Update first-party Pulumi dependencies #44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: run-acceptance-tests | |
| on: | |
| repository_dispatch: | |
| types: | |
| - run-acceptance-tests-command | |
| pull_request: | |
| branches: | |
| - master | |
| - main | |
| paths-ignore: | |
| - CHANGELOG.md | |
| workflow_dispatch: {} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} | |
| PROVIDER: lambda-builders | |
| PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | |
| PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} | |
| PYPI_USERNAME: __token__ | |
| PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} | |
| TRAVIS_OS_NAME: linux | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. | |
| PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
| PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | |
| SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} | |
| SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} | |
| SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} | |
| GOVERSION: 1.21.x | |
| NODEVERSION: 20.x | |
| PYTHONVERSION: "3.11" | |
| DOTNETVERSION: | | |
| 6.0.x | |
| 3.1.301 | |
| JAVAVERSION: "11" | |
| AWS_REGION: us-west-2 | |
| PULUMI_TEST_OWNER: moolumi | |
| GOLANGCI_LINT_VERSION: v1.55.2 | |
| PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} | |
| jobs: | |
| comment-notification: | |
| runs-on: ubuntu-latest | |
| name: comment-notification | |
| steps: | |
| - name: Create URL to the run output | |
| id: vars | |
| run: echo | |
| run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID | |
| >> "$GITHUB_OUTPUT" | |
| - name: Update with Result | |
| uses: peter-evans/create-or-update-comment@v1 | |
| with: | |
| token: ${{ secrets.PULUMI_BOT_TOKEN }} | |
| repository: ${{ github.event.client_payload.github.payload.repository.full_name }} | |
| issue-number: ${{ github.event.client_payload.github.payload.issue.number }} | |
| body: "Please view the PR build: ${{ steps.vars.outputs.run-url }}" | |
| if: github.event_name == 'repository_dispatch' | |
| prerequisites: | |
| runs-on: ubuntu-latest | |
| name: prerequisites | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| ref: ${{ env.PR_COMMIT_SHA }} | |
| - id: version | |
| name: Set Provider Version | |
| uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 | |
| with: | |
| set-env: PROVIDER_VERSION | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GOVERSION }} | |
| cache-dependency-path: "**/*.sum" | |
| - name: Install pulumictl | |
| uses: jaxxstorm/[email protected] | |
| with: | |
| repo: pulumi/pulumictl | |
| - name: Install Pulumi CLI | |
| uses: pulumi/actions@cd99a7f8865434dd3532b586a26f9ebea596894f # v5 | |
| - if: github.event_name == 'pull_request' | |
| name: Install Schema Tools | |
| uses: jaxxstorm/[email protected] | |
| with: | |
| repo: pulumi/schema-tools | |
| - name: Build codegen binaries | |
| run: make codegen | |
| - name: Build Schema | |
| run: make generate_schema | |
| - if: github.event_name == 'pull_request' | |
| name: Check Schema is Valid | |
| run: >- | |
| echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV | |
| schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV | |
| echo 'EOF' >> $GITHUB_ENV | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} | |
| - if: github.event_name == 'pull_request' | |
| name: Comment on PR with Details of Schema Check | |
| uses: thollander/actions-comment-pull-request@v2 | |
| with: | |
| message: | | |
| ${{ env.SCHEMA_CHANGES }} | |
| comment_tag: schemaCheck | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && | |
| github.actor == 'pulumi-bot' | |
| name: Add label if no breaking changes | |
| uses: actions-ecosystem/[email protected] | |
| with: | |
| labels: impact/no-changelog-required | |
| number: ${{ github.event.issue.number }} | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build Provider | |
| run: make provider | |
| - name: Check worktree clean | |
| uses: pulumi/git-status-check-action@v1 | |
| with: | |
| allowed-changes: |- | |
| sdk/**/pulumi-plugin.json | |
| sdk/dotnet/Pulumi.*.csproj | |
| sdk/go/**/pulumiUtilities.go | |
| sdk/nodejs/package.json | |
| sdk/python/pyproject.toml | |
| - run: git status --porcelain | |
| - name: Tar provider binaries | |
| run: tar -zcf ${{ github.workspace }}/provider.tar.gz -C ${{ github.workspace }}/bin/ . | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: pulumi-${{ env.PROVIDER }}-provider.tar.gz | |
| path: ${{ github.workspace }}/provider.tar.gz | |
| - name: Test Provider Library | |
| run: make test_provider | |
| - name: Upload coverage reports to Codecov | |
| uses: codecov/codecov-action@v4 | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| if: github.event_name == 'repository_dispatch' || | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| build_sdks: | |
| needs: prerequisites | |
| runs-on: pulumi-ubuntu-8core | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| language: | |
| - nodejs | |
| - python | |
| - dotnet | |
| - go | |
| - java | |
| name: build_sdks | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| ref: ${{ env.PR_COMMIT_SHA }} | |
| - id: version | |
| name: Set Provider Version | |
| uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 | |
| with: | |
| set-env: PROVIDER_VERSION | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GOVERSION }} | |
| cache-dependency-path: "**/*.sum" | |
| - name: Install pulumictl | |
| uses: jaxxstorm/[email protected] | |
| with: | |
| repo: pulumi/pulumictl | |
| - name: Install Pulumi CLI | |
| uses: pulumi/actions@cd99a7f8865434dd3532b586a26f9ebea596894f # v5 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODEVERSION }} | |
