Support for Stack Tags - Githubissues

nstires-ctgx commented 1 year ago

Hello!

When spinning up new stacks via GH Actions, we should be able to specify a list of tags to apply similar to config-map:

- uses: pulumi/actions@v4
  with:
    command: up
    stack-name: acme-org/${{ env.PROJECT_ALIAS }}
    work-dir: init
    upsert: true
    config-map: "{
      argoDefaultRole: {value: ${{ vars.ARGO_DEFAULT_ROLE }}, secret: false},
      environment: {value: ${{ inputs.environment }}, secret: false},
      helmBranch: {value: ${{ vars.HELM_BRANCH }}, secret: false},
      region: {value: ${{ env.REGION }}, secret: false},
      projectId: {value: ${{ env.PROJECT_ALIAS }}, secret: false},
      projectFolder: {value: ${{ vars.GCP_PROJECT_FOLDER }}, secret: false},
      subdomain: {value: ${{ env.SUBDOMAIN }}, secret: false}
      }"
    stack-tags: "{
      cloud: gcp,
      environment: ${{ inputs.environment }},
      partition: ${{ env.PROJECT_ALIAS }},
      type: kubernetes
      }"
  env:
    PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ADMIN }}

Vote on this issue by adding a 👍 reaction
If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

We're adopting stack tags to manage the growing number of stacks deployed. Being able to populate these alongside the deployment is ideal.

Affected area/feature

Pulumi Service

Frassle commented 1 year ago

You can do this just via configMap, there's a config key "pulumi:tags" that the engine will pick up to set stack tags with. https://www.pulumi.com/docs/concepts/config/

nstires-ctgx commented 1 year ago

Not having any luck with this, tried a couple different methods:

- uses: pulumi/actions@v4
  with:
    command: up
    stack-name: acme-team/${{ env.PROJECT_ALIAS }}
    work-dir: init
    upsert: true
    config-map: "{
      argoDefaultRole: {value: ${{ vars.ARGO_DEFAULT_ROLE }}, secret: false},
      environment: {value: ${{ inputs.environment }}, secret: false},
      helmBranch: {value: ${{ vars.HELM_BRANCH }}, secret: false},
      region: {value: ${{ env.REGION }}, secret: false},
      projectId: {value: ${{ env.PROJECT_ALIAS }}, secret: false},
      projectFolder: {value: ${{ vars.GCP_PROJECT_FOLDER }}, secret: false},
      subdomain: {value: ${{ env.SUBDOMAIN }}, secret: false}
      pulumi:tags:environment: {value: ${{ inputs.environment }}, secret: false},
      pulumi:tags:partition: {value: ${{ env.PROJECT_ALIAS }}, secret: false},
      pulumi:tags:type: {value: ${{ inputs.cloud }}, secret: false}
      }"
  env:
    PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ADMIN }}

Gives error: error: invalid configuration key: could not parse pulumi:tags:environment as a configuration key (configuration keys should be of the form '<namespace>:<name>')

- uses: pulumi/actions@v4
  with:
    command: up
    stack-name: acme-team/${{ env.PROJECT_ALIAS }}
    work-dir: init
    upsert: true
    config-map: "{
      argoDefaultRole: {value: ${{ vars.ARGO_DEFAULT_ROLE }}, secret: false},
      environment: {value: ${{ inputs.environment }}, secret: false},
      helmBranch: {value: ${{ vars.HELM_BRANCH }}, secret: false},
      region: {value: ${{ env.REGION }}, secret: false},
      projectId: {value: ${{ env.PROJECT_ALIAS }}, secret: false},
      projectFolder: {value: ${{ vars.GCP_PROJECT_FOLDER }}, secret: false},
      subdomain: {value: ${{ env.SUBDOMAIN }}, secret: false}
      pulumi:tags: {
        environment: {value: ${{ inputs.environment }}, secret: false},
        partition: {value: ${{ env.PROJECT_ALIAS }}, secret: false},
        type: {value: ${{ inputs.cloud }}, secret: false}
      }
      }"
  env:
    PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ADMIN }}

Gives error: error: getting stack tags: pulumi:tags must be an object of strings Same with:

  config-map: "{
      argoDefaultRole: {value: ${{ vars.ARGO_DEFAULT_ROLE }}, secret: false},
      environment: {value: ${{ inputs.environment }}, secret: false},
      helmBranch: {value: ${{ vars.HELM_BRANCH }}, secret: false},
      region: {value: ${{ env.REGION }}, secret: false},
      projectId: {value: ${{ env.PROJECT_ALIAS }}, secret: false},
      projectFolder: {value: ${{ vars.GCP_PROJECT_FOLDER }}, secret: false},
      subdomain: {value: ${{ env.SUBDOMAIN }}, secret: false}
      pulumi:tags: {
        environment: ${{ inputs.environment }},
        partition: ${{ env.PROJECT_ALIAS }},
        type: ${{ inputs.cloud }}
      }
      }"

Frassle commented 1 year ago

pulumi:tags must be an object of strings

tags has probably stricter validation than needed, but it won't accept bools or numbers currently. So if inputs.cloud is resolving to "true", yaml will parse that as a bool not a string and tags will reject it. Wrapping things in double quotes will tell the yaml parser that this really should be a string.

nstires-ctgx commented 1 year ago

pulumi:tags must be an object of strings

tags has probably stricter validation than needed, but it won't accept bools or numbers currently. So if inputs.cloud is resolving to "true", yaml will parse that as a bool not a string and tags will reject it. Wrapping things in double quotes will tell the yaml parser that this really should be a string.

Can you provide an example of what this should look like?

pulumi / actions

Support for Stack Tags #1021

Hello!

Issue details

Affected area/feature