https://pulumi.com logo
Title
w

wet-noon-14291

10/18/2021, 12:59 PM
Is there a way to not replace all resources just because you change the credentials for a provider? To be more precise, we would like it to be possible run deployment to our kubernetes dev environment for all developers without creating new resources if they exists while using their existing credentials instead of storing config in pulumi yaml.
g

great-sunset-355

10/18/2021, 1:04 PM
this sounds like you are trying to replace only provider
w

wet-noon-14291

10/18/2021, 1:05 PM
in a way yes
g

great-sunset-355

10/18/2021, 1:07 PM
If I'm correct, you can use this trick: Initialize provider in the code.
pulumi up
-> creates a new provider Pass that to all resources, you need.
pulumi up --target NEW_provider_urn
This performs an update without replacement
this will replace
provider
inside the state
w

wet-noon-14291

10/18/2021, 1:09 PM
so in theory I should be able to then run:
pulumi up --target provider_urn
pulumi up
g

great-sunset-355

10/18/2021, 1:11 PM
yes
you can export stack and compare resources, they should have updated provider after the first command
This works for cloud resources, I hope it's not too different for k8s resources
w

wet-noon-14291

10/18/2021, 1:37 PM
can't get it to completely, but that could be because of the access issues I'm investigating 🙂 . Thanks for the suggestion, I'll try them out when I know I have the other pieces working as they should.
g

great-sunset-355

10/18/2021, 1:45 PM
Good luck
w

wet-noon-14291

10/19/2021, 12:01 PM
Looks like it doesn't work. If I do that it tries to delete all resources that is using that provider.
For some reason it can't find the target it seems. So either I don't have the correct urn or it can't find it for some reason. The command I run is:
pulumi up -y -s stackname --target "urn:pulumi:dev::nextjstemplate.deploy::pulumi:providers:kubernetes::k8s-provider"
g

great-sunset-355

10/19/2021, 2:27 PM
hmm, all providers should be defined in stack. But like I said it may be a bit sketchy with k8s provider, I've noticed a bit different behaviour compared to cloud providers. I hope someone can help you better
w

wet-noon-14291

10/20/2021, 7:52 PM
Thanks, maybe someone else can help... I try to update my provider using
pulumi up -y -s stackname --target "urn:pulumi:dev::nextjstemplate.deploy::pulumi:providers:kubernetes::k8s-provider"
but the message I get back when doing so is:
could not be found in the stack. Did you forget to escape $ in your shell?
Anyone know what I might be doing wrong?
b

billowy-army-68599

10/20/2021, 7:54 PM
there should be a dollar sign in there, how did you get the urn?
w

wet-noon-14291

10/20/2021, 8:23 PM
@billowy-army-68599, I did a pulumi stack export and
grep
for providers to find the urn.
b

billowy-army-68599

10/20/2021, 8:24 PM
can you show me the command?
w

wet-noon-14291

10/20/2021, 8:25 PM
for the export?
pulumi stack export -s <stack name> | grep provider
b

billowy-army-68599

10/20/2021, 8:27 PM
i think
grep
might be swallowing the
$
what's the output?
w

wet-noon-14291

10/20/2021, 8:28 PM
ok, I'll pipe it to file and check
hm, I think I might now what is going on. In the build server I create the provider in code using variables that I read from a secret and I control the name of the provider. Locally I run it but then use the default one. The name of the default provider won't match the one I create on my build server, so I guess that might be what is causing the issue. The name of the providers doesn't actually have a
$
, it is only the kubernetes resources that has that.
Is there a way to access the default provider instance and read out the config so I can control the creation of the provider?
Or the default config, if none is specified in yaml.
or set the name of the default provider
g

great-sunset-355

10/21/2021, 6:05 AM
This sounds like what I've just described in another thread It would be good if you can share the example code. To use the specific provider you need to pass it explicitly to all resources including a component resource https://pulumi-community.slack.com/archives/CRH5ENVDX/p1634796109010300?thread_ts=1634761696.399800&amp;cid=CRH5ENVDX
w

wet-noon-14291

10/21/2021, 1:08 PM
Code is pretty straightforward. If there is a config variable, which is a json, containing kubernetes config among other things we extract that and use that when creating the provider. If it isn't we set provider to
undefined
so the default one is used. So the question is basically how do I create a provider that is using the default settings? It seems like I can't use
new k8s.Provider("name")
, I think the provider complained about missing config when I did exactly that. The code I use to create the provider:
export function createK8sProvider(kubernetesConfig: string, namespaceName: string) {
    return kubernetesConfig ? new Provider(`k8s-provider`, {
        kubeconfig: kubernetesConfig,
        namespace: namespaceName,
    }) : undefined;
}
I do add the provider to the resource options everywhere after this. What I would like to be able to do is one of the things below:
export function createK8sProvider(kubernetesConfig: string, namespaceName: string) {
    return kubernetesConfig ? new Provider(`k8s-provider`, {
        kubeconfig: kubernetesConfig,
        namespace: namespaceName,
    }) : new Provider(`k8s-provider`);
}
Which I mead would be use the config if present, if it isn't create a new provider (using the same name) but with what ever default options that exists.
Maybe that actually works... thought I tried it before but maybe I did something else at the same time.
g

great-sunset-355

10/21/2021, 5:52 PM
this happens to me quite often, I tend to check
pulumi stack export
quite often in this case. and compare it to the previous versions note: you need to sort the output
pulumi stack export | jq '.deployment.resources|=sort_by(.urn)'
to get consistent results
w

wet-noon-14291

10/21/2021, 8:11 PM
can I export previous versions?
@great-sunset-355, thank you. Your workaround seems to be working after I fixed my other issues.
g

great-sunset-355

10/23/2021, 7:21 AM
Glad to hear that! Good job 🙂