sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity

testing

Browse Source
This commit is contained in:
Bryce Lampe
2025-08-07 10:53:41 -07:00
parent 3bca7cb8c7
commit 52f62c4608
1 changed files with 449 additions and 439 deletions
Download Patch File Download Diff File Expand all files Collapse all files

888
.github/workflows/run-acceptance-tests.yml vendored
View File

@@ -4,10 +4,10 @@ name: run-acceptance-tests
on: on:
repository_dispatch: repository_dispatch:
types: types:
- run-acceptance-tests-command - run-acceptance-tests-command
pull_request: pull_request:
paths-ignore: paths-ignore:
- CHANGELOG.md - CHANGELOG.md
workflow_dispatch: {} workflow_dispatch: {}
env: env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
@@ -54,166 +54,173 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
name: comment-notification name: comment-notification
steps: steps:
- name: Create URL to the run output - name: Create URL to the run output
id: vars id: vars
run: echo run: echo
"run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
>> "$GITHUB_OUTPUT" >> "$GITHUB_OUTPUT"
- name: Update with Result - name: Update with Result
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
with: with:
token: ${{ secrets.PULUMI_BOT_TOKEN }} token: ${{ secrets.PULUMI_BOT_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }} repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
issue-number: ${{ github.event.client_payload.github.payload.issue.number }} issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
body: "Please view the PR build: ${{ steps.vars.outputs.run-url }}" body: "Please view the PR build: ${{ steps.vars.outputs.run-url }}"
if: github.event_name == 'repository_dispatch' if: github.event_name == 'repository_dispatch'
prerequisites: prerequisites:
runs-on: ubuntu-latest runs-on: ubuntu-latest
name: prerequisites name: prerequisites
steps: steps:
- name: Checkout Repo - name: Testing duplicate JSON key behavior
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 shell: bash
with: run: |
lfs: true export JSON='{"FOO": "BAR", "FOO": "BAZ"}'
persist-credentials: false echo ${{ fromJSON($JSON) }}
ref: ${{ env.PR_COMMIT_SHA }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/schema-tools
- name: Build codegen binaries
run: make codegen
- name: Build Schema
run: make generate_schema
- if: github.event_name == 'pull_request'
name: Check Schema is Valid
run: >-
{
echo 'SCHEMA_CHANGES<<EOF';
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json; - name: Checkout Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/schema-tools
- name: Build codegen binaries
run: make codegen
- name: Build Schema
run: make generate_schema
- if: github.event_name == 'pull_request'
name: Check Schema is Valid
run: >-
{
echo 'SCHEMA_CHANGES<<EOF';
echo 'EOF'; schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json;
} >> "$GITHUB_ENV"
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
with:
message: |
${{ env.SCHEMA_CHANGES }}
comment-tag: schemaCheck
github-token: ${{ secrets.GITHUB_TOKEN }}
- if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') &&
github.actor == 'pulumi-bot'
name: Add label if no breaking changes
uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3
with:
labels: impact/no-changelog-required
number: ${{ github.event.issue.number }}
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Build Provider
run: make provider
- name: Check worktree clean
id: worktreeClean
uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com" echo 'EOF';
} >> "$GITHUB_ENV"
git config --global user.name "pulumi-bot" env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
# Stash local changes and check out the PR's branch directly. - if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
git stash uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
with:
git fetch message: |
${{ env.SCHEMA_CHANGES }}
git checkout "origin/$HEAD_REF" comment-tag: schemaCheck
github-token: ${{ secrets.GITHUB_TOKEN }}
- if:
# Apply and add our changes, but don't commit any files we expect to contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') &&
github.actor == 'pulumi-bot'
# always change due to versioning. name: Add label if no breaking changes
uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3
git stash pop with:
labels: impact/no-changelog-required
git add sdk number: ${{ github.event.issue.number }}
github_token: ${{ secrets.GITHUB_TOKEN }}
git reset sdk/python/*/pulumi-plugin.json \ - name: Build Provider
sdk/python/pyproject.toml \ run: make provider
sdk/dotnet/pulumi-plugin.json \ - name: Check worktree clean
sdk/dotnet/*.*.csproj \ id: worktreeClean
sdk/dotnet/version.txt \ uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1
sdk/go/*/pulumi-plugin.json \ with:
sdk/go/*/internal/pulumiUtilities.go \ allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json sdk/nodejs/package.json
sdk/python/pyproject.toml
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git commit -m 'Commit SDK for Renovate' git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Push with pulumi-bot credentials to trigger a re-run of the # Apply and add our changes, but don't commit any files we expect to
# workflow. https://github.com/orgs/community/discussions/25702 # always change due to versioning.
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" git stash pop
env:
HEAD_REF: ${{ github.head_ref }} git add sdk
- run: git status --porcelain
- name: Tar provider binaries git reset sdk/python/*/pulumi-plugin.json \
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ sdk/python/pyproject.toml \
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} sdk/dotnet/pulumi-plugin.json \
pulumi-gen-${{ env.PROVIDER}} sdk/dotnet/*.*.csproj \
- name: Upload artifacts sdk/dotnet/version.txt \
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 sdk/go/*/pulumi-plugin.json \
with: sdk/go/*/internal/pulumiUtilities.go \
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz sdk/nodejs/package.json
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library git commit -m 'Commit SDK for Renovate'
run: make test_provider
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3 # Push with pulumi-bot credentials to trigger a re-run of the
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} # workflow. https://github.com/orgs/community/discussions/25702
- if: failure() && github.event_name == 'push'
name: Notify Slack git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0 env:
with: HEAD_REF: ${{ github.head_ref }}
author_name: Failure in building provider prerequisites - run: git status --porcelain
fields: repo,commit,author,action - name: Tar provider binaries
status: ${{ job.status }} run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
pulumi-gen-${{ env.PROVIDER}}
- name: Upload artifacts
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
if: github.event_name == 'repository_dispatch' || if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository github.event.pull_request.head.repo.full_name == github.repository
build_sdks: build_sdks:
@@ -223,333 +230,336 @@ jobs:
fail-fast: ${{ ! contains(github.actor, 'renovate') }} fail-fast: ${{ ! contains(github.actor, 'renovate') }}
matrix: matrix:
language: language:
- nodejs - nodejs
- python - python
- dotnet - dotnet
- go - go
- java - java
name: build_sdks name: build_sdks
steps: steps:
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with: with:
lfs: true lfs: true
persist-credentials: false persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }} ref: ${{ env.PR_COMMIT_SHA }}
- id: version - id: version
name: Set Provider Version name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with: with:
set-env: PROVIDER_VERSION set-env: PROVIDER_VERSION
- name: Install Go - name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with: with:
go-version: ${{ env.GOVERSION }} go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum" cache-dependency-path: "**/*.sum"
- name: Install pulumictl - name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with: with:
repo: pulumi/pulumictl repo: pulumi/pulumictl
- name: Install Pulumi CLI - name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0 uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node - name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with: with:
node-version: ${{ env.NODEVERSION }} node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org registry-url: https://registry.npmjs.org
- name: Setup DotNet - name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with: with:
dotnet-version: ${{ env.DOTNETVERSION }} dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python - name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with: with:
python-version: ${{ env.PYTHONVERSION }} python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java - name: Setup Java
uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
with: with:
java-version: ${{ env.JAVAVERSION }} java-version: ${{ env.JAVAVERSION }}
distribution: temurin distribution: temurin
cache: gradle cache: gradle
- name: Setup Gradle - name: Setup Gradle
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with: with:
gradle-version: "7.6" gradle-version: "7.6"
- name: Download provider - name: Download provider
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
with: with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin path: ${{ github.workspace }}/bin
- name: UnTar provider binaries - name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin github.workspace}}/bin
- name: Restore Binary Permissions - name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print run:
-exec chmod +x {} \; find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
- name: Generate SDK -exec chmod +x {} \;
run: make generate_${{ matrix.language }} - name: Generate SDK
- name: Build SDK run: make generate_${{ matrix.language }}
run: make build_${{ matrix.language }} - name: Build SDK
- name: Check worktree clean run: make build_${{ matrix.language }}
id: worktreeClean - name: Check worktree clean
uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 id: worktreeClean
with: uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1
allowed-changes: |- with:
sdk/**/pulumi-plugin.json allowed-changes: |-
sdk/dotnet/*.*.csproj sdk/**/pulumi-plugin.json
sdk/dotnet/version.txt sdk/dotnet/*.*.csproj
sdk/go/**/pulumiUtilities.go sdk/dotnet/version.txt
sdk/nodejs/package.json sdk/go/**/pulumiUtilities.go
sdk/python/pyproject.toml
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json sdk/nodejs/package.json
sdk/python/pyproject.toml
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git commit -m 'Commit SDK for Renovate' git config --global user.email "bot@pulumi.com"
# Push with pulumi-bot credentials to trigger a re-run of the git config --global user.name "pulumi-bot"
# workflow. https://github.com/orgs/community/discussions/25702 # Stash local changes and check out the PR's branch directly.
