Get Roadie in your IDE with our new MCP Servers
Roadie
Backstage Scaffolder Actions

Run Pulumi Up

Action ID: pulumi:up
NPM Package:

@pulumi/backstage-scaffolder-backend-pulumi

Description

Runs Pulumi

Input Schema

PropertyTypeDescriptionRequired
configany-
outputsarray-
repoUrlstringThe Pulumi project repo URL to use, when using Pulumi Deployment
deploymentboolean-
repoBranchstringThe Pulumi project repo branch to use, when using Pulumi Deployment
secretConfigany-
preRunCommandsarray-
repoProjectPathstringThe Pulumi project repo path to use, when using Pulumi Deployment
suppressProgressboolean-
providerCredentialsFromEnvarray-

Output Schema

PropertyTypeDescriptionRequired
enumany-
typeany-
itemsany-
optionalany-
descriptionany-

Usage Examples

Pulumi Deployments from a GitHub monorepo path

Runs Pulumi using Pulumi Deployments. Use this when your Pulumi project lives in a separate repository and you want the Pulumi Service to perform the run after fetch:template.

Copy 
steps:
  - id: fetch-base
    action: fetch:template
    input:
      url: ${{ parameters.templateUrl }}
      targetPath: .
      values:
        serviceName: ${{ parameters.name }}

  - id: pulumi-deployments-aws
    action: pulumi:up
    input:
      deployment: true
      repoUrl: https://github.com/acme/infrastructure.git
      repoBranch: main
      repoProjectPath: stacks/aws/app
      config:
        aws:region: us-east-1
        app:name: ${{ parameters.name }}
        app:imageTag: ${{ parameters.imageTag }}
      secretConfig:
        app:dbPassword: ${{ parameters.dbPassword }}
      outputs:
        - serviceUrl
        - clusterName
      suppressProgress: true

Local Pulumi run with Node.js on AWS

Runs the Pulumi program locally on the scaffolder runner. Use this when your template includes a Node.js Pulumi project fetched by fetch:template and you want to install dependencies before running.

Copy 
steps:
  - id: fetch-program
    action: fetch:template
    input:
      url: ${{ parameters.templateUrl }}
      targetPath: .
      values:
        env: ${{ parameters.env }}

  - id: pulumi-up-local-aws
    action: pulumi:up
    input:
      deployment: false
      preRunCommands:
        - npm ci
        - npm run build
      providerCredentialsFromEnv:
        - AWS_ACCESS_KEY_ID
        - AWS_SECRET_ACCESS_KEY
        - AWS_SESSION_TOKEN
        - AWS_DEFAULT_REGION
      config:
        aws:region: ${{ parameters.awsRegion }}
        app:env: ${{ parameters.env }}
        app:serviceName: ${{ parameters.name }}
      secretConfig:
        app:dbPassword: ${{ parameters.dbPassword }}
      outputs:
        - vpcId
        - clusterName

Local Pulumi run on GCP with secret config

Runs a Python Pulumi program locally and passes both config and secretConfig. Use this when deploying to GCP with credentials provided via environment variables and the program requires sensitive settings.

Copy 
steps:
  - id: fetch-gcp-program
    action: fetch:template
    input:
      url: ${{ parameters.templateUrl }}
      targetPath: .
      values:
        stack: ${{ parameters.stack }}

  - id: pulumi-up-local-gcp
    action: pulumi:up
    input:
      deployment: false
      preRunCommands:
        - pip install -r requirements.txt
        - pulumi stack select ${{ parameters.stack }} --create
      providerCredentialsFromEnv:
        - GOOGLE_CLOUD_PROJECT
        - GOOGLE_APPLICATION_CREDENTIALS
      config:
        gcp:project: ${{ parameters.gcpProjectId }}
        gcp:region: ${{ parameters.gcpRegion }}
        app:serviceName: ${{ parameters.name }}
      secretConfig:
        app:dbPassword: ${{ parameters.dbPassword }}
      outputs:
        - serviceUrl
        - bucketName

Pulumi Deployments for ephemeral Azure stacks per branch

Runs Pulumi using Pulumi Deployments targeting an Azure stack for a feature branch. Use this when creating per-branch environments from a monorepo after fetch:template.

Copy 
steps:
  - id: fetch-azure
    action: fetch:template
    input:
      url: ${{ parameters.templateUrl }}
      targetPath: .
      values:
        branch: ${{ parameters.gitRef }}

  - id: pulumi-deployments-azure
    action: pulumi:up
    input:
      deployment: true
      repoUrl: https://github.com/acme/infra-mono.git
      repoBranch: ${{ parameters.gitRef }}
      repoProjectPath: stacks/azure/resource-group
      config:
        azure-native:location: westeurope
        app:env: ${{ parameters.env }}
        app:branch: ${{ parameters.gitRef }}
      outputs:
        - resourceGroupName
        - location

Local Kubernetes stack with minimal logs and captured outputs

Runs a local Pulumi Kubernetes stack with reduced progress output. Use this when the runner has KUBECONFIG set and you want to capture specific outputs for later steps.

Copy 
steps:
  - id: fetch-k8s
    action: fetch:template
    input:
      url: ${{ parameters.templateUrl }}
      targetPath: .
      values:
        namespace: ${{ parameters.namespace }}

  - id: pulumi-up-local-k8s
    action: pulumi:up
    input:
      deployment: false
      preRunCommands:
        - npm ci
      providerCredentialsFromEnv:
        - KUBECONFIG
      config:
        kubernetes:context: ${{ parameters.kubeContext }}
        app:namespace: ${{ parameters.namespace }}
      outputs:
        - namespace
        - serviceUrl
      suppressProgress: true

Other actions in @pulumi/backstage-scaffolder-backend-pulumi

Create Pulumi Project

Creates a new Pulumi project

6 inputs, 0 outputs