From 86bb0c9f3e10fa4d917cc02627bc14da10fd462b Mon Sep 17 00:00:00 2001 From: Michele Cereda Date: Sat, 28 Sep 2024 18:46:58 +0200 Subject: [PATCH] chore(pulumi): improve output management notes --- .../pulumi/multi-part cloud-init/index.ts | 13 ++++++ knowledge base/pulumi.md | 44 ++++++++++++------- .../run commands after instance creation.ts | 8 ++-- 3 files changed, 44 insertions(+), 21 deletions(-) diff --git a/examples/pulumi/multi-part cloud-init/index.ts b/examples/pulumi/multi-part cloud-init/index.ts index 5485e7f..1249baa 100644 --- a/examples/pulumi/multi-part cloud-init/index.ts +++ b/examples/pulumi/multi-part cloud-init/index.ts @@ -35,6 +35,19 @@ export const userData = new cloudinit.Config( filename: "cloud-config.security-updates.yml", mergeType: "dict(recurse_array,no_replace)+list(append)", }, + { + contentType: "text/cloud-config", + content: yaml.stringify({ + package_upgrade: false, + packages: [ "postgresql" ], + runcmd: [ + "systemctl daemon-reload", + "systemctl enable --now 'postgres'", + ] + }), + filename: "cloud-config.postgres.yml", + mergeType: "dict(allow_delete,no_replace)+list(append)", + }, ], }, ); diff --git a/knowledge base/pulumi.md b/knowledge base/pulumi.md index 5d3b7c2..475236c 100644 --- a/knowledge base/pulumi.md +++ b/knowledge base/pulumi.md @@ -43,7 +43,7 @@ Projects (and hence stacks) [can be nested][monolith vs micro-stack]. Target single resources with `-t`, `--target`. Target also those that depend on them with `--target-dependents`.
- Installation + Setup ```sh # Install. @@ -237,6 +237,11 @@ pulumi plugin rm 'resource' 'aws' '6.37.0' pulumi plugin rm --all +# Use terraform providers. +# Follow the instructions that come after the provider installation. +pulumi package add terraform-provider 'planetscale/planetscale' + + # Run in Docker. docker run … -it \ -v "$(pwd):/pulumi/projects" \ @@ -245,7 +250,7 @@ docker run … -it \ bash -c "npm ci && pulumi login 's3://bucket/prefix' && pulumi pre --parallel $(nproc) -s 'dev'" -# Plans +# Use Plans. # *Experimental* feature at the time of writing. # Has issues with apply operations? pulumi pre … --save-plan 'plan.json' @@ -270,21 +275,26 @@ const cluster = new aws.eks.Cluster("cluster", { const encryptionKey = aws.kms.getKeyOutput({ keyId: "00001111-2222-3333-4444-555566667777", }); -const clusterServiceRole = new aws.iam.Role("clusterServiceRole", { - inlinePolicies: [{ - policy: encryptionKey.arn.apply(arn => JSON.stringify({ - Version: "2012-10-17", - Statement: [{ - Effect: "Allow", - Action: [ - "kms:CreateGrant", - "kms:DescribeKey", - ], - Resource: arn, - }], - })), - }] -}); +new aws.iam.Role( + "clusterServiceRole", + { + inlinePolicies: [{ + policy: encryptionKey.arn.apply( + keyArn => JSON.stringify({ + Version: "2012-10-17", + Statement: [{ + Effect: "Allow", + Action: [ + "kms:CreateGrant", + "kms:DescribeKey", + ], + Resource: keyArn, + }], + }), + ), + }], + }, +); ```
diff --git a/snippets/pulumi/run commands after instance creation.ts b/snippets/pulumi/run commands after instance creation.ts index 62ff553..7cfbfc9 100644 --- a/snippets/pulumi/run commands after instance creation.ts +++ b/snippets/pulumi/run commands after instance creation.ts @@ -19,12 +19,12 @@ command.local.Command( { create: "say 'instance created'" } ); -instance.privateDns.apply(host => new command.local.Command( +instance.privateDns.apply(hostIpAddress => new command.local.Command( "ansiblePlaybook-ssh", - { create: `ansible-playbook -i '${host},' -D 'playbook.yaml'` }, + { create: `ansible-playbook -i '${hostIpAddress},' -D 'playbook.yaml'` }, )); -instance.id.apply(id => new command.local.Command( +instance.id.apply(instanceId => new command.local.Command( "ansiblePlaybook-awsSsm", { create: ` @@ -34,7 +34,7 @@ instance.id.apply(id => new command.local.Command( -e 'ansible_aws_ssm_bucket_name=ssm-bucket' -e 'ansible_aws_ssm_region=eu-west-1' -e 'ansible_remote_tmp=/tmp/.ansible-\${USER}/tmp' - -i '${id},' + -i '${instanceId},' -D 'playbook.yaml' `, },