pulumi / pulumi-digitalocean Goto Github PK

A DigitalOcean Pulumi resource package, providing multi-language access to DigitalOcean

License: Apache License 2.0

Makefile 19.41% Go 69.10% Shell 10.87% Dockerfile 0.62%

digitalocean pulumi typescript python dotnet csharp golang go

pulumi-digitalocean's Introduction

DigitalOcean provider

The DigitalOcean resource provider for Pulumi lets you use DigitalOcean resources in your cloud programs. To use this package, please install the Pulumi CLI first.

Installing

This package is available in many languages in the standard packaging formats.

Node.js (Java/TypeScript)

To use from JavaScript or TypeScript in Node.js, install using either npm:

$ npm install @pulumi/digitalocean

or yarn:

$ yarn add @pulumi/digitalocean

Python

To use from Python, install using pip:

$ pip install pulumi_digitalocean

Go

To use from Go, use go get to grab the latest version of the library

$ go get github.com/pulumi/pulumi-digitalocean/sdk/v4

.NET

To use from .NET, install using dotnet add package:

$ dotnet add package Pulumi.Digitalocean

Configuration

The following configuration points are available:

digitalocean:token - (Required) This is the DO API token. Alternatively, this can also be specified using environment variables, ordered by precedence, DIGITALOCEAN_TOKEN or DIGITALOCEAN_ACCESS_TOKEN.
digitalocean:spacesAccessId - (Optional) The access key ID used for Spaces API operations. May be set via the SPACES_ACCESS_KEY_ID environment variable.
digitalocean:spacesSecretKey - (Optional) The secret key used for Spaces API operations. May be set via the SPACES_SECRET_ACCESS_KEY environment variable.
digitalocean:apiEndpoint - (Optional) This can be used to override the base URL for DigitalOcean API requests. May be set via the DIGITALOCEAN_API_URL environment variable. Default is https://api.digitalocean.com.

Concepts

The @pulumi/digitalocean package provides a strongly-typed means to create cloud applications that create and interact closely with DigitalOcean resources. Resources are exposed for the entirety of DigitalOcean resources and their properties, including (but not limited to), 'droplet', 'floatingIp', 'firewalls', etc. Many convenience APIs have also been added to make development easier and to help avoid common mistakes, and to get stronger typing.

Reference

For further information, please visit the DigitalOcean provider docs or for detailed reference documentation, please visit the API docs.

pulumi-digitalocean's People

Contributors

Stargazers

Watchers

Forkers

forkkit rienafairefr codedevote andrewsomething mlarose mikealgj yitsushi isabella232 baniol jgrocott lbialy linuxluigi pratikfalke

pulumi-digitalocean's Issues

Upgrade to v2.5.1 of the DigitalOcean Terraform Provider

Kubeconfig of cluster expires and breaks k8s provider

I followed the recommended pattern for provisioning a k8s cluster and using it directly in a provider for k8s resources. Everything works fine at first, but it seems that the kubeconfig of the cluster eventually expires and renders the provider unable to make changes and throws warnings on pulumi up:

warning: configured Kubernetes cluster is unreachable: unable to load schema information from the API server: the server has asked for the client to provide credentials

I confirmed that the kubeconfig from a pulumi stack output kubeconfig no longer works with kubectl. But a new kubeconfig from doctl k8s cluster kubeconfig show <cluster-name> works fine, presumably because it has fresh creds.

Is there a way to make this pattern work long term? Hopefully without modifying the provider and triggering a replace on all cluster resources...

Kubeconfig provider pattern floods DO console with API tokens

I was using the example pattern for provisioning a k8s cluster and using that as a provider for k8s resources. The certificate-authority-data field does indeed change on every pulumi update, but unfortunately this creates a new access token for every update and floods the DO console with tokens (see screenshot). Not a huge deal but it would probably be better if the kubeconfig was cached somehow until it expired instead of getting a new one every time. My workaround was to cache it as a local file along with the cluster.kubeConfigs[0].expiresAt value.

Pulumi DigitalOcean plugin is not installed correctly on Mac

System: macOS Mojave 10.14.5

I get the following error when I try to run pulumi up

error: failed to load plugin /Users/aaronpeddle/.pulumi/plugins/resource-digitalocean-v0.18.2/pulumi-resource-digitalocean: fork/exec /Users/aaronpeddle/.pulumi/plugins/resource-digitalocean-v0.18.2/pulumi-resource-digitalocean: no such file or directory

An ls of that directory shows the following file:
-rwxr-xr-x 1 xxxxxxx xxxx 40972512 Jun 15 19:13 pulumi-resource-digitalocean{BIN_SUFFIX}

I renamed the file to be pulumi-resource-digitalocean and it works.

