https://pulumi.com
Join Slack
This message was deleted.
# general
s
This message was deleted.
l
It doesn’t work for all setups, but I have been able to debug some Github Actions setups using this tool: https://github.com/nektos/act/
w
I'm stuck at
Copy code
⭐  Run <docker://pulumi/actions>
[Pulumi/Update]   🐳  docker run image=pulumi/actions entrypoint=[] cmd=["up" "--yes"]
[Pulumi/Update]   ❌  Failure - <docker://pulumi/actions>
Error: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "exec: \"up\": executable file not found in $PATH": unknown
l
@white-rainbow-68240 then you are also still bitten by this issue, which I also commented to: https://github.com/nektos/act/issues/212#issuecomment-630381029
w
ah
is there something I can set the entrypoint to as a workaround then?
found 
["/usr/bin/pulumi-action", "--non-interactive"]
in https://github.com/pulumi/pulumi/blob/master/dist/actions/Dockerfile will see if it works.
it worked!
Here's my entire yaml:
Copy code
name: Pulumi
on:
  push:
    branches:
      - master
jobs:
  up:
    name: Update
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          fetch-depth: 1
      - uses: <docker://pulumi/actions>
        with:
          args: up --yes
          entrypoint: /usr/bin/pulumi-action --non-interactive
        env:
          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
          PULUMI_CI: up
          PULUMI_ROOT: infra
🎉 1
💯 1
l
Does the above work on Github Actions as well as with 
act
?
w
I'm doing a commit with the entrypoint added, although I don't think it will do any difference. So right now, the state is that it works via 
act
and fails after about 45-55 mins on 
github actions
l
Strange, I have almost exactly the same in my GH actions workflow and for me it works fluently.
Which programming language do you use together with Pulumi? I use Typescript
w
same here
l
Can you post the failure you get on GH actions?
w
I can share my entire infra code since it's basically just example code from Pulumi docs right now:
Copy code
import * as awsx from "@pulumi/awsx";

const containerPort = "80";

const vpc = new awsx.ec2.Vpc("frea-api", {
  cidrBlock: "10.0.0.0/16",
});

const cluster = new awsx.ecs.Cluster("cluster", {
  vpc,
});

const alb = new awsx.elasticloadbalancingv2.ApplicationLoadBalancer(
  "frea-api-lb",
  {
    external: true,
    securityGroups: cluster.securityGroups,
    vpc,
  }
);
const web = alb.createListener("web", {
  port: 80,
  external: true,
  vpc,
});

let service = new awsx.ecs.FargateService("frea-api-svc", {
  cluster,
  desiredCount: 2,
  subnets: vpc.privateSubnetIds,
  taskDefinitionArgs: {
    container: {
      image: awsx.ecs.Image.fromPath("frea-api-image", "../server"),
      memory: 512,
      portMappings: [web],
      environment: [{ name: "PORT", value: containerPort }],
    },
  },
});
export const url = web.endpoint.hostname;
having the entrypoint property made github actions fail with an OCI runtime create failed error. Removed it.
I've played around with the aws cli to see what happens if the credentials are missing or wrong, but then I get really clear errors specifying that they are missing or wrong.
l
@white-rainbow-68240 I’m interested to know what it was doing before receiving the error. It’s possible the 45 minuts is just your STS token expiring.
w
I guess I should try and reset the github action secrets a third time
ah
l
Could you post a longer console log from a github actions run as a Github Gist?
w
Copy code
#### :tropical_drink: `pulumi --non-interactive up --yes`
Previewing update (dev):

    pulumi:pulumi:Stack frea-api-dev running 
    aws:lb:ApplicationLoadBalancer frea-api-lb  
    awsx:x:ecs:FargateTaskDefinition frea-api-svc  
    awsx:x:ec2:Vpc frea-api  
    awsx:x:ecs:FargateService frea-api-svc  
    awsx:x:ecs:Cluster cluster  
@ Previewing update..............................................................................................................................................
    aws:iam:Role frea-api-svc-task  error: error using credentials to get account ID: error calling sts:GetCallerIdentity: RequestError: send request failed
that's the part before, so should be a preview of ecs cluster that times out.
before that, it's just downloading pulumi plugins.
l
At the preview part?? strange. I thought it was already doing the provisioning. Can you comment out everything but the VPC part and add part by part again (ecs cluster, load balancer, deployment)?
Does the ECS cluster already exist in your AWS account from a previous attempt?
w
sure, I'm out of time for today, but will minimize the infra, and I could also just destroy the entire stack to start fresh.
the cluster is up and running, yes
I'll keep you up to date with any progress I make tomorrow, Stockholm time. Great help @limited-rainbow-51650 🙏
l
No problem. Pulumi user here too and willing to help.
Belgium time here.
👍 1
Open in Slack
PreviousNext
Powered by

Pulumi Community

No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Powered by