prehistoric-london-9917
05/19/2022, 5:20 AM"@pulumi/aws": "^5",
"@pulumi/awsx": "^0.40",
And something that used to work (a while back) now doesn’t, and I can’t figure out how to update my code to make it work again.
I have an awsx.ec2.Vpc
(notice it’s the CrossWalk VPC), and I’m trying to map the private subnet CIDR blocks so I can use them in a security group ingress rule. This code used to work.
privateCidrBlocks
resolves to Promise<pulumi.Output<string | undefined>[]>
and cidrBlocks
now expects pulumi.Input<pulumi.Input<string>[]>
.
I’d love a suggestion for how to get the CIDR blocks from the vpc.privateSubnets
into a format that I can feed into the cidrBlocks
input for the security group ingress. Any ideas?clever-sunset-76585
05/19/2022, 6:00 AMAnd something that used to work (a while back) now doesn’t, and I can’t figure out how to update my code to make it work again.What is not working? Are you getting type errors?
rhythmic-whale-48997
05/19/2022, 7:05 AMconst privateCidrBlocks = vpc.getSubnetsIds('private');
const storageSG = new aws.ec2.SecurityGroup('storage', {
description: 'Allow private subnet access to EFS',
vpcId: vpc.id,
ingress: [
{
cidrBlocks: privateCidrBlocks,
fromPort: 2049,
toPort: 2049,
protocol: 'tcp'
}
]
});
clever-sunset-76585
05/19/2022, 2:31 PMrhythmic-whale-48997
05/19/2022, 3:39 PMprehistoric-london-9917
05/19/2022, 7:42 PMDiagnostics:
pulumi:pulumi:Stack (demo_cluster-demo_cluster_sandbox):
error: Running program '/Users/matthew.riedel/Source/devex/demo_cluster' failed with an unhandled exception:
TSError: ⨯ Unable to compile TypeScript:
index.ts(182,56): error TS2345: Argument of type '{ description: string; vpcId: pulumi.Output<string>; ingress: { cidrBlocks: Promise<pulumi.Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }[]; }' is not assignable to parameter of type 'SecurityGroupArgs'.
Types of property 'ingress' are incompatible.
Type '{ cidrBlocks: Promise<Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }[]' is not assignable to type 'Input<SecurityGroupIngress>[] | Promise<Input<SecurityGroupIngress>[]> | OutputInstance<Input<SecurityGroupIngress>[]> | undefined'.
Type '{ cidrBlocks: Promise<Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }[]' is not assignable to type 'Input<SecurityGroupIngress>[]'.
Type '{ cidrBlocks: Promise<pulumi.Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }' is not assignable to type 'Input<SecurityGroupIngress>'.
Type '{ cidrBlocks: Promise<pulumi.Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }' is not assignable to type 'SecurityGroupIngress'.
Types of property 'cidrBlocks' are incompatible.
Type 'Promise<Output<string | undefined>[]>' is not assignable to type 'Input<string>[] | Promise<Input<string>[]> | OutputInstance<Input<string>[]> | undefined'.
Type 'Promise<Output<string | undefined>[]>' is not assignable to type 'Promise<Input<string>[]>'.
Type 'Output<string | undefined>[]' is not assignable to type 'Input<string>[]'.
Type 'Output<string | undefined>' is not assignable to type 'Input<string>'.
Type 'OutputInstance<string | undefined>' is not assignable to type 'Input<string>'.
Type 'OutputInstance<string | undefined>' is not assignable to type 'OutputInstance<string>'.
Type 'string | undefined' is not assignable to type 'string'.
Type 'undefined' is not assignable to type 'string'.
index.ts(216,46): error TS2345: Argument of type '{ description: string; vpcId: pulumi.Output<string>; ingress: { cidrBlocks: Promise<pulumi.Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }[]; }' is not assignable to parameter of type 'SecurityGroupArgs'.
Types of property 'ingress' are incompatible.
Type '{ cidrBlocks: Promise<Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }[]' is not assignable to type 'Input<SecurityGroupIngress>[] | Promise<Input<SecurityGroupIngress>[]> | OutputInstance<Input<SecurityGroupIngress>[]> | undefined'.
Type '{ cidrBlocks: Promise<Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }[]' is not assignable to type 'Input<SecurityGroupIngress>[]'.
Type '{ cidrBlocks: Promise<pulumi.Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }' is not assignable to type 'Input<SecurityGroupIngress>'.
Type '{ cidrBlocks: Promise<pulumi.Output<string | undefined>[]>; fromPort: number; toPort: number; protocol: string; }' is not assignable to type 'SecurityGroupIngress'.
Types of property 'cidrBlocks' are incompatible.
Type 'Promise<Output<string | undefined>[]>' is not assignable to type 'Input<string>[] | Promise<Input<string>[]> | OutputInstance<Input<string>[]> | undefined'.
Type 'Promise<Output<string | undefined>[]>' is not assignable to type 'Promise<Input<string>[]>'.
at createTSError (/Users/matthew.riedel/Source/devex/demo_cluster/node_modules/ts-node/src/index.ts:261:12)
at getOutput (/Users/matthew.riedel/Source/devex/demo_cluster/node_modules/ts-node/src/index.ts:367:40)
at Object.compile (/Users/matthew.riedel/Source/devex/demo_cluster/node_modules/ts-node/src/index.ts:558:11)
at Module.m._compile (/Users/matthew.riedel/Source/devex/demo_cluster/node_modules/ts-node/src/index.ts:439:43)
at Module._extensions..js (node:internal/modules/cjs/loader:1159:10)
at Object.require.extensions.<computed> [as .ts] (/Users/matthew.riedel/Source/devex/demo_cluster/node_modules/ts-node/src/index.ts:442:12)
at Module.load (node:internal/modules/cjs/loader:981:32)
at Function.Module._load (node:internal/modules/cjs/loader:822:12)
at Module.require (node:internal/modules/cjs/loader:1005:19)
at require (node:internal/modules/cjs/helpers:102:18)
little-cartoon-10569
05/19/2022, 9:32 PMPromise<pulumi.Output<string>[]>
which is why I'm not getting that error. I can force the error by switching to this artificial code:
const privateCidrBlocks = vpc.privateSubnets
.then(subnets => subnets.map(subnet =>
subnet.subnet.cidrBlock.length ? subnet.subnet.cidrBlock
: undefined));
Is there any way that you could be translating cidrBlock to an Output<string | undefined>
instead of the Output<string>
that it originally was? There's nothing in your example code that I can see..prehistoric-london-9917
05/19/2022, 9:39 PMlittle-cartoon-10569
05/19/2022, 9:44 PM"devDependencies": {
"@pulumi/aws": "5.3.0",
"@pulumi/awsx": "^0.40.0",
"@pulumi/cloudinit": "*",
"@pulumi/pulumi": "3.30.0",
"@pulumi/random": "4.5.0",
"@pulumi/docker": "^3.2.0",
"@pulumi/tls": "^4.3.0",
...
prehistoric-london-9917
05/19/2022, 9:47 PM"@pulumi/aws": "^5",
"@pulumi/awsx": "^0.40",
"@pulumi/eks": "^0.40",
"@pulumi/kubernetes": "^3.1.2",
"@pulumi/kubernetesx": "^0.1.6",
"@pulumi/pulumi": "^3.0.0",
"@pulumi/random": "^4.1.1",
"ts-retry": "^2.3.3"
That resolved, for me, to:
"@pulumi/aws@^5", "@pulumi/aws@^5.1.2":
version "5.4.0"
"@pulumi/awsx@^0.40":
version "0.40.0"
"@pulumi/eks@^0.40":
version "0.40.0"
"@pulumi/kubernetes@^3.0.0", "@pulumi/kubernetes@^3.1.2":
version "3.19.0"
"@pulumi/kubernetesx@^0.1.6":
version "0.1.6"
"@pulumi/pulumi@^3.0.0":
version "3.32.1"
So, pretty close to yours. 🤔 Maybe the old “blow away the node modules folder and re-run yarn” trick will fix it.little-cartoon-10569
05/19/2022, 9:47 PMprehistoric-london-9917
05/19/2022, 9:48 PMcidrBlocks: [vpc.vpc.cidrBlock]
- but obviously not ideallittle-cartoon-10569
05/19/2022, 9:51 PMprehistoric-london-9917
05/19/2022, 11:39 PMIs your IDE (VSCode?) showing the error,I’m seeing it in WebStorm &
pulumi up
fails with the same error. The output above was from pulumi up
.
There’s no peerDependencies at play in Pulumi since it’s all devDepenedenciesInteresting - I didn’t install
@pulumi/*
as dev dependencies. Should I have?
"dependencies": {
"@pulumi/aws": "^5",
"@pulumi/awsx": "^0.40",
"@pulumi/eks": "^0.40",
"@pulumi/kubernetes": "^3.1.2",
"@pulumi/kubernetesx": "^0.1.6",
"@pulumi/pulumi": "^3.0.0",
"@pulumi/random": "^4.1.1",
"ts-retry": "^2.3.3"
little-cartoon-10569
05/19/2022, 11:40 PM@pulumi/pulumi
as in dependencies
(for the StackReference stuff), but everything else is in devDependencies
(since none of the "deployment" code is packaged and made available to other projects).prehistoric-london-9917
05/19/2022, 11:43 PMlittle-cartoon-10569
05/19/2022, 11:44 PMprehistoric-london-9917
05/24/2022, 2:58 AMPromise<pulumi.Output<string>[]>
and I’m getting
Promise<pulumi.Output<string | undefined>[]>
vpc.privateSubnets
ultimately boils down to a list of aws.ec2.Subnet
types, and based on the definition, it seems cidrBlock
might be undefined. So that kind of explains what I’m seeing - it’s an array of `pulumi.Output`s that might be a string or undefined.
Did you do anything to assert that cidrBlock
would be defined?I know that the next version of awsx will break this code, so maybe you’re depending on something that’s sneakily depending on that next version?Are you able to elaborate on that a little more? Is there something I could be doing here to prepare for this change?
little-cartoon-10569
05/24/2022, 3:26 AM/**
* The CIDR block for the subnet.
*/
readonly cidrBlock: pulumi.Output<string>;
const privateCidrBlocks = vpc.privateSubnets.then(subnets => subnets.map(subnet => subnet.subnet.cidrBlock!));
prehistoric-london-9917
05/24/2022, 4:56 AMpulumi up
, though).
Went for maximum effort 😉
function getCidrBlocks(): Promise<pulumi.Output<string>[]> {
return vpc.privateSubnetIds.then(ids => {
return ids.map(id => id.apply(i => pulumi.output(aws.ec2.getSubnet({id: i})).cidrBlock));
});
}
const storageSG = new aws.ec2.SecurityGroup('storage', {
description: 'Allow private subnet access to EFS',
vpcId: vpc.id,
ingress: [
{
cidrBlocks: getCidrBlocks(),
fromPort: 2049,
toPort: 2049,
protocol: 'tcp'
}
]
});
seems to be working. Would be nice if awsx.ec2.Vpc
had a getCidrBlocks
method for this. I reckon this will be a fairly common use case?