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" git stash
env:
HEAD_REF: ${{ github.head_ref }} git fetch
- run: git status --porcelain
- name: Tar SDK folder git checkout "origin/$HEAD_REF"
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
- name: Upload artifacts
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 # Apply and add our changes, but don't commit any files we expect to
with:
name: ${{ matrix.language }}-sdk.tar.gz # always change due to versioning.
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
retention-days: 30 git stash pop
- if: failure() && github.event_name == 'push'
name: Notify Slack git add sdk
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with: git reset sdk/python/*/pulumi-plugin.json \
author_name: Failure while building SDKs sdk/python/pyproject.toml \
fields: repo,commit,author,action sdk/dotnet/pulumi-plugin.json \
status: ${{ job.status }} sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
- name: Upload artifacts
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
retention-days: 30
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
if: github.event_name == 'repository_dispatch' || if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository github.event.pull_request.head.repo.full_name == github.repository
test: test:
runs-on: pulumi-ubuntu-8core runs-on: pulumi-ubuntu-8core
needs: needs:
- build_sdks - build_sdks
strategy: strategy:
fail-fast: true fail-fast: true
matrix: matrix:
language: language:
- nodejs - nodejs
- python - python
- dotnet - dotnet
- go - go
- java - java
- yaml - yaml
name: test name: test
permissions: permissions:
contents: read contents: read
id-token: write id-token: write
steps: steps:
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with: with:
lfs: true lfs: true
persist-credentials: false persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }} ref: ${{ env.PR_COMMIT_SHA }}
- id: version - id: version
name: Set Provider Version name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with: with:
set-env: PROVIDER_VERSION set-env: PROVIDER_VERSION
- name: Install Go - name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with: with:
go-version: ${{ env.GOVERSION }} go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum" cache-dependency-path: "**/*.sum"
- name: Install pulumictl - name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with: with:
repo: pulumi/pulumictl repo: pulumi/pulumictl
- name: Install Pulumi CLI - name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0 uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node - name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with: with:
node-version: ${{ env.NODEVERSION }} node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org registry-url: https://registry.npmjs.org
- name: Setup DotNet - name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1 uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with: with:
dotnet-version: ${{ env.DOTNETVERSION }} dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python - name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with: with:
python-version: ${{ env.PYTHONVERSION }} python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java - name: Setup Java
uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1 uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
with: with:
java-version: ${{ env.JAVAVERSION }} java-version: ${{ env.JAVAVERSION }}
distribution: temurin distribution: temurin
cache: gradle cache: gradle
- name: Setup Gradle - name: Setup Gradle
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with: with:
gradle-version: "7.6" gradle-version: "7.6"
- name: Download provider - name: Download provider
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
with: with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin path: ${{ github.workspace }}/bin
- name: UnTar provider binaries - name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin github.workspace}}/bin
- name: Restore Binary Permissions - name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print run:
-exec chmod +x {} \; find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
- name: Download SDK -exec chmod +x {} \;
if: ${{ matrix.language != 'yaml' }} - name: Download SDK
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 if: ${{ matrix.language != 'yaml' }}
with: uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
name: ${{ matrix.language }}-sdk.tar.gz with:
path: ${{ github.workspace}}/sdk/ name: ${{ matrix.language }}-sdk.tar.gz
- name: UnTar SDK folder path: ${{ github.workspace}}/sdk/
if: ${{ matrix.language != 'yaml' }} - name: UnTar SDK folder
run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{ if: ${{ matrix.language != 'yaml' }}
github.workspace}}/sdk/${{ matrix.language}} run:
- name: Update path tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" github.workspace}}/sdk/${{ matrix.language}}
- name: Install Node dependencies - name: Update path
run: yarn global add typescript run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
- run: dotnet nuget add source ${{ github.workspace }}/nuget - name: Install Node dependencies
- name: Install Python deps run: yarn global add typescript
run: |- - run: dotnet nuget add source ${{ github.workspace }}/nuget
pip3 install virtualenv==20.0.23 - name: Install Python deps
pip3 install pipenv run: |-
- name: Install dependencies pip3 install virtualenv==20.0.23
if: ${{ matrix.language != 'yaml' }} pip3 install pipenv
run: make install_${{ matrix.language}}_sdk - name: Install dependencies
- name: Generate Pulumi Access Token if: ${{ matrix.language != 'yaml' }}
id: generate_pulumi_token run: make install_${{ matrix.language}}_sdk
uses: pulumi/auth-actions@1c89817aab0c66407723cdef72b05266e7376640 # v1.0.1 - name: Generate Pulumi Access Token
with: id: generate_pulumi_token
organization: pulumi uses: pulumi/auth-actions@1c89817aab0c66407723cdef72b05266e7376640 # v1.0.1
requested-token-type: urn:pulumi:token-type:access_token:organization with:
export-environment-variables: false organization: pulumi
- name: Export AWS Credentials requested-token-type: urn:pulumi:token-type:access_token:organization
uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0 export-environment-variables: false
env: - name: Export AWS Credentials
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }} uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0
with: env:
environment: logins/pulumi-ci PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
- name: Authenticate to Google Cloud with:
uses: google-github-actions/auth@ba79af03959ebeac9769e648f473a284504d9193 # v2.1.10 environment: logins/pulumi-ci
with: - name: Authenticate to Google Cloud
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER uses: google-github-actions/auth@ba79af03959ebeac9769e648f473a284504d9193 # v2.1.10
}}/locations/global/workloadIdentityPools/${{ with:
env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} }}/locations/global/workloadIdentityPools/${{
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
- name: Setup gcloud auth env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
uses: google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a # v2.1.4 service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
with: - name: Setup gcloud auth
install_components: gke-gcloud-auth-plugin uses: google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a # v2.1.4
- name: Install gotestfmt with:
uses: GoTestTools/gotestfmt-action@v2 install_components: gke-gcloud-auth-plugin
with: - name: Install gotestfmt
version: v2.5.0 uses: GoTestTools/gotestfmt-action@v2
token: ${{ secrets.GITHUB_TOKEN }} with:
- name: Run tests version: v2.5.0
run: >- token: ${{ secrets.GITHUB_TOKEN }}
set -euo pipefail - name: Run tests
run: >-
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
- if: failure() && github.event_name == 'push' - if: failure() && github.event_name == 'push'
name: Notify Slack name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0 uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with: with:
author_name: Failure in SDK tests author_name: Failure in SDK tests
fields: repo,commit,author,action fields: repo,commit,author,action
status: ${{ job.status }} status: ${{ job.status }}
if: github.event_name == 'repository_dispatch' || if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository github.event.pull_request.head.repo.full_name == github.repository
sentinel: sentinel:
runs-on: ubuntu-latest runs-on: ubuntu-latest
name: sentinel name: sentinel
steps: steps:
- name: Mark workflow as successful - name: Mark workflow as successful
uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 # v1.1.13 uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 # v1.1.13
with: with:
authToken: ${{ secrets.GITHUB_TOKEN }} authToken: ${{ secrets.GITHUB_TOKEN }}
context: Sentinel context: Sentinel
state: success state: success
description: Sentinel checks passed description: Sentinel checks passed
sha: ${{ github.event.pull_request.head.sha || github.sha }} sha: ${{ github.event.pull_request.head.sha || github.sha }}
permissions: permissions:
statuses: write statuses: write
if: github.event_name == 'repository_dispatch' || if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository github.event.pull_request.head.repo.full_name == github.repository
needs: needs:
- test - test
- prerequisites - prerequisites
- lint - lint
lint: lint:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with: with:
lfs: true lfs: true
persist-credentials: false persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }} ref: ${{ env.PR_COMMIT_SHA }}
- name: Install Go - name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with: with:
go-version: ${{ env.GOVERSION }} go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum" cache-dependency-path: "**/*.sum"
- name: Disarm go:embed directives to enable linters that compile source code - name: Disarm go:embed directives to enable linters that compile source code
run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i
's/go:embed/ goembed/g' 's/go:embed/ goembed/g'
- name: golangci-lint provider pkg - name: golangci-lint provider pkg
uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2 uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
with: with:
version: ${{ env.GOLANGCI_LINT_VERSION }} version: ${{ env.GOLANGCI_LINT_VERSION }}
args: -c ../.golangci.yml args: -c ../.golangci.yml
working-directory: provider working-directory: provider
name: lint name: lint
if: github.event_name == 'repository_dispatch' || if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository github.event.pull_request.head.repo.full_name == github.repository