Is there a way to not replace all resources just because you change the credentials for a provider? To be more precise, we would like it to be possible run deployment to our kubernetes dev environment for all developers without creating new resources if they exists while using their existing credentials instead of storing config in pulumi yaml.

this sounds like you are trying to replace only provider

in a way yes

If I'm correct, you can use this trick: Initialize provider in the code.

pulumi up

-> creates a new provider Pass that to all resources, you need.

pulumi up --target NEW_provider_urn

This performs an update without replacement

so in theory I should be able to then run:

pulumi up --target provider_urn
pulumi up

yes

can't get it to completely, but that could be because of the access issues I'm investigating 🙂 . Thanks for the suggestion, I'll try them out when I know I have the other pieces working as they should.

Good luck

Looks like it doesn't work. If I do that it tries to delete all resources that is using that provider.

hmm, all providers should be defined in stack. But like I said it may be a bit sketchy with k8s provider, I've noticed a bit different behaviour compared to cloud providers. I hope someone can help you better

Thanks, maybe someone else can help... I try to update my provider using

pulumi up -y -s stackname --target "urn:pulumi:dev::nextjstemplate.deploy::pulumi:providers:kubernetes::k8s-provider"

but the message I get back when doing so is:

could not be found in the stack. Did you forget to escape $ in your shell?

Anyone know what I might be doing wrong?

there should be a dollar sign in there, how did you get the urn?

@billowy-army-68599, I did a pulumi stack export and

grep

for providers to find the urn.

can you show me the command?

for the export?

i think

grep

might be swallowing the

$

ok, I'll pipe it to file and check

This sounds like what I've just described in another thread It would be good if you can share the example code. To use the specific provider you need to pass it explicitly to all resources including a component resource https://pulumi-community.slack.com/archives/CRH5ENVDX/p1634796109010300?thread_ts=1634761696.399800&cid=CRH5ENVDX

Code is pretty straightforward. If there is a config variable, which is a json, containing kubernetes config among other things we extract that and use that when creating the provider. If it isn't we set provider to

undefined

so the default one is used. So the question is basically how do I create a provider that is using the default settings? It seems like I can't use

new k8s.Provider("name")

, I think the provider complained about missing config when I did exactly that. The code I use to create the provider:

export function createK8sProvider(kubernetesConfig: string, namespaceName: string) {
    return kubernetesConfig ? new Provider(`k8s-provider`, {
        kubeconfig: kubernetesConfig,
        namespace: namespaceName,
    }) : undefined;
}

I do add the provider to the resource options everywhere after this. What I would like to be able to do is one of the things below:

export function createK8sProvider(kubernetesConfig: string, namespaceName: string) {
    return kubernetesConfig ? new Provider(`k8s-provider`, {
        kubeconfig: kubernetesConfig,
        namespace: namespaceName,
    }) : new Provider(`k8s-provider`);
}

Which I mead would be use the config if present, if it isn't create a new provider (using the same name) but with what ever default options that exists.

this happens to me quite often, I tend to check

pulumi stack export

quite often in this case. and compare it to the previous versions note: you need to sort the output

pulumi stack export | jq '.deployment.resources|=sort_by(.urn)'

to get consistent results

can I export previous versions?

Glad to hear that! Good job 🙂