Open yellowhat opened 3 years ago
My expectation would be that imported resources should behave like the one created by pulumi.
Yes - this is true that imported resources would behave the same as ones created by Pulumi. However, in your code example, you are using a "get" function instead of importing the resource. You could do something like what's documented at https://www.pulumi.com/docs/guides/adopting/import/#pulumi-import-resource-operation to import the resource and have it be managed as a first-class resource in the Pulumi program and state.
Hopefully that is a way to accomplish what you would like here. If not, feel free to reopen.
@lukehoban, thanks for your suggestion.
I have tried to following:
import pulumi_azure as azure
from pulumi import ResourceOptions
RG = "z"
SIG = "sig"
IMAGE = "node"
VER = "0.1.0"
image_rg = azure.core.get_resource_group(name=RG)
image_rg = azure.core.ResourceGroup(
"image_rg",
name=image_rg.name,
location=image_rg.location,
opts=ResourceOptions(
import_=image_rg.id,
# protect=True
),
)
sig = azure.compute.get_shared_image_gallery(
name=SIG,
resource_group_name=image_rg.name,
)
sig = azure.compute.SharedImageGallery(
"sig",
name=sig.name,
resource_group_name=image_rg.name,
location=image_rg.location,
opts=ResourceOptions(
import_=sig.id,
# protect=True
),
)
vm_image_node = azure.compute.get_shared_image(
name=IMAGE,
gallery_name=sig.name,
resource_group_name=sig.resource_group_name,
)
vm_image_node = azure.compute.SharedImage(
"vm_image_node",
name=vm_image_node.name,
gallery_name=sig.name,
resource_group_name=sig.resource_group_name,
location=sig.location,
os_type=vm_image_node.os_type,
identifier=vm_image_node.identifiers[0],
hyper_v_generation=vm_image_node.hyper_v_generation,
opts=ResourceOptions(
import_=vm_image_node.id,
# protect=True
),
)
vm_image_node_ver = azure.compute.get_shared_image_version(
name=VER,
image_name=vm_image_node.name,
gallery_name=vm_image_node.gallery_name,
resource_group_name=sig.resource_group_name,
)
vm_image_node_ver = azure.compute.SharedImageVersion(
"vm_image_node_ver",
name=vm_image_node_ver.name,
image_name=vm_image_node_ver.image_name,
gallery_name=sig.name,
resource_group_name=sig.resource_group_name,
location=sig.location,
managed_image_id=vm_image_node_ver.managed_image_id,
target_regions=vm_image_node_ver.target_regions,
tags=vm_image_node_ver.tags,
opts=ResourceOptions(
import_=vm_image_node_ver.id,
# protect=True
),
)
This partially solves my problem (no new resources in policy-pack):
pulumi preview --policy-pack policypack
will not show the new resources in policypackpulumi up
the new resources will show in policypackAlso this creates a new (more dangerous) problem: if I update the image version (ie VER = 0.1.1
), pulumi will delete the previous 0.1.0
image version.
Adding protect=True
prevents pulumi from deleting the resources but will not just update the stack (pulumi errors anyway).
Any suggestions for the policypack from scratch? Is there a way to instruct pulumi to just update the stack but do not really delete the resource?
Thanks
May I ask to reopen this issues?
Thanks
Dear @lukehoban, Is there something else I can do to move this forward?
Thanks
Hi, does the latest 3.10.x version allow to make this happen?
Thanks
Hi, I would like to apply PolicyPack against resources imported using the function
azure.compute.get_shared_image_version
. Consider the following example:__main.py
vm_image = azure.compute.get_shared_image_version( name="0.1.0", image_name="node", gallery_name="sig", resource_group_name="z", )
If I run:
So seems that no
shared_image_version
resource is shown in policypack. If a parameter forget_shared_image_version
is wrongpulumi preview
will complain because the resource does not exist.My expectation would be that imported resources should behave like the one created by pulumi. Am I wrong?
Thanks