https://pulumi.com logo
Join Slack
Powered by
Does anyone have a good repro for <https://github....
# package-authoring
e
Does anyone have a good repro for https://github.com/pulumi/pulumi-terraform-bridge/issues/812 ? I'd love to have that fixed but can't seem to reproduce.
n
Strangely enough I was also not able to reproduce it in a separate repo. I'll keep digging and get back to you today.
e
Ah thanks a ton Rob!
n
Hey Anton, strangely was not able to isolate this in a minimal repo. It seems to work fine unless I'm trying to use it for real problems haha. was wondering if you have any hints on how to debug it myself, or just any way i can get you more information about it.
So it must be some environmental/contextual issue and i'm missing some piece of that in my attempts to reproduce
e
So you're getting "objectEncoder failed"?
n
yes
Copy code
checkmate:index:HttpHealth (tierone-check-http):
    error: objectEncoder failed on property "url": Expected a string, got: {&{{<http://tier1-obstester-ap10w8ez.staging.azure.tetrate.com>}}}
but then when i run it elsewhere it was working haha
e
The error itself is coming from the provider, definitely. One thing to try is to run 
PULUMI_DEBUG_GRPC=$PWD/trace.json pulumi up
this will write, in JSON form, the entire gRPC conversation between pulumi CLI and the provider. Somewhere in there will be a call that's sending this malformed URL bit, could be interesting to look at that
n
ok i'll try that out
from the provider? or from the bridge? or i guess could be either?
e
PULUMI_DEBUG_GRPC just looks at the inter-process comm. At that level there's just 3 procs: pulumi program, pulumi CLI, and pulumi provider. The provider uses the bridge as a lib in-proc.
With luck I can maybe take that request and mock up a provider and turn this into a test.
n
whats extra weird is if we take the resulting string (either what you see in the log output there, or do a apply(console.log)) and put it in literally, it works!
e
Yeah well I kind of suspect something is off wrt the on-the-wire encoding of Outputs but I can't seem to pin it down yet.
n
i guess i dont know exactly how this works but its confusing to me that this would matter. if pulumi can successfully compose these outputs for OTHER providers why would it be different for this provider? i guess thats what we're hoping to find out...
e
Well hopefully I will be able to answer this once we fix it 🙂
Also please make sure youre' on the latest
n
ok i generated the trace.json. will upload in a sec just making sure nothing sensitive is in there
i'm on pf/v0.4.0
e
Yeah you can filter it to the call that's got the url
These gRPC traces are not sanitized yet for PW so good to filter
n
trace.checkmate.json
trace.checkmate.json
let me know if you need more context
i'm also going to run it with the url hardcoded and see whats different
e
Yeah looks like this is the call that dies
Copy code
{
  "method": "/pulumirpc.ResourceProvider/Create",
  "request": {
    "urn": "urn:pulumi:azure.161rc2-1-24::hosted-test::checkmate:index/httpHealth:HttpHealth::tierone-check-http",
    "properties": {
      "consecutiveSuccesses": 10,
      "interval": 2000,
      "timeout": 900000,
      "url": {
        "4dabf18193072939515e22adb298388d": "1b47061264138c4ac30d75fd1eb44270",
        "value": "<http://tier1-obstester-ap10w8ez.staging.azure.tetrate.com>"
      }
    }
  },
  "response": {},
  "metadata": {
    "kind": "resource",
    "mode": "client",
    "name": "checkmate"
  }
}
It used to print errors here in "response" but something got borked (side note). So this is great this is the encoding of the URL
Can you show me the subset of the httpHealth:HttpHealth resource schema definition, how does it define the URL attribute
n
sure one sec
e
https://github.com/pulumi/pulumi/blob/a69ad7bc961b6e8656f8ffafaf1f2dadb4965165/sdk/go/common/resource/properties.go#L628-#L628 and is specialsigkey and 1b47061264138c4ac30d75fd1eb44270 is "SecretSig" so this is essentially marked secret
n
Untitled.go
Untitled.go
e
So looks like the data is sent with the secret marker but the serializer doesn't expect a secret so it fails! This gives me a pretty solid clue. I could make it tolerate secrets on the wire. But also good to understand why the value is marked secret.
n
oh interesting
wonder how that happened
i dont think it should be a secret in our code?? let me look closer
e
So OK the schema doesn't mandate it to be secret
Do you have ProviderInfo that sets SchemaInfo to make it secret? Guessting not
One possibility is that it can be marked secret if the Output value is in some "apply" chain where antecedent is secret.
Anyway, thanks so much! I think I should be able to repro and chase this down now! This is great.
n
i dont see anywhere that it should be secret but i think this is the right track anyway
glad you saw a path so quickly !
let me know if you need any more info of course
e
Reproduced
Copy code
import * as pulumi from "@pulumi/pulumi";
import * as random from "@pulumi/random";


export const pw = new random.RandomPassword("pw1", {length: 8})

export const pet = new random.RandomPet("pet", {separator: pw.result});
This is the minimal repro. Brilliant. Will chase it down from here.
n
amazing
as extra confirmation, 
pulumi.unsecret
did in fact resolve the issue
e
n
nice! fast!
5 Views
Open in Slack
PreviousNext
Powered by