Update dependency pulumi to v3.137.0 (mise) #552
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt | |
name: run-acceptance-tests | |
on: | |
repository_dispatch: | |
types: | |
- run-acceptance-tests-command | |
pull_request: | |
paths-ignore: | |
- CHANGELOG.md | |
workflow_dispatch: {} | |
env: | |
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} | |
PROVIDER: docker-build | |
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | |
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget | |
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} | |
PYPI_USERNAME: __token__ | |
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} | |
TRAVIS_OS_NAME: linux | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. | |
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | |
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} | |
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} | |
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} | |
AWS_REGION: us-west-2 | |
PULUMI_API: https://api.pulumi-staging.io | |
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e | |
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1 | |
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7 | |
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} | |
AZURE_LOCATION: westus | |
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }} | |
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com | |
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci | |
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci | |
GOOGLE_PROJECT: pulumi-ci-gcp-provider | |
GOOGLE_PROJECT_NUMBER: 895284651812 | |
GOOGLE_REGION: us-central1 | |
GOOGLE_ZONE: us-central1-a | |
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }} | |
PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} | |
jobs: | |
comment-notification: | |
runs-on: ubuntu-latest | |
name: comment-notification | |
steps: | |
- name: Create URL to the run output | |
id: vars | |
run: echo | |
run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID | |
>> "$GITHUB_OUTPUT" | |
- name: Update with Result | |
uses: peter-evans/create-or-update-comment@v1 | |
with: | |
token: ${{ secrets.PULUMI_BOT_TOKEN }} | |
repository: ${{ github.event.client_payload.github.payload.repository.full_name }} | |
issue-number: ${{ github.event.client_payload.github.payload.issue.number }} | |
body: "Please view the PR build: ${{ steps.vars.outputs.run-url }}" | |
if: github.event_name == 'repository_dispatch' | |
prerequisites: | |
if: github.event_name == 'repository_dispatch' || | |
github.event.pull_request.head.repo.full_name == github.repository | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
actions: write # For telemetry. | |
pull-requests: write # For schema comment. | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
lfs: true | |
ref: ${{ env.PR_COMMIT_SHA }} | |
- name: Setup tools | |
uses: ./.github/actions/setup-tools | |
- id: version | |
name: Set Provider Version | |
uses: pulumi/provider-version-action@v1 | |
with: | |
set-env: PROVIDER_VERSION | |
- name: Build codegen binaries | |
run: make codegen | |
- name: Build Schema | |
run: make generate_schema | |
- if: github.event_name == 'pull_request' | |
name: Check Schema is Valid | |
run: >- | |
echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV | |
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV | |
echo 'EOF' >> $GITHUB_ENV | |
env: | |
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} | |
- if: github.event_name == 'pull_request' | |
name: Comment on PR with Details of Schema Check | |
uses: thollander/actions-comment-pull-request@v2 | |
with: | |
message: | | |
${{ env.SCHEMA_CHANGES }} | |
comment_tag: schemaCheck | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- if: | |
contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && | |
github.actor == 'pulumi-bot' | |
name: Add label if no breaking changes | |
uses: actions-ecosystem/action-add-labels@v1.1.0 | |
with: | |
labels: impact/no-changelog-required | |
number: ${{ github.event.issue.number }} | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build Provider | |
run: make provider | |
- name: Check worktree clean | |
uses: pulumi/git-status-check-action@v1 | |
with: | |
allowed-changes: |- | |
sdk/**/pulumi-plugin.json | |
sdk/dotnet/Pulumi.*.csproj | |
sdk/go/**/pulumiUtilities.go | |
sdk/nodejs/package.json | |
sdk/python/pyproject.toml | |
- run: git status --porcelain | |
- name: Tar provider binaries | |
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | |
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} | |
pulumi-gen-${{ env.PROVIDER}} | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin/provider.tar.gz | |
- name: Test Provider Library | |
run: make test_provider | |
