From 0b52de65438fd3e1f3c6a38b67850aeea152bc60 Mon Sep 17 00:00:00 2001 From: "pulumi-provider-automation[bot]" <248966057+pulumi-provider-automation[bot]@users.noreply.github.com> Date: Thu, 16 Apr 2026 06:16:23 +0000 Subject: [PATCH] Update GitHub Actions workflows. (#816) This PR was triggered by @t0yv0 generated by the update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt repo, from commit [b05dbe61dbea8fb6ea0c4cde662bde1101961819](https://github.com/pulumi/ci-mgmt/commit/b05dbe61dbea8fb6ea0c4cde662bde1101961819). Co-authored-by: Pulumi Bot --- .config/mise.toml | 2 +- .github/actions/download-provider/action.yml | 2 +- .github/actions/download-sdk/action.yml | 2 +- .github/actions/setup-tools/action.yml | 4 +- .github/workflows/build.yml | 40 +++++++------- .github/workflows/claude.yml | 14 ++--- .github/workflows/command-dispatch.yml | 2 +- .github/workflows/community-moderation.yml | 6 +-- .github/workflows/export-repo-secrets.yml | 2 +- .github/workflows/lint.yml | 6 +-- .github/workflows/prerelease.yml | 50 ++++++++--------- .github/workflows/pull-request.yml | 2 +- .github/workflows/release.yml | 56 ++++++++++---------- .github/workflows/release_command.yml | 2 +- .github/workflows/run-acceptance-tests.yml | 30 +++++------ .github/workflows/weekly-pulumi-update.yml | 4 +- .golangci.yml | 2 +- 17 files changed, 113 insertions(+), 113 deletions(-) diff --git a/.config/mise.toml b/.config/mise.toml index ec8e0aa..88a27cf 100644 --- a/.config/mise.toml +++ b/.config/mise.toml @@ -21,7 +21,7 @@ java = 'corretto-11' "github:pulumi/schema-tools" = "0.6.0" "go:github.com/pulumi/upgrade-provider" = "main" "aqua:gradle/gradle-distributions" = '7.6.6' -golangci-lint = "2.2.2" # See note about about overrides if you need to customize this. +golangci-lint = "2.9.0" # See note about about overrides if you need to customize this. "npm:yarn" = "1.22.22" [settings] diff --git a/.github/actions/download-provider/action.yml b/.github/actions/download-provider/action.yml index d80db12..36b0a0c 100644 --- a/.github/actions/download-provider/action.yml +++ b/.github/actions/download-provider/action.yml @@ -5,7 +5,7 @@ runs: using: "composite" steps: - name: Download provider - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin diff --git a/.github/actions/download-sdk/action.yml b/.github/actions/download-sdk/action.yml index f1734f7..e448416 100644 --- a/.github/actions/download-sdk/action.yml +++ b/.github/actions/download-sdk/action.yml @@ -10,7 +10,7 @@ runs: using: "composite" steps: - name: Download SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ inputs.language }}-sdk.tar.gz path: ${{ github.workspace }}/sdk/ diff --git a/.github/actions/setup-tools/action.yml b/.github/actions/setup-tools/action.yml index 0cc2c25..d372907 100644 --- a/.github/actions/setup-tools/action.yml +++ b/.github/actions/setup-tools/action.yml @@ -14,7 +14,7 @@ runs: using: "composite" steps: - name: Setup mise - uses: jdx/mise-action@c1a019b8d2586943b4dbebc456323b516910e310 + uses: jdx/mise-action@d6e9fb75ae3ee715d1db0b62373f15621d5f7329 env: MISE_FETCH_REMOTE_VERSIONS_TIMEOUT: 30s with: @@ -34,7 +34,7 @@ runs: *.sum - name: Setup Node - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6 + uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6 with: # we don't set node-version because we install with mise. # this step is needed to setup npm auth diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index deb4031..620dfca 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,7 +43,7 @@ jobs: pull-requests: write # For schema check comment. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -55,7 +55,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -75,7 +75,7 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 + uses: jaxxstorm/action-install-gh-release@25e24d2d23ae098373794ef1d6faecb48ee52da8 # v3.0.0 with: repo: pulumi/schema-tools - name: Build codegen binaries @@ -130,7 +130,7 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz @@ -139,7 +139,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 env: CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' @@ -169,7 +169,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -181,7 +181,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -220,7 +220,7 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz @@ -244,7 +244,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -289,7 +289,7 @@ jobs: id-token: write # For ESC secrets and Pulumi access token OIDC. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -301,7 +301,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -392,7 +392,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -404,7 +404,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -431,7 +431,7 @@ jobs: swap-storage: true large-packages: false - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1 + uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 with: aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -473,7 +473,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -485,7 +485,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -499,7 +499,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Scripts Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: path: ci-scripts repository: pulumi/scripts @@ -509,7 +509,7 @@ jobs: with: github_token: ${{ steps.app-auth.outputs.token }} - name: Download python SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: python-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -517,7 +517,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python - name: Download dotnet SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: dotnet-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -525,7 +525,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet - name: Download nodejs SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: nodejs-sdk.tar.gz path: ${{ github.workspace}}/sdk/ diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index 6c109c1..6c285e4 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -45,8 +45,8 @@ jobs: ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization id: esc-secrets name: Fetch secrets from ESC - uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: pulumi/esc-action@9840934db12128a33f6afb60b17d9de8f7ec5519 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 with: fetch-depth: 0 - name: Checkout PR head (if applicable) @@ -56,7 +56,7 @@ jobs: PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number }} run: gh pr checkout "$PR_NUMBER" - name: Setup mise - uses: jdx/mise-action@c1a019b8d2586943b4dbebc456323b516910e310 + uses: jdx/mise-action@d6e9fb75ae3ee715d1db0b62373f15621d5f7329 env: MISE_FETCH_REMOTE_VERSIONS_TIMEOUT: 30s with: @@ -79,7 +79,7 @@ jobs: (github.event_name == 'pull_request_review_comment' && contains(github.event.comment.body, '@claude review')) || (github.event_name == 'pull_request_review' && contains(github.event.review.body, '@claude review')) id: claude-review - uses: anthropics/claude-code-action@8341a564b0c1693e9fa29c681852ee3714980098 # v1 + uses: anthropics/claude-code-action@905d4eb99ab3d43143d74fb0dcae537f29ac330a # v1 with: anthropic_api_key: ${{ steps.esc-secrets.outputs.ANTHROPIC_API_KEY }} prompt: | @@ -101,7 +101,7 @@ jobs: !contains(github.event.comment.body, '@claude review') && !contains(github.event.review.body, '@claude review') id: claude-action - uses: anthropics/claude-code-action@8341a564b0c1693e9fa29c681852ee3714980098 # v1 + uses: anthropics/claude-code-action@905d4eb99ab3d43143d74fb0dcae537f29ac330a # v1 with: anthropic_api_key: ${{ steps.esc-secrets.outputs.ANTHROPIC_API_KEY }} # This allows claude to read github action logs @@ -125,14 +125,14 @@ jobs: # Uploading the artifact allows you to download the artifact from the UI - name: Upload Claude review output on failure if: failure() && steps.claude-review.outputs.execution_file - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 with: name: claude-review-execution-log path: ${{ steps.claude-review.outputs.execution_file }} retention-days: 7 - name: Upload Claude output on failure if: failure() && steps.claude-action.outputs.execution_file - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6 with: name: claude-execution-log path: ${{ steps.claude-action.outputs.execution_file }} diff --git a/.github/workflows/command-dispatch.yml b/.github/workflows/command-dispatch.yml index c75b095..0b65da1 100644 --- a/.github/workflows/command-dispatch.yml +++ b/.github/workflows/command-dispatch.yml @@ -23,7 +23,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - env: diff --git a/.github/workflows/community-moderation.yml b/.github/workflows/community-moderation.yml index af6fd31..cc79777 100644 --- a/.github/workflows/community-moderation.yml +++ b/.github/workflows/community-moderation.yml @@ -6,18 +6,18 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - id: schema_changed name: Check for diff in schema - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 + uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1 with: filters: "changed: 'provider/cmd/**/schema.json'" - id: sdk_changed if: steps.schema_changed.outputs.changed == 'false' name: Check for diff in sdk/** - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 + uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1 with: filters: "changed: 'sdk/**'" - if: steps.sdk_changed.outputs.changed == 'true' && diff --git a/.github/workflows/export-repo-secrets.yml b/.github/workflows/export-repo-secrets.yml index 93f70f2..513630e 100644 --- a/.github/workflows/export-repo-secrets.yml +++ b/.github/workflows/export-repo-secrets.yml @@ -8,7 +8,7 @@ jobs: steps: - name: Generate a GitHub token id: generate-token - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2 + uses: actions/create-github-app-token@fee1f7d63c2ff003460e3d139729b119787bc349 # v2 with: app-id: 1256780 # Export Secrets GitHub App private-key: ${{ secrets.EXPORT_SECRETS_PRIVATE_KEY }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 530949b..b998966 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -30,7 +30,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - env: @@ -42,14 +42,14 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }} owner: ${{ github.repository_owner }} - name: Setup mise - uses: jdx/mise-action@c1a019b8d2586943b4dbebc456323b516910e310 + uses: jdx/mise-action@d6e9fb75ae3ee715d1db0b62373f15621d5f7329 env: MISE_FETCH_REMOTE_VERSIONS_TIMEOUT: 30s with: diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index de6851c..a108db0 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -35,7 +35,7 @@ jobs: pull-requests: write # For schema check comment. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -47,7 +47,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -67,7 +67,7 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 + uses: jaxxstorm/action-install-gh-release@25e24d2d23ae098373794ef1d6faecb48ee52da8 # v3.0.0 with: repo: pulumi/schema-tools - name: Build codegen binaries @@ -122,7 +122,7 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz @@ -131,7 +131,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 env: CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' @@ -161,7 +161,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -173,7 +173,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -212,7 +212,7 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz @@ -245,7 +245,7 @@ jobs: id-token: write # For ESC secrets and Pulumi access token OIDC. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -257,7 +257,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -348,7 +348,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -360,7 +360,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -387,7 +387,7 @@ jobs: swap-storage: true large-packages: false - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1 + uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 with: aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -429,7 +429,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -441,7 +441,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -455,7 +455,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Scripts Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: path: ci-scripts repository: pulumi/scripts @@ -465,7 +465,7 @@ jobs: with: github_token: ${{ steps.app-auth.outputs.token }} - name: Download python SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: python-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -473,7 +473,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python - name: Download dotnet SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: dotnet-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -481,7 +481,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet - name: Download nodejs SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: nodejs-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -517,7 +517,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -529,7 +529,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -547,7 +547,7 @@ jobs: with: github_token: ${{ steps.app-auth.outputs.token }} - name: Download java SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: java-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -555,7 +555,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C ${{github.workspace}}/sdk/java - name: Setup Gradle - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0 with: gradle-version: "7.6" - name: Publish Java SDK @@ -573,7 +573,7 @@ jobs: needs: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - id: version @@ -584,7 +584,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Download go SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: go-sdk.tar.gz path: ${{ github.workspace}}/sdk/ diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index f935603..a02dd25 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -10,7 +10,7 @@ jobs: name: comment-on-pr steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - name: Comment PR diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5e568e3..8671921 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -35,7 +35,7 @@ jobs: pull-requests: write # For schema check comment. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -47,7 +47,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -67,7 +67,7 @@ jobs: github_token: ${{ steps.app-auth.outputs.token }} - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 + uses: jaxxstorm/action-install-gh-release@25e24d2d23ae098373794ef1d6faecb48ee52da8 # v3.0.0 with: repo: pulumi/schema-tools - name: Build codegen binaries @@ -122,7 +122,7 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz @@ -131,7 +131,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 env: CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' @@ -161,7 +161,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -173,7 +173,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -212,7 +212,7 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz @@ -245,7 +245,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -257,7 +257,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -348,7 +348,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -360,7 +360,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -387,7 +387,7 @@ jobs: swap-storage: true large-packages: false - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1 + uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 with: aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -429,7 +429,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -441,7 +441,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -455,7 +455,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Scripts Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: path: ci-scripts repository: pulumi/scripts @@ -465,7 +465,7 @@ jobs: with: github_token: ${{ steps.app-auth.outputs.token }} - name: Download python SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: python-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -473,7 +473,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python - name: Download dotnet SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: dotnet-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -481,7 +481,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet - name: Download nodejs SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: nodejs-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -517,7 +517,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -529,7 +529,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -547,7 +547,7 @@ jobs: with: github_token: ${{ steps.app-auth.outputs.token }} - name: Download java SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: java-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -555,7 +555,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C ${{github.workspace}}/sdk/java - name: Setup Gradle - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0 + uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0 with: gradle-version: "7.6" - name: Publish Java SDK @@ -573,7 +573,7 @@ jobs: needs: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - id: version @@ -584,7 +584,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Download go SDK - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: go-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -609,7 +609,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -621,14 +621,14 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }} owner: ${{ github.repository_owner }} - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 + uses: jaxxstorm/action-install-gh-release@25e24d2d23ae098373794ef1d6faecb48ee52da8 # v3.0.0 with: repo: pulumi/pulumictl - name: Dispatch Event diff --git a/.github/workflows/release_command.yml b/.github/workflows/release_command.yml index 21fad2a..0ae8774 100644 --- a/.github/workflows/release_command.yml +++ b/.github/workflows/release_command.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - env: diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 73c0543..91ea5ab 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -37,7 +37,7 @@ jobs: name: comment-notification steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true persist-credentials: false @@ -62,7 +62,7 @@ jobs: pull-requests: write # For schema check comment. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true persist-credentials: false @@ -76,7 +76,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -96,7 +96,7 @@ jobs: github_token: ${{ steps.app-auth.outputs.token }} - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 + uses: jaxxstorm/action-install-gh-release@25e24d2d23ae098373794ef1d6faecb48ee52da8 # v3.0.0 with: repo: pulumi/schema-tools - name: Build codegen binaries @@ -198,7 +198,7 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz @@ -207,7 +207,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 env: CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' @@ -239,7 +239,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true persist-credentials: false @@ -253,7 +253,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -271,7 +271,7 @@ jobs: with: github_token: ${{ steps.app-auth.outputs.token }} - name: Download provider - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -344,7 +344,7 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz @@ -380,7 +380,7 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true persist-credentials: false @@ -394,7 +394,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} @@ -412,7 +412,7 @@ jobs: with: github_token: ${{ steps.app-auth.outputs.token }} - name: Download provider - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -424,7 +424,7 @@ jobs: -exec chmod +x {} \; - name: Download SDK if: ${{ matrix.language != 'yaml' }} - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -497,7 +497,7 @@ jobs: name: sentinel steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true persist-credentials: false diff --git a/.github/workflows/weekly-pulumi-update.yml b/.github/workflows/weekly-pulumi-update.yml index 5452774..8f0726e 100644 --- a/.github/workflows/weekly-pulumi-update.yml +++ b/.github/workflows/weekly-pulumi-update.yml @@ -33,7 +33,7 @@ jobs: permissions: write-all steps: - name: Checkout Repo - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: @@ -45,7 +45,7 @@ jobs: id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + - uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} diff --git a/.golangci.yml b/.golangci.yml index 89ff4cb..f7c7984 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -27,7 +27,7 @@ linters: rules: - linters: - revive - path: pkg/version/ + path: pkg/ text: "var-naming" # https://github.com/pulumi/ci-mgmt/issues/2100 formatters: enable: