polite-motherboard-78438
04/11/2020, 2:59 PMpulumi preview
, I get the following diff:
+ ├─ kubernetes:<http://cert-manager.io:ClusterIssuer|cert-manager.io:ClusterIssuer> letsencrypt-prod create
- ├─ kubernetes:helm.sh:Chart letsencrypt-prod delete
- │ └─ kubernetes:<http://cert-manager.io:ClusterIssuer|cert-manager.io:ClusterIssuer> cert-maanger/letsencrypt-prod delete
The resource that Pulumi is trying to create is the same as the one it is trying to delete. (On K8s). I am not sure since when this happen, but It could be because the change the way the "lets-encrypt" resource is managed in Pulumi, from an Helm Chart to a Custom resource. Still
If I run pulumi up
it fails, saying with "error":
resource cert-maanger/letsencrypt-prod was not successfully created by the Kubernetes API server : <http://clusterissuers.cert-manager.io|clusterissuers.cert-manager.io> "letsencrypt-prod" already exists. That´s normal, since Pulumi is trying to create a resource that already exists.
So I am trying to converge the pulumi state with the K8s cluster state.
First I tried to manually delete the "letsencrypt" resource by it´s urn like so: pulumi state delete urn:pulumi:dev::brunopazdev::kubernetes:<http://helm.sh/v2/:letsencrypt-prod|helm.sh/v2/:letsencrypt-prod>
It gave an error: error:
This resource can't be safely deleted because the following resources depend on it: cert-maanger/letsencrypt-prod" (urn:pulumi:dev::brunopazdev::kubernetes:<http://helm.sh/v2:Chart$kubernetes:cert-manager.io/v1alpha2:ClusterIssuer::cert-maanger/letsencrypt-prod|helm.sh/v2:Chart$kubernetes:cert-manager.io/v1alpha2:ClusterIssuer::cert-maanger/letsencrypt-prod>)
Ok. makes sense. Let´s try to delete de dependent resource first:
pulumi state delete urn:pulumi:dev::brunopazdev::kubernetes:<http://helm.sh/v2:Chart$kubernetes:cert-manager.io/v1alpha2:ClusterIssuer::cert-maanger/letsencrypt-prod|helm.sh/v2:Chart$kubernetes:cert-manager.io/v1alpha2:ClusterIssuer::cert-maanger/letsencrypt-prod> --force -y
Another error: "*error: No such resource "urnpulumidev:brunopazdevkuberneteshelm.sh/v2:Chartert-manager.io/v1alpha2:ClusterIssuer::cert-maanger/letsencrypt-prod" exists in the current state*"
So I have a resource that depends on a resource that doesnt exist??
Has anybody have an idea how to fix this? Do I have to edit the state manually to remove this resources and then maybe importing the existing one from the Cluster state?
Thank you.gorgeous-egg-16927
04/13/2020, 3:05 PMaliases
opt on the resource. https://www.pulumi.com/docs/reference/pkg/nodejs/pulumi/pulumi/#CustomResourceOptions-aliases
Here’s an example of this in action: https://github.com/pulumi/pulumi-kubernetes/blob/352861d76c54879a0fd82a79d328192fee1927d0/sdk/nodejs/apps/v1/Deployment.ts#L123-L127gorgeous-egg-16927
04/13/2020, 3:06 PMpolite-motherboard-78438
04/17/2020, 5:46 PM+ ├─ kubernetes:<http://cert-manager.io:ClusterIssuer|cert-manager.io:ClusterIssuer> letsencrypt-prod create
- ├─ kubernetes:helm.sh:Chart letsencrypt-prod delete
- │ └─ kubernetes:<http://cert-manager.io:ClusterIssuer|cert-manager.io:ClusterIssuer> cert-maanger/letsencrypt-prod delete
And the URNs:
├─ kubernetes:<http://helm.sh/v2:Chart|helm.sh/v2:Chart> letsencrypt-prod
│ │ URN: urn:pulumi:dev::brunopazdev::kubernetes:<http://helm.sh/v2:Chart::letsencrypt-prod|helm.sh/v2:Chart::letsencrypt-prod>
│ └─ kubernetes:<http://cert-manager.io/v1alpha2:ClusterIssuer|cert-manager.io/v1alpha2:ClusterIssuer> cert-maanger/letsencrypt-prod
│ URN: urn:pulumi:dev::brunopazdev::kubernetes:<http://helm.sh/v2:Chart$kubernetes:cert-manager.io/v1alpha2:ClusterIssuer::cert-maanger/letsencrypt-prod|helm.sh/v2:Chart$kubernetes:cert-manager.io/v1alpha2:ClusterIssuer::cert-maanger/letsencrypt-prod>
The let´s encrypt prod and cert-manager/lets-encrypt-prod are the same resource. I tried setting an alias like this on the new resource:
aliases: [
{
name: "cert-manager/letsencrypt-prod",
type: "kubernetes:<http://cert-manager.io/v1alpha2:ClusterIssuer|cert-manager.io/v1alpha2:ClusterIssuer>",
parent: "kubernetes:<http://helm.sh/v2:Chart::letsencrypt-prod|helm.sh/v2:Chart::letsencrypt-prod>",
},
I tried multiple combinations, with and without full urn´s, with and without parent, but same result. Am I missing something?gorgeous-egg-16927
04/17/2020, 10:45 PMname
should be cert-maanger/letsencrypt-prod
. Looks like you had a typo in the original chart, perhaps?polite-motherboard-78438
04/18/2020, 10:15 AM