- name: Upload coverage reports to Codecov | |
uses: codecov/codecov-action@v4 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
- if: failure() && github.event_name == 'push' | |
name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
with: | |
author_name: Failure in building provider prerequisites | |
fields: repo,commit,author,action | |
status: ${{ job.status }} | |
- name: Generate & Build SDK | |
run: mise run sdk | |
- name: Check worktree clean | |
uses: pulumi/git-status-check-action@v1 | |
with: | |
allowed-changes: |- | |
sdk/**/pulumi-plugin.json | |
sdk/dotnet/Pulumi.*.csproj | |
sdk/go/**/pulumiUtilities.go | |
sdk/nodejs/package.json | |
sdk/python/pyproject.toml | |
- run: git status --porcelain | |
- name: Tar SDK folder | |
run: tar -zcf sdk.tar.gz -C sdk . | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: sdk.tar.gz | |
path: ${{ github.workspace}}/sdk.tar.gz | |
retention-days: 30 | |
- if: failure() && github.event_name == 'push' | |
name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
with: | |
author_name: Failure while building SDKs | |
fields: repo,commit,author,action | |
status: ${{ job.status }} | |
test: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
actions: write # For telemetry. | |
needs: | |
- prerequisites | |
strategy: | |
fail-fast: true | |
matrix: | |
shard: [0, 1, 2, 3, 4, 5, 6, 7] | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
lfs: true | |
ref: ${{ env.PR_COMMIT_SHA }} | |
- name: Setup tools | |
uses: ./.github/actions/setup-tools | |
- id: version | |
name: Set Provider Version | |
uses: pulumi/provider-version-action@v1 | |
with: | |
set-env: PROVIDER_VERSION | |
- name: Download provider + tfgen binaries | |
uses: actions/download-artifact@v4 | |
with: | |
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin | |
- name: UnTar provider binaries | |
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | |
github.workspace}}/bin | |
- name: Restore Binary Permissions | |
run: | |
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print | |
-exec chmod +x {} \; | |
- name: Download SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: sdk.tar.gz | |
path: ${{ github.workspace}} | |
- name: UnTar SDK folder | |
run: tar -zxf ${{ github.workspace}}/sdk.tar.gz -C ${{github.workspace}}/sdk | |
- name: Update path | |
run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH | |
- name: Install Node dependencies | |
run: yarn global add typescript | |
- run: dotnet nuget add source ${{ github.workspace }}/nuget | |
- name: Install dependencies | |
run: mise run install | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 3600 | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
- name: Authenticate to Google Cloud | |
uses: google-github-actions/auth@v0 | |
with: | |
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER | |
}}/locations/global/workloadIdentityPools/${{ | |
env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ | |
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} | |
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} | |
- name: Setup gcloud auth | |
uses: google-github-actions/setup-gcloud@v2 | |
with: | |
skip_install: true | |
- name: Shard tests | |
run: mise run "test:examples:shard" -- --total ${{ strategy.job-total }} --index ${{ strategy.job-index }} > go-test | |
- name: Run tests | |
run: mise run "test:examples" $(cat go-test) 2>&1 | tee /tmp/gotest.log | gotestfmt | |
- if: failure() && github.event_name == 'push' | |
name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
with: | |
author_name: Failure in SDK tests | |
fields: repo,commit,author,action | |
status: ${{ job.status }} | |
if: github.event_name == 'repository_dispatch' || | |
github.event.pull_request.head.repo.full_name == github.repository | |
sentinel: | |
runs-on: ubuntu-latest | |
name: sentinel | |
steps: | |
- name: Mark workflow as successful | |
uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 | |
with: | |
authToken: ${{ secrets.GITHUB_TOKEN }} | |
context: Sentinel | |
state: success | |
description: Sentinel checks passed | |
sha: ${{ github.event.pull_request.head.sha || github.sha }} | |
if: github.event_name == 'repository_dispatch' || | |
github.event.pull_request.head.repo.full_name == github.repository | |
needs: | |
- test | |
- lint | |
lint: | |
if: github.event_name == 'repository_dispatch' || | |
github.event.pull_request.head.repo.full_name == github.repository | |
runs-on: ubuntu-latest | |
permissions: | |
contents: read | |
id-token: write | |
actions: write # For telemetry. | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
with: | |
lfs: true | |
ref: ${{ env.PR_COMMIT_SHA }} | |
- name: Setup tools | |
uses: ./.github/actions/setup-tools | |
- run: make lint |