https://pulumi.com logo
#dotnet
Title
# dotnet
p

plain-tiger-79744

06/03/2020, 5:14 PM
How can I run async code once that is not supported by Pulumi? I would like to use Azure Key Vault (AKV) client to import a key from another AKV (based on a given certificate).
await akvClient.ImportKeyAsync("***.<http://vault.azure.net|vault.azure.net>", "MyKey", existingJsonWebkey);
t

tall-librarian-49374

06/03/2020, 6:57 PM
If you intend to pass the result to a Pulumi resource, you can wrap it to output
Output.Create(akvClient.ImportKeyAsync(…))
If you need to use it for control flow, you can create an async helper method and use it while defining outputs in the constructor like here https://github.com/pulumi/pulumi/blob/master/pkg/codegen/internal/test/testdata/aws-eks.pp.cs
p

plain-tiger-79744

06/03/2020, 8:33 PM
@tall-librarian-49374 I think you miss understood me. If I run pulumi up 10 times then I only want my code run once. So if my method run once, it should never ever run again. I don't want to import my key multiple times, but only when I first create my Azure Key Vault. So what I would need is a hook into the creation process of an Azure Key Vault. So the question would if I could use something like that: localKeyVault.VaultUri.Apply(x => myCode ...) ? Shouldn't this delegate only run once?
t

tall-librarian-49374

06/03/2020, 8:34 PM
Ah, I see, I missed “once”, sorry for that
The delegate in your last example will run every time
I guess you need to find some condition that would only be true if the certificate isn’t imported yet. E.g. try to read it and if not found - run your code.
p

plain-tiger-79744

06/03/2020, 8:37 PM
It would be nice to hook into the handling of the Pulumi state, so that I could state myself that I already "added" the "resource".
t

tall-librarian-49374

06/03/2020, 8:37 PM
In TypeScript, this would be solved with a dynamic provider, but that’s not supported in .NET due to complications with code serialization.
p

plain-tiger-79744

06/03/2020, 8:38 PM
😕
So it seems like I have to handle my scenario outside of Pulumi...
Hm... there is also no way in Pulumi to check if a resource already exist, isn't there?
I could check if the key already exist: Pulumi.Azure.KeyVault.Key.Get(.....). I maybe have to catch an exception if the key does not exist.
Will check that tomorrow
Could make it work.
var importedKey = localKeyVault.VaultUri.Apply(vaultUrl => Output.Create(KeyImporter.ImportKey(
"https://***.<http://vault.azure.net|vault.azure.net>", "TestCertSelf", vaultUrl, "ImportedKey")));
5 Views