https://pulumi.com logo
#automation-api
Title
# automation-api
h

high-leather-15669

02/24/2022, 8:07 AM
Hello, I want to create/manage stacks using Pulumi
automation API
using a Azure Storage Account. I can do this over pulumi CLI, but haven't found any docs/examples to do this over the Automation API, could someone be so kind to point it for me? Thank you!
c

crooked-pillow-11944

02/24/2022, 11:03 PM
You should be able to set the
backend
in the project settings I use S3 and KMS to encrypt the state. Here's an example in Python: https://github.com/kjenney/prov/blob/main/prov/common.py#L65-L69
You should be able to use
azblob://
as your backend - replace
s3://
in my example
🙌 1
h

high-leather-15669

02/25/2022, 4:08 PM
@crooked-pillow-11944 Thank you very much! That was exactly what I was looking for, and I did make some progress on it. A new roadblock with this error, which was similar to what I got when the right envvariables were not set when using the CLI.
Copy code
stderr: error: unable to open bucket <azblob://foobar>: azureblob.OpenBucket: accountName is required
This is my code snippet:
Copy code
....
        backend_url = f"<azblob://foobar>"

        project_settings=auto.ProjectSettings(
            name=project_name,
            runtime="python",
            backend={"url": backend_url}
        )

        stack_settings=auto.StackSettings(
            secrets_provider=secrets_provider)

        workspace_opts = auto.LocalWorkspaceOptions(project_settings=project_settings,
                                                    secrets_provider=secrets_provider,
                                                    stack_settings={stack_name: stack_settings})

        stack = auto.create_or_select_stack(stack_name=stack_name,
            project_name=project_name,
            program=pulumi_program,
            opts=workspace_opts)
....
I am clueless on how to pass
AZURE_STORAGE_KEY
,
AZURE_STORAGE_ACCOUNT
using the automationAPI 😞
c

crooked-pillow-11944

02/25/2022, 4:21 PM
If it's anything like the AWS provider (and I think it is) I believe you pass these as environment variables when running the script
I use
aws-vault
to manage my AWS session info but you should be able to either pass thru using the azure cli or just exporting them in your shell
h

high-leather-15669

02/25/2022, 4:31 PM
😄 all I had to do was
backend_url = f"<azblob://foobar/{accountname}>"
Once again, Thanks a lot @crooked-pillow-11944 !
m

miniature-leather-70472

03/03/2022, 10:03 AM
@high-leather-15669 did you figure out what to do with the storage account key? I'd like to set it in the code rather than an environment variable
h

high-leather-15669

03/03/2022, 10:05 AM
Hi @miniature-leather-70472 I could not find a way one can set this is in code, but rather only env variable 😞 I think this has to do with the go client that is using the env variable to dial out.
m

miniature-leather-70472

03/03/2022, 10:07 AM
@high-leather-15669 thanks for the update
1
h

high-leather-15669

03/03/2022, 10:09 AM
If you do find a different way, please do share 🙂 For the moment, for our case the env variable fits, but if can be done in code, I would prefer to do it this way too. But I couldnt find anything yet, and I think @crooked-pillow-11944 did the same. Don't want to go down that rabbit hole at the moment...
4 Views