I apologize if I'm posting this issue under the wrong repo. I'm still trying to figure out pulumi and I could find almost zero reference to a digitalocean plugin anywhere in the docs

digitalocean: update on Domain ends in a Replace(!?) that ends in Error

I created a domain, like

const domain = new digitalocean.Domain(BASE_DOMAIN, {
    name: BASE_DOMAIN,
    ipAddress: "A.B.C.D"
});

Then, I removed that ipAdress line.
Code shows that it wants to replace it !
+- └─ digitalocean:index:Domain my.domain.com replace [diff: -ipAddress]
This seemed an error to me, but I said... ok, let's go on.

And since a replacement seems to be happening by creating first another record, of course(?) it fails:

error: Error creating Domain: POST https://api.digitalocean.com/v2/domains: 422 domain 'my.domain.com': name already exists

During my debugging - note that I actually wanted some IP to change, by creating a new droplet, I bumped into other strange things as well:

      ++digitalocean:index/domain:Domain: (create-replacement)
        [id=my.domain.com]
        [urn=urn:pulumi:do-prod::my-digitalocean::digitalocean:index/domain:Domain::my.domain.com]
        [provider=urn:pulumi:do-prod::my-digitalocean::pulumi:providers:digitalocean::default_1_8_0::XYZXYZXYZ-XYZZYXYZYZYZYZ]
      - ipAddress: "A.B.C.D"
    +-digitalocean:index/domain:Domain: (replace)
        [id=my.domain.com]
        [urn=urn:pulumi:do-prod::my-digitalocean::digitalocean:index/domain:Domain::my.domain.com]
        [provider=urn:pulumi:do-prod::my-digitalocean::pulumi:providers:digitalocean::default_1_8_0::XYZXYZXYZ-XYZZYXYZYZYZYZ]
      - ipAddress: "A.B.C.D"

Maybe I don't know how to read it, but at first look it seems as if tries to replace the record with ... a similarly changed one? (i.e. the 2 entries are really the same, even if I redacted sensitive info)

And, before that, when it had to just change ipAddress:

    ++digitalocean:index/domain:Domain: (create-replacement)
        [id=my.domain.com]
        [urn=urn:pulumi:do-prod::my-digitalocean::digitalocean:index/domain:Domain::my.domain.com]
        [provider=urn:pulumi:do-prod::my-digitalocean::pulumi:providers:digitalocean::default_1_8_0::XYZXYZXYZ-XYZZYXYZYZYZYZ]
      ~ ipAddress: "A.B.C.D" => "E.F.G.H"
    +-digitalocean:index/domain:Domain: (replace)
        [id=my.domain.com]
        [urn=urn:pulumi:do-prod::my-digitalocean::digitalocean:index/domain:Domain::my.domain.com]
        [provider=urn:pulumi:do-prod::my-digitalocean::pulumi:providers:digitalocean::default_1_8_0::XYZXYZXYZ-XYZZYXYZYZYZYZ]
      ~ ipAddress: "A.B.C.D" => "E.F.G.H"

Using Typescript, pulumi version v1.13.0

Obtaining list of ssh keys

Hello!

Is it possible to obtain a list of ssh keys?
Or will it be possible in the future?

Right now I'm doing it with dogo library. But it would be nice to retrieve a list with pulumi

I suppose, the absence of this feature is caused by its absence in terraform provider.
Nevertheless, it has no use with HCL (IMHO), but could be used with languages that has loops functionality.

Maybe i can help you with something. Just let me know

`pulumi destroy` fails due to dependency between droplet and volume attachment

I have a basic stack with:

an ssh key
1 droplet
1 volume
a "volume attachment" of volume->droplet
a domain
some dns records

I guess Pulumi is destroying things in reverse dependency order (vol attach -> vol -> droplet), or arbitrary?

If I do pulumi destroy it fails because DO won't let you delete the volume attachment while the droplet is powered up.

There is a dedicated API for destroying droplet + associated resources which might be useful:
https://developers.digitalocean.com/documentation/v2/#selectively-destroy-a-droplet-and-its-associated-resources

Otherwise Pulumi might need its own rule to know to destroy the droplet first (haven't tried it, I guess that works)

Use SSH Keys for Droplet Creation

Currently my inbox looks like this:

Apparently if we set an SSH Key for droplets instead of relying on username/password this will stop, which would be nice!

Upgrade to v2.3.0 of the DigitalOcean Terraform Provider

Load Balancer creation sometimes fails with 500 Server Error

Expected behavior

A Load Balancer to be created

Current behavior

Load Balancer creation sometimes fails with 500 server error

Diagnostics:
  pulumi:pulumi:Stack (home-cluster-ansible-single-control-plane):
    error: update failed

  digitalocean:index:LoadBalancer (http-public):
    error: 1 error occurred:
    	* Error creating Load Balancer: POST https://api.digitalocean.com/v2/load_balancers: 500 Server Error

In the DO documentation it states:

If you receive a status in the 500 range, this generally indicates a server-side problem. This means that we are having an issue on our end and cannot fulfill your request currently.

It would be nice if Pulumi could retry on HTTP errors...

