Skip to content

Announcing Enhanced VCS Integration ๐ŸŽ‰ ๐ŸŽ‰

Read more here โ†’

Pulumiยป

Info

Feature previews are subject to change, may contain bugs, and have not yet been ironed out based on real production usage.

On a high level, Pulumi has a very similar flow to Terraform. It uses a state backend, provides dry run functionality, reconciles the actual world with the desired state. In this article we'll dive into how each of the concepts in Spacelift translates into working with Pulumi.

However, if you're the type that prefers to start with doing, instead of reading too much, there are quickstarts for each of the runtimes supported by Pulumi:

In case you're just getting started with Pulumi, we'd recommend you to start with Javascript. Believe it or not, it's actually the most pleasant experience we had with Pulumi! Later you can also easily switch to languages which compile to Javascript, like TypeScript or ClojureScript.

The high level concepts of Spacelift don't change when used with Pulumi. Below, we'll cover a few lower level details, which may be of interest.

Run Executionยป

Initializationยป

Previously described in Run Initializing, in Pulumi the initialization will run:

  • pulumi login with your configured login URL
  • pulumi stack select --create --select with your configured Pulumi stack name (the one you set in vendor-specific settings, not the Spacelift Stack name)

It will then commence to run all pre-initialization hooks.

Planningยป

We run pulumi preview --refresh --diff --show-replacement-steps in order to show planned changes.

Applyingยป

We run pulumi up --refresh --diff --show-replacement-steps in order to apply changes.

Policiesยป

Most policies don't change at all. The one that changes most is the plan policy. Instead of the terraform raw plan in the terraform field, you'll get a pulumi field with the raw Pulumi plan and the following schema:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
{
  "pulumi": {
    "steps": [
      {
        "new": {
          "custom": "boolean",
          "id": "string",
          "inputs": "object - input properties",
          "outputs": "object - output properties",
          "parent": "string - parent resource of this resource",
          "provider": "string - provider this resource stems from",
          "type": "string - resource type",
          "urn": "string - urn of this resource"
        },
        "old": {
          "custom": "boolean",
          "id": "string",
          "inputs": "object - input properties",
          "outputs": "object - output properties",
          "parent": "string - parent resource of this resource",
          "provider": "string - provider this resource stems from",
          "type": "string - resource type",
          "urn": "string - urn of this resource"
        },
        "op": "string - same, refresh, create, update, delete, create-replacement or delete-replaced",
        "provider": "string - provider this resource stems from",
        "type": "string - resource type",
        "urn": "string - urn of this resource"
      }
    ]
  },
  "spacelift": {"...": "..."}
}

Pulumi secrets are detected and encoded as [secret] instead of the actual value, that's why there's no other string sanitization going on with Pulumi plans.

Modulesยป

Spacelift module CI/CD isn't currently available for Pulumi.