| registry-url: https://registry.npmjs.org | |
| - name: Setup DotNet | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{ env.DOTNETVERSION }} | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHONVERSION }} | |
| - name: Setup Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: ${{ env.JAVAVERSION }} | |
| distribution: temurin | |
| cache: gradle | |
| - name: Setup Gradle | |
| uses: gradle/gradle-build-action@v3 | |
| with: | |
| gradle-version: "7.6" | |
| - name: Download provider + tfgen binaries | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: pulumi-${{ env.PROVIDER }}-provider.tar.gz | |
| path: ${{ github.workspace }} | |
| - name: UnTar provider binaries | |
| run: mkdir -p ${{ github.workspace}}/bin && tar -zxf ${{ github.workspace }}/provider.tar.gz -C ${{ | |
| github.workspace}}/bin | |
| - name: Restore Binary Permissions | |
| run: chmod +x bin/* | |
| - name: Generate SDK | |
| run: make generate_${{ matrix.language }} | |
| - name: Build SDK | |
| run: make build_${{ matrix.language }} | |
| - name: Check worktree clean | |
| uses: pulumi/git-status-check-action@v1 | |
| with: | |
| allowed-changes: |- | |
| sdk/**/pulumi-plugin.json | |
| sdk/dotnet/Pulumi.*.csproj | |
| sdk/go/**/pulumiUtilities.go | |
| sdk/nodejs/package.json | |
| sdk/python/pyproject.toml | |
| - run: git status --porcelain | |
| - name: Tar SDK folder | |
| run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . | |
| - name: Upload artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: ${{ matrix.language }}-sdk.tar.gz | |
| path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz | |
| retention-days: 30 | |
| if: github.event_name == 'repository_dispatch' || | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| test: | |
| runs-on: pulumi-ubuntu-8core | |
| needs: | |
| - build_sdks | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| language: | |
| - nodejs | |
| - python | |
| - dotnet | |
| - go | |
| - java | |
| name: test | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| ref: ${{ env.PR_COMMIT_SHA }} | |
| - id: version | |
| name: Set Provider Version | |
| uses: pulumi/provider-version-action@7c54f136703646f7d6eaa3d3b3c877e5a805d6ab # v1 | |
| with: | |
| set-env: PROVIDER_VERSION | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ env.GOVERSION }} | |
| cache-dependency-path: "**/*.sum" | |
| - name: Install pulumictl | |
| uses: jaxxstorm/[email protected] | |
| with: | |
| repo: pulumi/pulumictl | |
| - name: Install Pulumi CLI | |
| uses: pulumi/actions@cd99a7f8865434dd3532b586a26f9ebea596894f # v5 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ env.NODEVERSION }} | |
| registry-url: https://registry.npmjs.org | |
| - name: Setup DotNet | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{ env.DOTNETVERSION }} | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ env.PYTHONVERSION }} | |
| - name: Setup Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: ${{ env.JAVAVERSION }} | |
| distribution: temurin | |
| cache: gradle | |
| - name: Setup Gradle | |
| uses: gradle/gradle-build-action@v3 | |
| with: | |
| gradle-version: "7.6" | |
| - name: Download provider + tfgen binaries | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: pulumi-${{ env.PROVIDER }}-provider.tar.gz | |
| path: ${{ github.workspace }} | |
| - name: UnTar provider binaries | |
| run: mkdir -p ${{ github.workspace}}/bin && tar -zxf ${{ github.workspace }}/provider.tar.gz -C ${{ | |
| github.workspace}}/bin | |
| - name: Restore Binary Permissions | |
| run: chmod +x bin/* | |
| - name: Download SDK | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: ${{ matrix.language }}-sdk.tar.gz | |
| path: ${{ github.workspace}}/sdk/ | |
| - name: UnTar SDK folder | |
| run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{ | |
| github.workspace}}/sdk/${{ matrix.language}} | |
| - name: Update path | |
| run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH | |
| - name: Install Node dependencies | |
| run: yarn global add typescript | |
| - run: dotnet nuget add source ${{ github.workspace }}/nuget | |
| - name: Install Python deps | |
| run: |- | |
| pip3 install virtualenv==20.0.23 | |
| pip3 install pipenv | |
| - name: Install dependencies | |
| run: make install_${{ matrix.language}}_sdk | |
| - name: Install gotestfmt | |
| uses: GoTestTools/gotestfmt-action@v2 | |
| with: | |
| version: v2.5.0 | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| role-duration-seconds: 3600 | |
| role-session-name: ${{ env.PROVIDER }}@githubActions | |
| role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
| - name: Run tests | |
| run: >- | |
| set -euo pipefail | |
| cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | |
| if: github.event_name == 'repository_dispatch' || | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| sentinel: | |
| runs-on: ubuntu-latest | |
| name: sentinel | |
| steps: | |
| - name: Mark workflow as successful | |
| uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 | |
| with: | |
| authToken: ${{ secrets.GITHUB_TOKEN }} | |
| context: Sentinel | |
| state: success | |
| description: Sentinel checks passed | |
| sha: ${{ github.event.pull_request.head.sha || github.sha }} | |
| if: github.event_name == 'repository_dispatch' || | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| needs: | |
| - test | |
| - lint | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| with: | |
| lfs: true | |
| ref: ${{ env.PR_COMMIT_SHA }} | |
| # TODO: run some python linter | |
| name: lint | |
| if: github.event_name == 'repository_dispatch' || | |
| github.event.pull_request.head.repo.full_name == github.repository |