https://pulumi.com logo
Powered by
#python
Title
# python
b

bitter-horse-93353

05/02/2022, 6:02 PM
Question: do people import resources from pulumi stacks in scripts/code? I.e.
Copy code
# mypulumi/__main__.py
bucket = aws.s3.Bucket("bucket")

# myscript.py
from mypulumi import bucket
import boto3

bucket = boto3.client('s3').Bucket(bucket.id)  # use the value from the pulumi stack script
Trying to understand if this is a support/common use case and what the best practices around this are. It feels like one benefit of having the definitions in python would be accessing them in various places and knowing that the IDs/ARNs/etc. will always match correctly.
m

millions-furniture-75402

05/02/2022, 6:06 PM
I think typically what you want to do to promote decoupling, is generate Outputs, and pass the outputs to your application or script. You can use the Pulumi automation API to retrieve the Outputs, or if it's across stacks, you can use Stack References.
b

bitter-horse-93353

05/02/2022, 7:33 PM
I see, so in this case I would have some 
pulumi/buckets/pulumi.yaml
that defines the bucket & outputs the bucket ID using 
pulumi.export
and then in 
myscript.py
I would do
Copy code
stack = auto.create_or_select_stack(stack_name="dev", work_dir="pulumi/buckets/")
up_res = stack.up(on_output=print)
up_res.outputs[xxx].value  # bucket ID
and the assumption here is that if the buckets all exist already & are configured in the environment the same as they are in 
pulumi.yaml
then the call to 
stack.up
will essentially no-op & just return the relevant data?
m

millions-furniture-75402

05/02/2022, 8:18 PM
Yes, if you go the automation-api route. Another option I forgot to mention, is passing the values to other declarations that take environment variables, such as ECS or Lambda. You can pass the bucket to the application through the environment variable of that resource.
b

bitter-horse-93353

05/02/2022, 8:20 PM
In this case would the bucket id be coded into the software? I was thinking the most ideal case would be that I never have 
<s3://bucket>-{uuid}/
anywhere in my code, but instead always have 
pulumi.mybucket.id
which will always remain correct regardless of infra changes
m

millions-furniture-75402

05/02/2022, 8:21 PM
Right, you would pass the output as a variable and apply it
💯 1
b

bitter-horse-93353

05/02/2022, 8:22 PM
Awesome, thanks for the thoughts + ideas 🙏
m

millions-furniture-75402

05/02/2022, 8:23 PM
Example in typescript:
Copy code
const myBucket = new aws.s3.Bucket(`${appName}-bucket`, ...);

const lambdaFunctionApi = new aws.lambda.Function(
  `${appName}-api`,
  {
    code: new pulumi.asset.FileArchive("./dist/app"),
    memorySize: 128,
    environment: {
      variables: {
        API_BASE_PATH: apiBasePath,
        S3_BUCKET_NAME: myBucket.name.apply(v => v),
      },
    },
    handler: "lambdaApiHandler.handler",
    layers: [lambdaLayer.arn],
    role: applicationRole.arn,
    runtime: aws.lambda.NodeJS12dXRuntime,
    timeout: 30,
    vpcConfig: {
      securityGroupIds: [appSecurityGroup.id, vpc.defaultSecurityGroupId],
      subnetIds: privateSubnetIds,
    },
  },
  { dependsOn: [applicationRole, lambdaLayer] },
);
2 Views
Powered by