Steps to reproduce

Try to create 10 Load Balancers
destroy them
create them again
destroy them
create them again
destroy them
Watch it likely fail somewhere in steps 1-5

Context (Environment)

Affected feature

Upgrade to v2.0.2 of the DigitalOcean Terraform Provider

How to safely upgrade database cluster version without losing data?

Hi, thanks in advance for the support.

Digital ocean explains how we one upgrade cluster versions: https://www.digitalocean.com/docs/databases/postgresql/how-to/upgrade-version/

what's the equivalent for Pulumi?

Here's my definition

new digitalocean.DatabaseCluster(`${stackName}-shared`, {
    engine: "pg",
    nodeCount: config.requireNumber('postgres-cluster-shared-node-count'),
    region: doRegion,
    size: digitalocean.DatabaseSlugs.DB_1VPCU2GB,
    version: "11",
    privateNetworkUuid: vpc.id
  }, { dependsOn: [vpc], protect: true  })

I want to upgrade to version 12.

Do I simply change to version: "12", run pulumi up?

DB Cluster maintenance window always showing as needing an update

Given a cluster configuration like this:

const pgCluster = new digitalocean.DatabaseCluster(
      "do-pg-cluster",
      {
        name: pgClusterName,
        engine: "pg",
        nodeCount: isProduction ? cluster.prod.nodes : cluster.dev.nodes,
        region: "sgp1",
        size: isProduction ? cluster.prod.size : cluster.dev.size,
        version: "12",
        maintenanceWindows: [
          {
            day: "friday", // saturday 00:00 +07
            hour: "18:00",
          },
        ],
      },
      resourceOptions
    );

Pulumi is showing the following diff on every update even though the window has been applied.

pulumi:pulumi:Stack                       platform-dev-austinrivas              
     └─ DigitalOcean                           digitalocean                          
 ~      └─ digitalocean:index:DatabaseCluster  do-pg-cluster             updated     [diff: ~maintenanceWindows]

Upgrade to v1.23.0 of the DigitalOcean Terraform Provider

digitalocean kubernetes: kubeconfig and access tokens

hi,

when creating a kubernetes cluster on digitalocean the pulumi state contains the kubeconfig for the created cluster. this is a problem with digitalocean because they:

create a new api token on every download of the kubeconfig
expire the token after 7 days

so i have the problem that a pulumi up works only within the first seven days. after that a pulumi up shows the cluster as not accessible and marks the resources in the cluster as deleted.

when you do a pulumi refresh a new DO API token is generated. every refresh generates a new token. after a handful of refreshes you have a handful of api-tokens with DO (and they will all disappear after seven days).

i'm not sure what the solution should look like. but it looks not perfect to store the KUBECONFIG in the state when this kubeconfig will fail after seven days. perhaps you should explictly retrieve a config with a higher expire-value? or give the user an easy way to refresh/up the stack when the kubeconfig does not work any more.

more info:
https://www.digitalocean.com/community/questions/when-saving-kubernetes-config-from-doctl-with-an-existing-api-token-another-token-is-created-is-this-normal

`pulumi up --refresh` detects spurious diff for wildcard CNAME

I have the following directive:

domain = do.Domain(
    "my-domain",
    name=APPS_DOMAIN,
    ip_address=droplet.ipv4_address,  # will also create an A record
)
do.DnsRecord(
    "my-domain-cname-*",
    domain=domain.name,
    type="CNAME",
    name="*.",
    value=f"{APPS_DOMAIN}.",
)

This successfully creates a wildcard CNAME I can see in DO control panel as:

CNAME | *.mydomain.com | is an alias of mydomain.com.

When I run pulumi up --refresh I see:

~   ├─ digitalocean:index:DnsRecord         my-domain-cname-*           updated     [diff: ~name]

If I select details option I see:

  pulumi:pulumi:Stack: (same)
    [urn=urn:pulumi:mystack::myproject::pulumi:pulumi:Stack::myproject-mystack]
    ~ digitalocean:index/dnsRecord:DnsRecord: (update)
        [id=121524987]
        [urn=urn:pulumi:mystack::myproject::digitalocean:index/dnsRecord:DnsRecord::my-domain-cname-*]
        [provider=urn:pulumi:mystack::myproject::pulumi:providers:digitalocean::default_3_0_2::45056d4d-7a06-4baa-98bd-2fec03269898]
      ~ name: "*" => "*."

