https://pulumi.com logo
#general
Title
# general
d

damp-room-71337

09/20/2019, 10:50 AM
what’s the best way to handle specifying config? I want to be able to do
pulumi up --config myAppImageTag=${CIRCLE_SHA}
but that doesn’t seem to be supported. Do
pulumi config set ...
outside the orb first or something?
t

tall-librarian-49374

09/20/2019, 12:11 PM
In what way is it not supported?
--config
option should work.
d

damp-room-71337

09/20/2019, 12:43 PM
there’s no
config
option for the orb, unless I’m missing something? https://circleci.com/orbs/registry/orb/pulumi/pulumi#commands-update
t

tall-librarian-49374

09/20/2019, 12:53 PM
Ah, I don't know about orbs, just know it works for the CLI itself
w

white-balloon-205

09/20/2019, 2:00 PM
You should be able to do
Pulumi config
outside the orb, check in the
Pulumi.stackname.yaml
and then just do the update inside the orb. Is there a reason that does not work for your usecase?
d

damp-room-71337

09/20/2019, 2:07 PM
no not really, I was just wondering if there was a way to do something like that with an orb command
c

colossal-beach-47527

09/20/2019, 3:17 PM
No, there isn’t a way to run
pulumi config
from within our CircleCI orbs. (Feel free to file an an issue in http://github.com/pulumi/circleci, however.) However, I would strongly urge you to not run
pulumi config
as part of your CI setup. The reason being is that in order to have reproduceable deployments, you need to have the same “inputs” into your stack deployment. This is why configuration information is stored with your source via
Pulumi.stackname.yaml
, instead of managed entirely on the Pulumi Service. However, you can always just run
pulumi config
directly witin your CircleCI configuration, since we add
pulumi
to the
$PATH
. https://github.com/pulumi/circleci/blob/master/orbs/pulumi.yml#L45
d

damp-room-71337

09/23/2019, 8:29 AM
Thanks for that, I’m trying to piece this together at the minute. I get the principle of making sure all config is in Pulumi’s YAML, and checked into git, but I’m not 100% clear what best practice for that is in a CI/CD workflow. Keep Pulumi’s resources in a separate repo from the application, and have the app’s CI/CD pipeline check out/update/push Pulumi’s config before or after
pulumi up
?
c

colossal-beach-47527

09/23/2019, 6:48 PM
I’m not 100% clear what best practice for that is in a CI/CD workflow.
Running
pulumi preview
or
pulumi up
in your CI/CD system is fine. (It’s how we continuously deploy our own systems.) The main “requirement” of sorts is that you make any configuration changes (e.g. invocations of
pulumi config set
) as part of a code commit. e.g. if you want to update a deployment setting, you do that on your local machine (which would edit
Pulumi.yaml
) and then check that file in. That way on your CI/CD, you just run
pulumi up
(and not perform any configuration or source changes beyond what’s checked in). Make sense?
2 Views