This message was deleted Pulumi Community #general

Join Slack

This message was deleted.

# general

sparse-intern-71089

10/23/2019, 7:33 PM

This message was deleted.

white-balloon-205

10/23/2019, 7:34 PM

Currently no - an attempt to delete a `protect`ed resource will fail the deployment and other deletions will not be processed. I believe https://github.com/pulumi/pulumi/issues/3304 would address this.

best-hydrogen-40271

10/23/2019, 7:35 PM

best-hydrogen-40271

10/23/2019, 7:35 PM

that's pretty.. limiting

white-balloon-205

10/23/2019, 7:36 PM

Please do upvote that issue! (Or open a new one if there's another scenario you'd like to see supported here?)

best-hydrogen-40271

10/23/2019, 7:39 PM

wow, that's disappointing

white-balloon-205

10/23/2019, 7:40 PM

Could you explain a little more what the scenario is you have in mind and how this blocks it?

best-hydrogen-40271

10/23/2019, 7:42 PM

I have a bunch of infra, including a database for example

best-hydrogen-40271

10/23/2019, 7:43 PM

and when I destroy, I don't really want to take out my storage without some manual intervention

white-balloon-205

10/23/2019, 7:44 PM

Note that you can manually remove the resource from the state file so that it is no longer managed by Pulumi, and then destroy the stack to remove everything else. This would require editing the state file or using

pulumi state delete

, but should be possible today. Note that in general, it is very likely you won't be able to delete other resources until you delete the protected resource - like you won't be able to delete the VPC or Roles used for a Database until you delete the database. So some amount of the infrastructure will also fail to destroy if you want to keep this resource around. Pulumi acts as conservatively as possible wrt

protect

to ensure the least damage possible to you infrastructure if you have indicated something should be `protect`ed.

best-hydrogen-40271

10/23/2019, 7:44 PM

in my case it's just a bucket, rather than a database

best-hydrogen-40271

10/23/2019, 7:45 PM

I can get around it by

Copy code

// const bucket = new gcp.storage.Bucket("epictree-primary-vault-bucket", {
  //   location: "EU",
  //   name: "epictree-primary-vault-bucket"
  // });

  const bucket = gcp.storage.Bucket.get(
    "epictree-primary-vault-bucket",
    "epictree-primary-vault-bucket"
  );

best-hydrogen-40271

10/23/2019, 7:45 PM

commenting out the original

new

👍 1

best-hydrogen-40271

10/23/2019, 7:45 PM

but, it's not ideal

best-hydrogen-40271

10/23/2019, 7:46 PM

I believe terraform works like I'm trying to use iirc

best-hydrogen-40271

10/23/2019, 7:46 PM

I did something to some prod databases back in the day that prevented them from being deleted, but they'd still be created if they were absent

best-hydrogen-40271

10/23/2019, 7:47 PM

just in case someone accidentally tried to destroy the prod infra

white-balloon-205

10/23/2019, 7:48 PM

I believe terraform works like I'm trying to use iirc

I actually am not sure - though I would have guessed the opposite - that they were even more conservative and would fail the entire attempt to destroy before deleting anything if something was marked as protected. Will be interested to look into this.

best-hydrogen-40271

10/23/2019, 7:48 PM

Copy code

resource "digitalocean_droplet" "db" {
    lifecycle {
            prevent_destroy = true
    }
}

Open in Slack

Previous Next