If I go ahead with the update and check the DO control panel afterwards then nothing has changed (which is good, I think it was fine already)

But if I run pulumi up --refresh again it finds the same diff

I believe this is probably due to asymmetry between GET and POST values of the CNAME name in DigitalOcean API... it seems they strip the trailing . in the GET response:

    {
      "id": 121524987,
      "type": "CNAME",
      "name": "*",
      "data": "@",
      "priority": null,
      "port": null,
      "ttl": 1800,
      "weight": null,
      "flags": null,
      "tag": null
    },

but require it in the POST body when adding the record

LoadBalancer forwardingRules order

pulumi version: 1.14.1
pulumi-digitalocean version: 1.6.0
SDK: python

pulumi up-ing a stack that contains a DO load balancer, I was surprised it needed to update the load balancer, because I didn't modify anything for that resource. The details show that it considers the order of the rules:

~ digitalocean:index/loadBalancer:LoadBalancer: (update)
    [id=4223f162-a5c0-4ad0-82c2-e3c54befe702]
    [urn=urn:pulumi:xxx::yyy::digitalocean:index/loadBalancer:LoadBalancer::loadbalancer]
    [provider=urn:pulumi:xxx::yyy::pulumi:providers:digitalocean::default_1_6_0::949ace48-ce62-47da-9f42-59dcbd161414]
  ~ forwardingRules: [
      ~ [0]: {
              + certificateId: "49bb2cd0-96e7-4916-a7bd-9b61f35f47fa"
              ~ entryPort    : 80 => 443
              ~ entryProtocol: "http" => "https"
            }
      ~ [1]: {
              - certificateId: "49bb2cd0-96e7-4916-a7bd-9b61f35f47fa"
              ~ entryPort    : 443 => 80
              ~ entryProtocol: "https" => "http"
            }
    ]

It basically wants to exchange element #0 and element #1 in a list, the order of it shouldn't matter, this is weird.

Type mismatch between FirewallArgs.dropletIds and droplet.id

When trying to create a firewall and assign it to a droplet I get a type mismatch:

TSError: ⨯ Unable to compile TypeScript:
    index.ts(34,71): error TS2345: Argument of type '{ inboundRules: { protocol: string; por
tRange: string; }[]; dropletIds: Pulumi.Output<string>[]; }' is not assignable to parameter
of type 'FirewallArgs'.
      Types of property 'dropletIds' are incompatible.
        Type 'Output<string>[]' is not assignable to type 'Input<number>[] | Promise<Input<n
umber>[]> | OutputInstance<Input<number>[]> | undefined'.
          Type 'Output<string>[]' is not assignable to type 'Input<number>[]'.
            Type 'Output<string>' is not assignable to type 'Input<number>'.
              Type 'Output<string>' is not assignable to type 'OutputInstance<number>'.
                Types of property 'apply' are incompatible.
                  Type '{ <U>(func: (t: string) => Promise<U>): Output<U>; <U>(func: (t: str
ing) => OutputInstance<U>): Output<U>; <U>(func: (t: string) => U): Output<...>; }' is not a
ssignable to type '{ <U>(func: (t: number) => Promise<U>): Output<U>; <U>(func: (t: number)
=> OutputInstance<U>): Output<U>; <U>(func: (t: number) => U): Output<...>; }'.
                    Types of parameters 'func' and 'func' are incompatible.
                      Types of parameters 't' and 't' are incompatible.
                        Type 'string' is not assignable to type 'number'.

I am happy to open a PR to fix this! Please let me know!

Typo: nodejs DropletSlugs consts use VPCU, should be VCPU

Guess fixing this would break existing scripts, but it sure looks weird when reading 🤔

See e.g.: https://github.com/pulumi/pulumi-digitalocean/blob/master/sdk/nodejs/dropletSlug.ts#L30

pulumi up --refresh fails on replacing domain

+-  ├─ digitalocean:index:Domain            pgb-domain                   **replacing failed**     [diff: ~ipAddress]; 1 error

  digitalocean:index:Domain (pgb-domain):
    error: 1 error occurred:
    	* Error creating Domain: POST https://api.digitalocean.com/v2/domains: 422 domain 'myproject.com': name already exists

is this on me to apply the deleteBeforeReplace=True option on DigitlaOcean Domain resources, or should it be the default?

Unable to import SpacesBucket

I'm trying to use the import feature on the SpacesBucket object.

My intended workflow is:

On up:
- if bucket id doesn't exist, create it
- if bucket id does exist, import that into the stack
On destroy
- if bucket has files, don't destroy it
- if bucket is empty, destroy it

The code I'm using is:

const bucket = new digitalocean.SpacesBucket(
      'my-staging-cdn',
      {
        name: 'my-staging-cdn-ebeb4c1',
        region: digitalocean.Regions.AMS3,
        acl: 'public-read',
      },
      {
        import: 'my-staging-cdn-ebeb4c1',
      },
    );

This results in

Diagnostics:
  pulumi:pulumi:Stack (my-staging-stack):
 
    error: preview failed
 
  digitalocean:index:SpacesBucket (my-staging-cdn):
    error: Preview failed: refreshing urn:pulumi:my-staging::my::digitalocean:index/spacesBucket:SpacesBucket::my-staging-cdn: error reading Spaces bucket "my-staging-cdn-ebeb4c2": RequestError: send request failed
    caused by: Head https://my-staging-cdn-ebeb4c2..digitaloceanspaces.com/: dial tcp: lookup my-staging-cdn-ebeb4c2..digitaloceanspaces.com: no such host

When I've created it separately, I can confirm that the result of bucket.id.apply()... is indeed my-staging-cdn-ebeb4c1. I've also tried adding .ams3 after the ID and that does the same.

No matter what I do, I can't get the import to work - help would be very much appreciated please.

Thanks

Upgrade to v1.20.0 of the DigitalOcean Terraform Provider

Upgrade to v2.0.0 of the DigitalOcean Terraform Provider

Upgrade to v2.2.0 of the DigitalOcean Terraform Provider

spacesEndpoint should be optional in ProviderArgs

When updating my project from Pulumi 1.13 to 2.1 I ran into this problem:

the ProviderArgs for DigitalOcean provider requires that I specify a value for spacesEndpoint, even when I'm not using the Spaces API. All the other parameters (including other Spaces related options like accessId / secretKey are optional).

I also checked the Terraform provider's documentation, this parameter is marked as Optional there.

Upgrade to v2.4.0 of the DigitalOcean Terraform Provider

Upgrade to v2.1.0 of the DigitalOcean Terraform Provider

Leaking cluster data in state

The kubeConfigs key in the output of a KubernetesCluster resource is getting stored as plain text. Both rawConfig and token.

AppSpec doesn't support `domain` or `domains` attribute, even though Terraform provider does

https://github.com/digitalocean/terraform-provider-digitalocean/blob/v2.5.1/digitalocean/app_spec.go#L27-L39

The deprecation warning is written out, but there's no support for either of these attributes.

Links to the docs are broken

The docs link in README.md is broken
https://pulumi.io/reference/pkg/nodejs/@pulumi/digitalocean/index.html

Error deleting VPC after deleting members/dependencies

Hi Pulumi team,

I'm getting the following error when running pulumi destroy

0977G3QN:infra vinnie$ pulumi destroy
Previewing destroy (nonprod):
     Type                                     Name                     Plan       
 -   pulumi:pulumi:Stack                      infra-nonprod            delete     
 -   ├─ digitalocean:index:DatabaseCluster    postgres-cluster-shared  delete     
 -   ├─ digitalocean:index:KubernetesCluster  kube-cluster             delete     
 -   └─ digitalocean:index:Vpc                vpc                      delete     
 
Resources:
    - 4 to delete

Do you want to perform this destroy? yes
Destroying (nonprod):
     Type                                     Name                     Status                  Info
     pulumi:pulumi:Stack                      infra-nonprod            **failed**              1 error
 -   ├─ digitalocean:index:DatabaseCluster    postgres-cluster-shared  deleted                 
 -   ├─ digitalocean:index:KubernetesCluster  kube-cluster             deleted                 
 -   └─ digitalocean:index:Vpc                vpc                      **deleting failed**     1 error
 
Diagnostics:
  pulumi:pulumi:Stack (infra-nonprod):
    error: update failed
 
  digitalocean:index:Vpc (vpc):
    error: deleting urn:pulumi:nonprod::infra::digitalocean:index/vpc:Vpc::vpc: DELETE https://api.digitalocean.com/v2/vpcs/2c1c33f9-c398-44d8-a7b8-85e1c679b139: 403 (request "df3113c3-889c-4bd4-8b51-bb568b320cd8") Can not delete VPC with members
 
Resources:
    - 2 deleted

Duration: 1m3s

As you can see, DO returns an error while trying to delete the VPC although members have been deleted. I can confirm through DO dashboard that members were in fact deleted.

Seems to be a problem with D.O.

Running a second time deletes the VPC without error - note the dependencies do show up in the diff.

0977G3QN:infra vinnie$ pulumi destroy
Previewing destroy (nonprod):
     Type                       Name           Plan       
 -   pulumi:pulumi:Stack        infra-nonprod  delete     
 -   └─ digitalocean:index:Vpc  vpc            delete     
 
Resources:
    - 2 to delete

Do you want to perform this destroy? yes
Destroying (nonprod):
     Type                       Name           Status      
 -   pulumi:pulumi:Stack        infra-nonprod  deleted     
 -   └─ digitalocean:index:Vpc  vpc            deleted     
 
Resources:
    - 2 deleted

Duration: 2s

Here's the pulumi program:

pulumi.Run(func(ctx *pulumi.Context) error {
		c := config.New(ctx, "")
    stackNameStr := pulumi.String(ctx.Stack())
    doRegionStr := pulumi.String("nyc3")

