diff --git a/.github/workflows/build_provider.yml b/.github/workflows/build_provider.yml new file mode 100644 index 0000000..e93f719 --- /dev/null +++ b/.github/workflows/build_provider.yml @@ -0,0 +1,76 @@ +name: "Build Provider" + +on: + workflow_call: + inputs: + version: + required: true + type: string + +jobs: + build_provider: + name: Build ${{ matrix.platform.os }}-${{ matrix.platform.arch }} + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + platform: + - os: linux + arch: amd64 + - os: linux + arch: arm64 + - os: darwin + arch: amd64 + - os: darwin + arch: arm64 + - os: windows + arch: amd64 + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, go + - name: Prepare for build + shell: bash + # This installs plugins and prepares upstream + # We have to run tfgen in order to generate the cmd/pulumi-resource-xyz/schema_embed.json file. + run: make tfgen + - name: Calc provider path + id: provider_path + run: | + { + echo -n "PROVIDER_PATH=" + echo "provider" + } >> "$GITHUB_OUTPUT" + - name: Calc ldflags + id: ldflags + run: | + { + echo -n "LDFLAGS=" + echo -n "-X github.com/pulumi/pulumi-xyz/${{ steps.provider_path.outputs.PROVIDER_PATH }}/pkg/version.Version=v${{ inputs.version }}" + echo "" + } >> "$GITHUB_OUTPUT" + - name: Go build + shell: bash + working-directory: provider + env: + GOOS: ${{ matrix.platform.os }} + GOARCH: ${{ matrix.platform.arch }} + PARALLELISM: >- + -p 2 + # YAML `>` will join consecutive lines with a space + run: go build ${{ env.PARALLELISM }} -o ${{ github.workspace }}/bin/${{ matrix.platform.os }}-${{ matrix.platform.arch }}/pulumi-resource-xyz -ldflags "${{ steps.ldflags.outputs.LDFLAGS }}" github.com/pulumi/pulumi-xyz/${{ steps.provider_path.outputs.PROVIDER_PATH }}/cmd/pulumi-resource-xyz + - name: Package provider binary + shell: bash + run: > + tar --gzip -cf bin/pulumi-resource-xyz-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + README.md LICENSE + -C bin/${{ matrix.platform.os }}-${{ matrix.platform.arch }} pulumi-resource-xyz + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: pulumi-resource-xyz-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: bin/pulumi-resource-xyz-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + retention-days: 30 diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index 89a8369..c6438b9 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -28,6 +28,13 @@ jobs: is_pr: ${{ github.event_name == 'pull_request' }} is_automated: ${{ github.actor == 'dependabot[bot]' }} + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + build_sdk: name: build_sdk needs: prerequisites @@ -87,6 +94,7 @@ jobs: name: publish needs: - prerequisites + - build_provider - test - license_check uses: ./.github/workflows/publish.yml diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index e9a7784..b45e848 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -29,6 +29,13 @@ jobs: is_pr: ${{ github.event_name == 'pull_request' }} is_automated: ${{ github.actor == 'dependabot[bot]' }} + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + build_sdk: name: build_sdk needs: prerequisites @@ -50,6 +57,7 @@ jobs: name: publish needs: - prerequisites + - build_provider - test - license_check uses: ./.github/workflows/publish.yml diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index dba3510..700550e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -59,7 +59,7 @@ jobs: - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumictl, pulumicli, go + tools: pulumictl, pulumicli, go, schema-tools - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -70,25 +70,44 @@ jobs: role-external-id: upload-pulumi-release role-session-name: xyz@githubActions role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - - name: Run GoReleaser + - name: Create dist directory + run: mkdir -p dist + - name: Download provider assets + uses: actions/download-artifact@v4 + with: + pattern: pulumi-resource-xyz-v${{ inputs.version }}-* + path: dist + # Don't create a directory for each artifact + merge-multiple: true + - name: Calculate checksums + working-directory: dist + run: shasum ./*.tar.gz > pulumi-xyz_${{ inputs.version }}_checksums.txt + - name: Get Schema Change Summary + id: schema-summary + shell: bash + run: | + # Get latest stable release. Return only first column from result (tag). + LAST_VERSION=$(gh release view --repo pulumi/pulumi-xyz --json tagName -q .tagName) + { + echo 'summary<> "$GITHUB_OUTPUT" + - name: Upload Provider Binaries + run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive + - name: Create GH Release + uses: softprops/action-gh-release@v1 if: inputs.isPrerelease == false - uses: goreleaser/goreleaser-action@v5 - env: - GORELEASER_CURRENT_TAG: v${{ inputs.version }} - PROVIDER_VERSION: ${{ inputs.version }} with: - args: -p 3 release --rm-dist --timeout 60m0s - version: latest - - name: Run GoReleaser (prerelease) - if: inputs.isPrerelease == true - uses: goreleaser/goreleaser-action@v5 + tag_name: v${{ inputs.version }} + prerelease: ${{ inputs.isPrerelease }} + # We keep pre-releases as drafts so they're not visible until we manually publish them. + draft: ${{ inputs.isPrerelease }} + body: ${{ steps.schema-summary.outputs.summary }} + generate_release_notes: true + files: dist/* env: - GORELEASER_CURRENT_TAG: v${{ inputs.version }} - PROVIDER_VERSION: ${{ inputs.version }} - with: - args: -p 3 -f .goreleaser.prerelease.yml --rm-dist --skip-validate --timeout - 60m0s - version: latest + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} publish_sdk: name: publish_sdk diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f8b53da..8c70691 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -28,6 +28,13 @@ jobs: is_pr: ${{ github.event_name == 'pull_request' }} is_automated: ${{ github.actor == 'dependabot[bot]' }} + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + build_sdk: name: build_sdk needs: prerequisites @@ -49,6 +56,7 @@ jobs: name: publish needs: - prerequisites + - build_provider - test - license_check uses: ./.github/workflows/publish.yml diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 597f6a1..1b1f1d4 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -36,6 +36,13 @@ jobs: is_pr: ${{ github.event_name == 'pull_request' }} is_automated: ${{ github.actor == 'dependabot[bot]' }} + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + build_sdk: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository