set <whatever> <whatever>
and that should work in the mean time.
The problem more generally is not that this can’t be done, it’s that (I think) there is no shared state to reference.
This isn’t going to be easy to solve with “just” the S3 backend. YOu need some way to address other state files, and that is going to require something to broker those things.
Open to hear other solutions though.
f
@creamy-potato-29402 git subtrees could help as an alternative to baking anything into pulumi - although the infra repo (networking, instances, etc) would need to be added as a subtree to all application repos (at least ones that deploy to k8s or need to reference the infra stacks). also, keeping code up to date could be a nightmare or might just need to be worked into the regular workflow of things
c
Yeah, I suspect there are many ways to skin this cat… are you talking to anyone else over here about this stuff? Might be worth chatting with @big-piano-35669 @adamant-restaurant-73893
I will confer with my colleagues about this, since I think it will come up, but I don’t have a clear answer for you right now. I’m sorry. 😞
f
that's ok, just spitballing - haven't talked to anyone else yet. i'll think on it a bit
c
Well they call the shots around here lol, I think it’s worth having a chat with them if you have the time.
👍 1
Open in Slack
PreviousNext
Powered by