		// Create VPC where Kube and the Database will be deployed into
		vpc, err := do.NewVpc(ctx, "vpc", &do.VpcArgs{
		  Name: stackNameStr,
      Region: doRegionStr,
		})

    if err != nil {
      return err
    }

		// Create kube cluster
		_, err = do.NewKubernetesCluster(ctx, "kube-cluster", &do.KubernetesClusterArgs{
			Name: stackNameStr,
			Region: doRegionStr,
			Version: pulumi.String("1.17.5-do.0"),
			NodePool: &do.KubernetesClusterNodePoolArgs{
				Name: pulumi.String("std"),
				Size: pulumi.String("s-1vcpu-2gb"),
				NodeCount: pulumi.Int(c.RequireInt("kube-cluster-std-node-count")),
			},
			// NOTE: D.O. DOES NOT SUPPORT MIGRATING CLUSTER BETWEEN VPCs
			// MUST BE DESTROYED AND RE-PROVISIONED FROM SCRATCH
			VpcUuid: vpc.ID(),
		}, pulumi.DependsOn([]pulumi.Resource{vpc}))

    if err != nil {
      return err
    }

		_, err = do.NewDatabaseCluster(ctx, "postgres-cluster-shared", &do.DatabaseClusterArgs{
		  Region: doRegionStr,
			Name: stackNameStr,
			Engine: pulumi.String("pg"),
			Size: pulumi.String("db-s-1vcpu-2gb"),
			NodeCount: pulumi.Int(c.RequireInt("postgres-cluster-shared-node-count")),
      PrivateNetworkUuid: vpc.ID(),
      // Postgres Version
      Version: pulumi.String("11"),
		}, pulumi.DependsOn([]pulumi.Resource{vpc}))

    if err != nil {
      return err
    }

		return nil
	})

[Question] Volumes in K8s cluster

Hi,
maybe I just haven't rtfd well, but how can I attach volumes to cluster nodes ?

Best regards!

Pulumi and DO Kubernetes - tries to replace cluster after nodepool change

It seems like when changing nodePool of digitalocean.KubernetesCluster, it's trying to "replace" the cluster...
So it tries creating new cluster and then "moving" the data, which would of course result in a big fail, while it would install the manifests into new cluster, all PVCs with data would be gone etc.
I think results could be catastrophic if someone let pulumi fully run with such change and at the end it would decide to delete the old "replaced" cluster?

Version: 2.5.0

Upgrade to v1.18.0 of the DigitalOcean Terraform Provider

Userdata script does not appear no be working

Hello.

I am trying to execute an "user data" script on the boot of my droplet but it´s not working. It looks like the script is not executed:

Here is my code sample code:

const userData = `
  #!/bin/bash
  touch test.txt
 `;

const droplet = new Droplet(dropletName, {
  image: "ubuntu-18-04-x64",
  region: Regions.FRA1,
  privateNetworking: true,
  size: DropletSlugs.Droplet512mb,
  userData: userData,
});

If I login into my droplet, I was expecting to see the file "test.txt" but it´s not there. Also not working with contents with "cloud-config" syntax.

What I am missing?

expiry limit changed: Upgrade to terraform provider needed

The underlying terraform provider had a bug that created null registry credentials, because the default of 68 years is too high (maximum 50 years now)

digitalocean/terraform-provider-digitalocean#466
digitalocean/terraform-provider-digitalocean#467

This was released in version 1.22, but this pulumi resource provider uses version 1.20 . workaround to specify the expiry explicity works, but a sensible non-buggy default would be better 👍

Upgrade to v2.0.1 of the DigitalOcean Terraform Provider

Python ContainerRegistryDockerCredentials doesn't return docker_credentials

I'm trying to reproduced the script from here (in typescript) in python to create a digitalocean container registry credential ContainerRegistryDockerCredentials in python.
pulumi/pulumi-kubernetesx#49 (comment) code look like that

    container_registry = ContainerRegistry.get("source", "hyperwave-research")
    registry_creds = pulumi.Output.secret( ContainerRegistryDockerCredentials(
        "container-registry-creds", registry_name=container_registry.name).docker_credentials)        def encode_base64_dc(dc):
        message_bytes = dc.encode('ascii')
        base64_bytes = base64.b64encode(message_bytes)
        print(f"===> Docker  : {dc}")
        print(f"===> Docker Credential : {base64_bytes.decode('utf-8')}")
        return base64_bytes.decode("utf-8")        dc = registry_creds.apply(encode_base64_dc)        self.secret = Secret(
        "registry-creds-kube-secret",
        type="kubernetes.io/dockerconfigjson",
        metadata={"namespace": "default", "name": f"registry-{do_registry_name}"},
        string_data={".dockerconfigjson": dc},
        opts=opts,
    )

However whatever I tried, the docker.credential is everytime None. I tried other property of the ContainerRegistryDockerCredentials and I can confirm I have value like registry_name

      File "/home/dzucker/git/Hyperwave.Infrastructure/venv/lib/python3.8/site-packages/pulumi/runtime/rpc.py", line 192, in serialize_property
        obj[transformed_key] = await serialize_property(v, deps, input_transformer)
      File "/home/dzucker/git/Hyperwave.Infrastructure/venv/lib/python3.8/site-packages/pulumi/runtime/rpc.py", line 173, in serialize_property
        value = await serialize_property(output.future(), deps, input_transformer)
      File "/home/dzucker/git/Hyperwave.Infrastructure/venv/lib/python3.8/site-packages/pulumi/runtime/rpc.py", line 159, in serialize_property
        future_return = await asyncio.ensure_future(awaitable)
      File "/home/dzucker/git/Hyperwave.Infrastructure/venv/lib/python3.8/site-packages/pulumi/output.py", line 112, in get_value
        val = await self._future
      File "/home/dzucker/git/Hyperwave.Infrastructure/venv/lib/python3.8/site-packages/pulumi/output.py", line 174, in run
        transformed: Input[U] = func(value)
      File "./digitalocean/docker_registry.py", line 42, in print_dc
        message_bytes = dc.encode('ascii')
    AttributeError: 'NoneType' object has no attribute 'encode'
    error: an unhandled error occurred: Program exited with non-zero exit code: 1

