handsome-truck-95168
12/11/2019, 7:43 PMSHOW_BUG
at the top to true
. To see it work (but not general), set SHOW_BUG
to false
. In both cases, set an environment variable APEX_DOMAIN
to a domain you control . Otherwise, it defaults to <http://example.com|example.com>
which won't work for anybody:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const SHOW_BUG = true
const apex = process.env.APEX_DOMAIN || "<http://example.com|example.com>"
const cert = new aws.acm.Certificate("cert", {
domainName: `v.${apex}`,
subjectAlternativeNames: [`vv.${apex}`, `vvv.${apex}`],
validationMethod: "DNS",
});
const zone = aws.route53.getZone({
name: apex,
privateZone: false,
});
if(SHOW_BUG) {
const domains = cert.domainValidationOptions.apply((opts) =>
opts.map((opt) =>
new aws.route53.Record(opt.resourceRecordName, {
name: opt.resourceRecordName,
records: [opt.resourceRecordValue],
ttl: 60,
type: opt.resourceRecordType,
zoneId: zone.id,
}, { dependsOn: cert })
)
)
new aws.acm.CertificateValidation(`cert-${apex}`, {
certificateArn: cert.arn,
validationRecordFqdns: domains.apply((doms) => doms.map((dom) => dom.fqdn))
}, { dependsOn: domains })
}
else {
let domains: Array<aws.route53.Record> = []
for(let i = 0; i < 3; i++) {
domains.push(new aws.route53.Record(`val-${i}`, {
name: cert.domainValidationOptions[i].resourceRecordName,
records: [cert.domainValidationOptions[i].resourceRecordValue],
ttl: 60,
type: cert.domainValidationOptions[i].resourceRecordType,
zoneId: zone.id,
}, { dependsOn: cert }))
}
new aws.acm.CertificateValidation(`cert-${apex}`, {
certificateArn: cert.arn,
validationRecordFqdns: domains.map((dom) => dom.fqdn)
}, { dependsOn: domains })
}
> pulumi up
Previewing update (cert-demo):
Type Name Plan Info
+ pulumi:pulumi:Stack cert-demo-cert-demo create 1 error; 4 messages
+ └─ aws:acm:Certificate cert create
Diagnostics:
pulumi:pulumi:Stack (cert-demo-cert-demo):
TypeError: Cannot read property 'concat' of undefined
at C:\Users\Justin\Source\cert-demo\node_modules\@pulumi\pulumi\runtime\resource.js:356:29
at Generator.next (<anonymous>)
at fulfilled (C:\Users\Justin\Source\cert-demo\node_modules\@pulumi\pulumi\runtime\resource.js:18:58)
error: Running program 'C:\Users\Justin\Source\cert-demo' failed with an unhandled exception:
TypeError: Cannot read property 'concat' of undefined
at C:\Users\Justin\Source\cert-demo\node_modules\@pulumi\pulumi\runtime\resource.js:356:29
at Generator.next (<anonymous>)
at fulfilled (C:\Users\Justin\Source\cert-demo\node_modules\@pulumi\pulumi\runtime\resource.js:18:58)
index.ts
in that stack trace, so pretty hard to figure out where this is coming from. However, is the dependsOn
expression used when creating the CertificateValidation
object .white-balloon-205
12/11/2019, 8:19 PMdonainValidationOptions
are always populated 1:1 with subjectAlternateNames
then looping over the latter (which are known ahead of time) may be slightly better.handsome-truck-95168
12/11/2019, 8:21 PM