Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
e
eager-keyboard-30823
02/16/2023, 1:13 PMHey, I’m having a bit of trouble understanding how to enable deployments for our organization. Is it in public preview or do we still need to be granted access somehow? The registration link just redirects to a generic documentation page about Deployments.
b
brainy-church-78120
02/16/2023, 5:23 PMhi @eager-keyboard-30823! it should already be enabled for your organization. if you navigate to a stack and then the stack's settings, do you see a deploy nav item?
e
eager-keyboard-30823
02/16/2023, 10:02 PMhi, I’m not the org admin but I had our admin open the settings for the stack and the deploy nav item was there - however, no option to enable oidc for gcp - only a button to install the girhub app. Problem is, we’ve already installed it
b
brainy-church-78120
02/16/2023, 10:15 PMdo you mind checking that the install of the app has the right permissions over in github? and if its not a pain, can you try uninstalling the app and then reinstalling directly from that button that's shown on that deploy settings page?
e
eager-keyboard-30823
02/16/2023, 10:47 PMSure @brainy-church-78120 - does this look right?
b
brainy-church-78120
02/16/2023, 11:11 PMit does yes!
e
eager-keyboard-30823
02/16/2023, 11:17 PMAlright. I’ve tried reinstalling for that organization, my personal account and even tried creating a new organization - none of them is showing the deployment options. 😕
b
brainy-church-78120
02/16/2023, 11:19 PMalright, thx for trying! let me get some backup to help me out, mind telling me the name of your org?
is this you
LiHRaMl
lemon-agent-27707
02/16/2023, 11:29 PMHey @eager-keyboard-30823, happy to help out here and would appreciate some more details on what you are seeing.
To configure deployments and see the settings of a stack you must be an admin in the pulumi organization. You should definitely be able to see it for your personal organization if you have the github app installed:
Only once you've configured deployment settings for a stack will you see the purple
actionsAre you able to see any of this deployment settings UI for your personal account or pulumi organization?
e
eager-keyboard-30823
02/16/2023, 11:51 PMI’ve created a test organization
lihram-testLiHRaM@lemon-agent-27707 This is all I see after:
1. Creating a new org
2. Creating a stack
3. Setting up the stack from a github repo and running
pulumi upl
lemon-agent-27707
02/17/2023, 12:10 AMAre you an admin in the github organization? There is a known limitation in our github app where it must be installed from within pulumi by someone who is a github org admin.
In order for everything to work properly, you might need to have the github admin uninstall and reinstall the app through the link in the pulumi service console. Sorry for the rough experience here, we have plans to improve it in the near future.
e
eager-keyboard-30823
02/17/2023, 12:30 AMFor the test organization I was installing the app in my personal github org – however, I am also admin of the enterprise organization in which I reinstalled the app earlier
I’m mostly interested in the OIDC integration though - is there a reason the GitHub app has to be installed for that to work? What if I, say, want to use GitLab / google source repos instead?
l
lemon-agent-27707
02/17/2023, 7:28 PMYou can use the deployments REST API independently, including OIDC. The github app is only required for git push to trigger deployments and click to deploy from within the console.
Soon, you'll be able to click to deploy from gitlab or other git source repos as well. We've just added public APIs for persistent deployment settings but haven't made updates to the console yet.
The API allows configuring a "source context" which includes auth with private git repos:
{
"git": {
"repoURL": "<https://github.com/pulumi/examples.git>",
"branch": "refs/heads/master",
"repoDir": "aws-ts-s3-folder",
"gitAuth": {
"accessToken": {
"secret": "myAccessToken"
}
}
}
}{
"git": {
"repoURL": "<https://github.com/pulumi/examples.git>",
"branch": "refs/heads/master",
"repoDir": "aws-ts-s3-folder",
"gitAuth": {
"sshAuth": {
"privateKey": {
"secret": "myPrivateKey"
},
"password": {
"secret": "myPassword"
}
}
}
}
}And am I correctly understanding that you were not able to get the github app and deployment settings UI configured in any of your pulumi accounts/orgs? I can do some debugging and check our logs to see what is going on here.
e
eager-keyboard-30823
02/21/2023, 9:22 AMYes, I was not able to get the github app and deployment settings configured anywhere. The one that’s easiest for me to debug would be either the personal or the lihram-test orgs.
Using the HTTP API I was able to start a deployment with oidc enabled! 🙏
l
lemon-agent-27707
03/01/2023, 3:22 PMGlad to hear you got things working via the API. I can see that the installation didn't go through properly for your org in our backend. If you give me the name of the github org you want associated with each pulumi org, I can patch things up on our end.
e
eager-keyboard-30823
03/01/2023, 3:23 PMGreat @lemon-agent-27707! I’ll DM you the names.