I tried other idea that I found from the slack https://pulumi-community.slack.com/archives/C84L4E3N1/p1596457104392200?thread_ts=1596452646.389800&cid=C84L4E3N1 however same result.
Am I doing something ? or could it be they are a mapping error on the python property naming. (edited)

I think I have been able to reproduce the bug with the below unit test. which is failing with the error

FAILED [100%]
venv/lib/python3.8/site-packages/pulumi/runtime/mocks.py:35 (test_can_create_kubernetes)
None != This is my credential

Expected :This is my credential
Actual   :None

from datetime import datetime

import pulumi
from pulumi_digitalocean import ContainerRegistryDockerCredentials

class MyMocks(pulumi.runtime.Mocks):
    def new_resource(self, type_, name, inputs, provider, id_):
        if type == 'digitalocean:index/containerRegistryDockerCredentials:ContainerRegistryDockerCredentials':
            return [
                name,
                {
                    "registryName": inputs["registryName"],
                    "dockerCredentials": "This is my credential"
                },
            ]

        return [name + "_id", inputs]

    def call(self, token, args, provider):
        return {}


pulumi.runtime.set_mocks(MyMocks())


@pulumi.runtime.test
def test_registry_name_set():
    registyr_name = "my-registry"
    kb = ContainerRegistryDockerCredentials("tet", registry_name=registyr_name )

    def check_project_name(args):
        assert args == registyr_name

    return kb.registry_name.apply(check_project_name)

@pulumi.runtime.test
def test_contain_docker_credential():
    registyr_name = "my-registry"
    kb = ContainerRegistryDockerCredentials("tet", registry_name=registyr_name )

    def check_project_name(args):
        assert args == "This is my credential"

    return kb.docker_credentials.apply(check_project_name)

Dependabot can't parse your go.mod

Dependabot couldn't parse the go.mod found at /go.mod.

The error Dependabot encountered was:

go: github.com/terraform-providers/[email protected] requires
	github.com/terraform-providers/[email protected] requires
	github.com/terraform-providers/[email protected] requires
	github.com/golangci/[email protected] requires
	github.com/go-critic/[email protected]: invalid pseudo-version: does not match version-control timestamp (2019-02-10T22:04:43Z)

Dependabot can't parse your go.mod

Dependabot couldn't parse the go.mod found at /go.mod.

The error Dependabot encountered was:

go: github.com/pulumi/[email protected] requires
	gopkg.in/[email protected] requires
	gopkg.in/[email protected]: invalid version: git fetch -f origin refs/heads/*:refs/heads/* refs/tags/*:refs/tags/* in /opt/go/gopath/pkg/mod/cache/vcs/9241c28341fcedca6a799ab7a465dd6924dc5d94044cbfabb75778817250adfc: exit status 128:
	fatal: The remote end hung up unexpectedly

View the update logs.

NS DnsRecords are created twice

I have the following code to create NS records for the three DigitalOcean nameservers against my app domain:

domain = do.Domain(
    "my-domain",
    name=APPS_DOMAIN,
    ip_address=droplet.ipv4_address,  # will also create an A record
)
for i in range(1, 4):
    do.DnsRecord(
        f"my-domain-ns-{i}",
        domain=domain.name,
        type="NS",
        value=f"ns{i}.digitalocean.com.",
        name="@",
    )

the first time I pulumi up I always end up with 6 NS records, i.e. two for each DnsRecord instance

If I look in the DO control panel I can see two identical records for each NS hostname

if I manually delete the duplicates and pulumi up --refresh they get recreated

what is going on here?

Upgrade to v2.6.0 of the DigitalOcean Terraform Provider

Unable to import digitalocean.DnsRecord

Here's the snippet (values changed) causing the issue:

import pulumi
import pulumi_digitalocean as do  

mydomain = do.Domain('my-domain',
	name='my-domain.com',
    opts=pulumi.ResourceOptions(import_='xxxx'))

a = do.DnsRecord('a',
  domain=mydomain.name,
  type='A',
  value='x.x.x.x',
  ttl=3600,
  opts=pulumi.ResourceOptions(import_='xxxx'))

pulumi.export('domain_name', mydomain.name)

I have confirmed with that the ids for import_ are correct with the Digital Ocean API. All other values are also correct. I've tried the equivalent code in JavaScript and receive the same error there as well.

