Closed dongqiaoyang closed 1 year ago
Just to check did the action print "Logging into gs://repo"?
No it does not, it just prints out
tderr: Command failed with exit code 255: pulumi stack select mgates --non-interactive error: PULUMI_ACCESS_TOKEN must be set for login during non-interactive CLI sessions err?: Error: Command failed with exit code 255: pulumi stack select mgates --non-interactive error: PULUMI_ACCESS_TOKEN must be set for login during non-interactive CLI sessions
OK thanks, I think we're missing some error checks for if the login itself was successful or not. I'll double check that and if so see about getting in a fix and tagging a new release.
For now, is there any tips on how to get this to work? @Frassle
Change the action to install pulumi cli (There's an action pulumi/action-install-pulumi-cli@v2 to do that) and just run "pulumi login gs://repo" to see if that works. I think it will error, but hopefully print out why.
I'm testing this on my end as well, I'll update when I know more.
yes when I install the cli and does pulumi login, it works totally fine.
@dongqiaoyang Are you running your workflow with debug logging turned on?
Login information is currently only visible when debug logging is turned on (changed in #744)
Still might be issues like @Frassle state; not sure we're handling errors here. We should probably add a test for that.
@dongqiaoyang maybe you can try to run gsutil ls gs://repo
to validate that you're authenticated?
- run: gsutil ls gs://repo
edit: gsutil
is not supported by Workload Identity Federation, so testing with gsutil
will not work.
If that can help.
Run pulumi/actions@v3 with: command: preview stack-name: mgates cloud-url: gs://pulumi-state-cto-datahub-bi-np-d032f1/stacks/mgates work-dir: ./ comment-on-pr: false github-token: *** parallel: 2147483647 target-dependents: false refresh: false upsert: false edit-pr-comment: true pulumi-version: ^3 color: auto env: PROJECT_ID: cto-datahub-bi-np-d032f1 GITHUB_NAME: tf-infra-cto-datahub-bi Configured range: ^3 Matched version: v3.41.1 Install destination is /home/runner/.pulumi Successfully deleted pre-existing /home/runner/.pulumi/bin /usr/bin/tar xz --warning=no-unknown-keyword --overwrite -C /home/runner/.pulumi -f /home/runner/work/_temp/c42c8b68-fdc5-4421-b5d1-276f89ad27bf Error: code: -2 stdout: stderr: Command failed with exit code 255: pulumi stack select mgates --non-interactive error: PULUMI_ACCESS_TOKEN must be set for login during non-interactive CLI sessions err?: Error: Command failed with exit code 255: pulumi stack select mgates --non-interactive error: PULUMI_ACCESS_TOKEN must be set for login during non-interactive CLI sessions
Can you try to run with pulumi/actions@master
once and share the same output?
@cobraz it works with master. I was able to see the logs and set PULUMI_CONFIG_PASSPHRASE as env var.
@cobraz Side question, does the git action support pulumi preview --policy-pack?
@cobraz Side question, does the git action support pulumi preview --policy-pack?
AFAIK, yes 👍
Check the README for policyPack. Im currently on mobile whilst traveling, so not that easy to check/send you a reference or example
@cobraz where is policyPack located? I can't find it. Thank you very much for your help.
What happened?
Unable to login into the GCP backend using the git actions combined with WIF.
Steps to reproduce
Expected Behavior
Login into the gcp backend and execute preview
Actual Behavior
Output of
pulumi about
No response
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).