This message was deleted.
# general
s
This message was deleted.
b
Hey Carissa. Could you share the diff?
n
absolutely on its way
Copy code
All of these secrets I did a --secret command and verified they are correct and live in existing App service and in local Pulumi yaml file and looks to be trying to add with + and being in green:

~ appSettings                : {
          + ALLOWED_ROLES                      : [secret]
          + ALLOWED_UPSTREAM_REDIRECTS         : [secret]
          + DOCKER_CUSTOM_IMAGE_NAME           : [secret]
          + ENCOMPASS_BEARER                   : [secret]
          + JWT_SECRET                         : [secret]
          + MEERKAT_PORT                       : [secret]
          + MSAL_AUTHORITY                     : [secret]
          + MSAL_CLIENT_ID                     : [secret]
          + MSAL_CLIENT_SECRET                 : [secret]
          + MSAL_CLIENT_SECRET_OLD             : [secret]
          + PORT                               : [secret]
          + REDIRECT_URI                       : [secret]

          + WEBSITES_PORT                      : [secret]
more to come....
trying to deletes: - authSettings : { - enabled : false - tokenRefreshExtensionHours: 0 } - clientCertMode : "Required" - keyVaultReferenceIdentityId: "SystemAssigned" - linuxFxVersion : "DOCKER|[secret]" - managedPipelineMode : "Integrated" - minTlsVersion : "1.2" - numberOfWorkers : 1
trying to add: } + clientAffinityEnabled : false + clientCertEnabled : false Identity block (which will throw errors after being added)
I would love to show screenshots and most everything is a secret so if this doesn't help I'll make whatevers left a secret that I need to and add here
I guess from my lack of knowledge specific to secrets: If you have them living in the App Service on the console and you run the --secret command, verify they exist in the local yaml file, does this mean Pulumi wants to add them and duplicate what already exists/is matching? Specific to imports vs building via Pulumi: If you import a resource and it's having a bunch of diffs as it is here, is there a known workaround outside of an ignore (which I don't want to do) to get it to play nice or do I just keep hacking away in index.ts and try to get it to match and be happy?
b
that does help, but I’m not sure why this behaviour is happening on import, i wouldnt expect it. Could you file an issue if you have a repro?
is there a known workaround outside of an ignore
yes, you can use
ignoreChanges
(https://www.pulumi.com/docs/intro/concepts/resources/options/ignorechanges/) but this feels like it shouldn’t be needed
did you use the
pulumi import
command or are you trying to manually import?
n
Yeah I'm with you on the IgnoreChanges. I could totally file an issue. I haven't pushed up my local changes yet to repo so what's your recommendation on filing the issue? I did pulumi import on all resources it's complaining about. Shown below without content: pulumi import azureappservice/appServiceAppService testing-meerkat-api /subscriptions/#####/resourceGroups/#####/providers/####
b
it seems like the import isn’t correctly filling out the types which is definitely an import issue for us, sorry for the inconvenience. To file an issue, just state how you created the resource originally (whether clickops or orther iac tool) and how you ran
pulumi import
file it in github.com/pulumi/pulumi-azure-native
n
can do thank you very much!