The error I'm receiving:

$ pulumi up
Previewing update (dev):
     Type                             Name                      Plan       Info
     pulumi:pulumi:Stack              digital-ocean-pulumi-dev             1 error
 =   └─ digitalocean:index:DnsRecord  a                         import     1 error

Diagnostics:
  pulumi:pulumi:Stack (digital-ocean-pulumi-dev):
    error: preview failed

  digitalocean:index:DnsRecord (a):
    error: Preview failed: refreshing urn:pulumi:dev::digital-ocean-pulumi::digitalocean:index/dnsRecord:DnsRecord::a: domain is invalid because cannot be an empty string

If I comment out the DnsRecord portion, I can import the domain without issue.

Upgrade to v2.5.0 of the DigitalOcean Terraform Provider

Update provider with new Enum types to support all languages

Cannot associate Project with resources

When trying to create a project and associate it with some of the created resources (droplet and domain) I get an error about the format of the URN.

Error creating project: Error assigning resources: POST https://api.digitalocean.com/v2/projects/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resources: 400 resource objects must have an urn in the following format: do:resource_type:resource_id

Code

const droplet = new DigitalOcean.Droplet('example-web', {
  size: DigitalOcean.DropletSlugs.DropletS1VCPU1GB,
  region: DigitalOcean.Regions.SFO2,
  image: 'ubuntu-18-04-x64',
});

const domain = new DigitalOcean.Domain('example.live', {
  name: 'example.live',
  ipAddress: droplet.ipv4Address,
});

new DigitalOcean.Project('example', {
  name: 'example',
  resources: [droplet.urn, domain.urn],
});

Full output:

❯ pulumi up
Previewing update (prod):
     Type                           Name                Plan
 +   pulumi:pulumi:Stack            example-prod        create
 +   ├─ digitalocean:index:SshKey   example             create
 +   ├─ digitalocean:index:Droplet  example-web         create
 +   ├─ digitalocean:index:Domain   example.live        create
 +   └─ digitalocean:index:Project  example             create

Resources:
    + 5 to create

Do you want to perform this update? yes
Updating (prod):
     Type                           Name                Status                  Info
 +   pulumi:pulumi:Stack            example-prod        **creating failed**     1 error
 +   ├─ digitalocean:index:SshKey   example             created
 +   ├─ digitalocean:index:Droplet  example-web         created
 +   ├─ digitalocean:index:Domain   example.live        created
 +   └─ digitalocean:index:Project  example             **creating failed**     1 error

Diagnostics:
  digitalocean:index:Project (example):
    error: Error creating project: Error assigning resources: POST https://api.digitalocean.com/v2/projects/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resources: 400 resource objects must have an urn in the following format: do:resource_type:resource_id

  pulumi:pulumi:Stack (example-prod):
    error: update failed

Outputs:
    ip  : "xxx.xxx.xxx.xxx"
    ipv6: "xxxx:xxxx:x:xx::xx:xxxx"

Resources:
    + 4 created

Duration: 37s

The project still gets created, but with nothing associated to it, and is never deleted when I run pulumi destroy

Am I doing something wrong?

Unable to upgrade cluster verion

Following the tutorial from DO.

Cluster was created with:

const cluster = new digitalocean.KubernetesCluster("do-cluster", {
  region: digitalocean.Regions.SFO2,
  version: "latest",
  nodePool: {
    name: "default",
    size: digitalocean.DropletSlugs.DropletS2VCPU2GB,
    nodeCount: 3,
  },
});

Randomly (~ every second run), I am getting the following error:

5:17:09.528[          do-cluster] 	* updating urn:pulumi:dev::pulum::digitalocean:index/kubernetesCluster:KubernetesCluster::do-cluster: Unable to upgrade cluster verion: POST https://api.digitalocean.com/v2/kubernetes/clusters/${uuid}/upgrade: 404 cluster not found

Upgrade to v1.19.0 of the DigitalOcean Terraform Provider

Does it support C#?

So as far I can see in the repo C# is not supported.
However on the website documentation it suggests it is on preview.

Indeed I found a package version of Pulumi.DigitalOcean on nuget Version="1.1.0-preview-alpha.1573818037" however this is not compatible with any of the Pulumi repos.

Not sure if I am doing something wrong or the documentation is not up to date.

Thank you!

Pulumi always reports Kubernetes version as changed and try to do a replace

I have created a DOKS cluster, but now every time I run pulumi preview, it says the resource needs to be updated because the version has changed:

 +-  ├─ pulumi:providers:kubernetes                                 do-k8s                    replace     [diff: ~kubeconfig]
 +-  ├─ digitalocean:index:KubernetesCluster                        k8s-cluster               replace     [diff: ~version]

Here is my cluster resource:

export const cluster = new digitalocean.KubernetesCluster("k8s-cluster", {
  region: Regions.FRA1,
  version: config.clusterK8sVersion,
  name: config.clusterName,
  nodePool: {
    name: config.clusterNodePoolName,
    size: config.clusterNodePoolSize,
    nodeCount: config.clusterNodeCount,
    tags: clusterTags
  }
});