How do I add Pulumi to my GitHub Codespaces / VSCode .NET devcontainer?

Question

I want to develop and deploy IaC with Pulumi .NET / C# from a VS Code .devcontainer. How can I add this capability to the environment?

Answer 1

I included the build container steps from https://github.com/pulumi/pulumi-docker-containers/blob/main/docker/dotnet/Dockerfile into .devcontainer/Dockerfile:

ARG DOTNET_VARIANT="3.1"
ARG PULUMI_VERSION=latest
ARG INSTALL_NODE="true"
ARG NODE_VERSION="lts/*"

# --------------------------------------------------------------------------------

FROM debian:11-slim AS builder
RUN apt-get update -y && \
    apt-get upgrade -y && \
    apt-get install -y \
    curl \
    build-essential \
    git

RUN if [ "$PULUMI_VERSION" = "latest" ]; then \
    curl -fsSL https://get.pulumi.com/ | bash; \
    else \
    curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION ; \
    fi

# --------------------------------------------------------------------------------

FROM mcr.microsoft.com/vscode/devcontainers/dotnetcore:0-${DOTNET_VARIANT}

RUN if [ "${INSTALL_NODE}" = "true" ]; then su vscode -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"; fi

COPY --from=builder /root/.pulumi/bin/pulumi /pulumi/bin/pulumi
COPY --from=builder /root/.pulumi/bin/*-dotnet* /pulumi/bin/

ENV PATH "/pulumi/bin:${PATH}"

and I control the process with this .devcontainer/devcontainer.json:

// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at:
// https://github.com/microsoft/vscode-dev-containers/tree/v0.203.0/containers/alpine
{
    "name": "C# (.NET)",
    "build": {
        "dockerfile": "Dockerfile",
        "args": {
            "DOTNET_VARIANT": "3.1",
            "PULUMI_VERSION": "latest",
            "INSTALL_NODE": "true",
            "NODE_VERSION": "lts/*"
        }
    },
    "features": {
        "azure-cli": "latest"
    },
    // Set *default* container specific settings.json values on container create.
    "settings": {},
    // Add the IDs of extensions you want installed when the container is created.
    "extensions": [
        "ms-dotnettools.csharp"
    ],
    // Use 'forwardPorts' to make a list of ports inside the container available locally.
    // "forwardPorts": [],
    // Use 'postCreateCommand' to run commands after the container is created.
    // "postCreateCommand": "uname -a",
    // Replace when using a ptrace-based debugger like C++, Go, and Rust
    // "runArgs": [ "--init", "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ],
    "runArgs": [
        "--init"
    ],
    // Comment out connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
    "remoteUser": "vscode"
}

be aware that the Rebuild will take a while and that you probably have to reload the devcontainer once it indicates success in the GitHub Codespaces: Details.

After that pulumi login and e.g. pulumi new azure-csharp should work on the container.

Answer 2

You can spin up a codespace, and configure the devcontainer from within the codespace.

I did it just now,

Access the Command Palette (Shift + Command + P / Ctrl + Shift + P), then >start typing "dev container". Select Codespaces: Add Development Container >Configuration Files....

just follow this guide

from within following this guide - https://docs.github.com/en/codespaces/setting-up-your-project-for-codespaces/setting-up-your-project-for-codespaces

I was inspired by the builder container approach for DOTNET mentioned in this thread, and here is how I added pulumi to my GO codespace dockerfile.

Dockerfile

ARG GO_VARIANT="1"
ARG PULUMI_VERSION=latest
FROM debian:11-slim AS builder
RUN apt-get update -y && \
    apt-get upgrade -y && \
    apt-get install -y \
    curl \
    build-essential \
    git

RUN if [ "$PULUMI_VERSION" = "latest" ]; then \
    curl -fsSL https://get.pulumi.com/ | bash; \
    else \
    curl -fsSL https://get.pulumi.com/ | bash -s -- --version $PULUMI_VERSION ; \
    fi

FROM mcr.microsoft.com/vscode/devcontainers/go:0-${GO_VARIANT}

# [Choice] Node.js version: none, lts/*, 16, 14, 12, 10
ARG NODE_VERSION="none"
RUN if [ "${NODE_VERSION}" != "none" ]; then su vscode -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"; fi

COPY --from=builder /root/.pulumi/bin/pulumi /pulumi/bin/pulumi
COPY --from=builder /root/.pulumi/bin/*-go* /pulumi/bin/

ENV PATH "/pulumi/bin:${PATH}"
ENV GOOS "linux"
ENV GOARCH "amd64"

Snippit of code from devcontainer.json

        "args": {
           ... //redacted for clarity
            "GO_VARIANT": "1.18",
        }

)

I can login with azure, pulumi and pulumi up is also working.

Full example here https://github.com/DevOpsJava/solution-using-secret

I fixed an issue with pulumi up, which turned out to be a resource problem regarding memory. Switched codespace from 2 to 4 cores, which also doubled the memory to 8GB.