Hey I m having a bit of trouble understanding how to enable Pulumi Community #pulumi-deployments

Hey, I’m having a bit of trouble understanding how...

eager-keyboard-30823

02/16/2023, 1:13 PM

Hey, I’m having a bit of trouble understanding how to enable deployments for our organization. Is it in public preview or do we still need to be granted access somehow? The registration link just redirects to a generic documentation page about Deployments.

brainy-church-78120

02/16/2023, 5:23 PM

hi @eager-keyboard-30823! it should already be enabled for your organization. if you navigate to a stack and then the stack's settings, do you see a deploy nav item?

eager-keyboard-30823

02/16/2023, 10:02 PM

hi, I’m not the org admin but I had our admin open the settings for the stack and the deploy nav item was there - however, no option to enable oidc for gcp - only a button to install the girhub app. Problem is, we’ve already installed it

brainy-church-78120

02/16/2023, 10:15 PM

do you mind checking that the install of the app has the right permissions over in github? and if its not a pain, can you try uninstalling the app and then reinstalling directly from that button that's shown on that deploy settings page?

eager-keyboard-30823

02/16/2023, 10:47 PM

Sure @brainy-church-78120 - does this look right?

brainy-church-78120

02/16/2023, 11:11 PM

it does yes!

eager-keyboard-30823

02/16/2023, 11:17 PM

Alright. I’ve tried reinstalling for that organization, my personal account and even tried creating a new organization - none of them is showing the deployment options. 😕

brainy-church-78120

02/16/2023, 11:19 PM

alright, thx for trying! let me get some backup to help me out, mind telling me the name of your org?

brainy-church-78120

02/16/2023, 11:20 PM

is this you

LiHRaM

lemon-agent-27707

02/16/2023, 11:29 PM

Hey @eager-keyboard-30823, happy to help out here and would appreciate some more details on what you are seeing. To configure deployments and see the settings of a stack you must be an admin in the pulumi organization. You should definitely be able to see it for your personal organization if you have the github app installed:

lemon-agent-27707

02/16/2023, 11:30 PM

Only once you've configured deployment settings for a stack will you see the purple

actions

button for the stack that allows clicking to deploy.

lemon-agent-27707

02/16/2023, 11:30 PM

Are you able to see any of this deployment settings UI for your personal account or pulumi organization?

eager-keyboard-30823

02/16/2023, 11:51 PM

I’ve created a test organization

lihram-test

(and yes @brainy-church-78120,

LiHRaM

is my username). I’ll configure a project and send you what I see.

eager-keyboard-30823

02/16/2023, 11:57 PM

@lemon-agent-27707 This is all I see after: 1. Creating a new org 2. Creating a stack 3. Setting up the stack from a github repo and running

pulumi up

4. Installing the GitHub app

lemon-agent-27707

02/17/2023, 12:10 AM

Are you an admin in the github organization? There is a known limitation in our github app where it must be installed from within pulumi by someone who is a github org admin.

lemon-agent-27707

02/17/2023, 12:11 AM

In order for everything to work properly, you might need to have the github admin uninstall and reinstall the app through the link in the pulumi service console. Sorry for the rough experience here, we have plans to improve it in the near future.

eager-keyboard-30823

02/17/2023, 12:30 AM

For the test organization I was installing the app in my personal github org – however, I am also admin of the enterprise organization in which I reinstalled the app earlier

eager-keyboard-30823

02/17/2023, 12:32 AM

I’m mostly interested in the OIDC integration though - is there a reason the GitHub app has to be installed for that to work? What if I, say, want to use GitLab / google source repos instead?

lemon-agent-27707

02/17/2023, 7:28 PM

You can use the deployments REST API independently, including OIDC. The github app is only required for git push to trigger deployments and click to deploy from within the console. Soon, you'll be able to click to deploy from gitlab or other git source repos as well. We've just added public APIs for persistent deployment settings but haven't made updates to the console yet.

lemon-agent-27707

02/17/2023, 7:29 PM

The API allows configuring a "source context" which includes auth with private git repos:

Copy code

{
  "git": {
    "repoURL": "<https://github.com/pulumi/examples.git>",
    "branch": "refs/heads/master",
    "repoDir": "aws-ts-s3-folder",
    "gitAuth": {
      "accessToken": {
        "secret": "myAccessToken"
      }
    }
  }
}

lemon-agent-27707

02/17/2023, 7:29 PM

Copy code

{
  "git": {
    "repoURL": "<https://github.com/pulumi/examples.git>",
    "branch": "refs/heads/master",
    "repoDir": "aws-ts-s3-folder",
    "gitAuth": {
      "sshAuth": {
        "privateKey": {
          "secret": "myPrivateKey"
        },
        "password": {
          "secret": "myPassword"
        }
      }
    }
  }
}

lemon-agent-27707

02/17/2023, 7:30 PM

And am I correctly understanding that you were not able to get the github app and deployment settings UI configured in any of your pulumi accounts/orgs? I can do some debugging and check our logs to see what is going on here.

eager-keyboard-30823

02/21/2023, 9:22 AM

Yes, I was not able to get the github app and deployment settings configured anywhere. The one that’s easiest for me to debug would be either the personal or the lihram-test orgs.

eager-keyboard-30823

02/21/2023, 1:18 PM

Using the HTTP API I was able to start a deployment with oidc enabled! 🙏

lemon-agent-27707

03/01/2023, 3:22 PM

Glad to hear you got things working via the API. I can see that the installation didn't go through properly for your org in our backend. If you give me the name of the github org you want associated with each pulumi org, I can patch things up on our end.

eager-keyboard-30823

03/01/2023, 3:23 PM

Great @lemon-agent-27707! I’ll DM you the names.

2 Views

Open in Slack

Previous Next