sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity

Remove unnecessary envOverride (#766)

Browse Source 
Our DockerHub password is in ESC, and a bunch of the other variables
were copy-pasted defaults. We need to keep GCP because that isn't in
ESC yet.

Refs https://github.com/pulumi/ci-mgmt/issues/1583.
This commit is contained in:
Bryce Lampe
2026-02-13 15:57:47 -08:00
committed by GitHub
parent 6aa0b4dde7
commit 710f5d816b
9 changed files with 31 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.ci-mgmt.yaml
View File

@@ -11,19 +11,10 @@ parallel: 3
esc: esc:
enabled: true enabled: true
envOverride: envOverride:
AWS_REGION: us-west-2
PULUMI_API: "https://api.pulumi-staging.io"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT: pulumi-ci-gcp-provider GOOGLE_PROJECT: pulumi-ci-gcp-provider
GOOGLE_PROJECT_NUMBER: 895284651812 GOOGLE_PROJECT_NUMBER: "895284651812"
GOOGLE_REGION: us-central1 GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a GOOGLE_ZONE: us-central1-a
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}

13
.github/workflows/build.yml vendored
View File

@@ -16,19 +16,12 @@ on:
workflow_dispatch: {} workflow_dispatch: {}
env: env:
PROVIDER: docker-build PROVIDER: docker-build
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TRAVIS_OS_NAME: linux TRAVIS_OS_NAME: linux
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
GOVERSION: "1.21.x" GOVERSION: "1.21.x"
NODEVERSION: "20.x" NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8" PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x" DOTNETVERSION: "8.0.x"
JAVAVERSION: "11" JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -37,6 +30,9 @@ env:
GOOGLE_REGION: us-central1 GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TF_APPEND_USER_AGENT: pulumi
jobs: jobs:
prerequisites: prerequisites:
@@ -141,9 +137,6 @@ jobs:
- name: Test Provider Library - name: Test Provider Library
run: make test_provider run: make test_provider
env: env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov - name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1

8
.github/workflows/command-dispatch.yml vendored
View File

@@ -1,11 +1,6 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt # WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
env: env:
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -14,7 +9,10 @@ env:
GOOGLE_REGION: us-central1 GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
PULUMI_PULUMI_ENABLE_JOURNALING: "true" PULUMI_PULUMI_ENABLE_JOURNALING: "true"
TF_APPEND_USER_AGENT: pulumi
jobs: jobs:
command-dispatch-for-testing: command-dispatch-for-testing:

8
.github/workflows/lint.yml vendored
View File

@@ -7,11 +7,6 @@ on:
inputs: {} inputs: {}
env: env:
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -20,7 +15,10 @@ env:
GOOGLE_REGION: us-central1 GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
PULUMI_PULUMI_ENABLE_JOURNALING: "true" PULUMI_PULUMI_ENABLE_JOURNALING: "true"
TF_APPEND_USER_AGENT: pulumi
jobs: jobs:
lint: lint:

13
.github/workflows/prerelease.yml vendored
View File

@@ -7,19 +7,12 @@ on:
- v*.*.*-** - v*.*.*-**
env: env:
PROVIDER: docker-build PROVIDER: docker-build
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TRAVIS_OS_NAME: linux TRAVIS_OS_NAME: linux
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
GOVERSION: "1.21.x" GOVERSION: "1.21.x"
NODEVERSION: "20.x" NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8" PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x" DOTNETVERSION: "8.0.x"
JAVAVERSION: "11" JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -28,6 +21,9 @@ env:
GOOGLE_REGION: us-central1 GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TF_APPEND_USER_AGENT: pulumi
IS_PRERELEASE: true IS_PRERELEASE: true
jobs: jobs:
@@ -133,9 +129,6 @@ jobs:
- name: Test Provider Library - name: Test Provider Library
run: make test_provider run: make test_provider
env: env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov - name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1

13
.github/workflows/release.yml vendored
View File

@@ -8,19 +8,12 @@ on:
- "!v*.*.*-**" - "!v*.*.*-**"
env: env:
PROVIDER: docker-build PROVIDER: docker-build
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TRAVIS_OS_NAME: linux TRAVIS_OS_NAME: linux
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
GOVERSION: "1.21.x" GOVERSION: "1.21.x"
NODEVERSION: "20.x" NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8" PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x" DOTNETVERSION: "8.0.x"
JAVAVERSION: "11" JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -29,6 +22,9 @@ env:
GOOGLE_REGION: us-central1 GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TF_APPEND_USER_AGENT: pulumi
jobs: jobs:
prerequisites: prerequisites:
@@ -133,9 +129,6 @@ jobs:
- name: Test Provider Library - name: Test Provider Library
run: make test_provider run: make test_provider
env: env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov - name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1

13
.github/workflows/run-acceptance-tests.yml vendored
View File

@@ -11,19 +11,12 @@ on:
workflow_dispatch: {} workflow_dispatch: {}
env: env:
PROVIDER: docker-build PROVIDER: docker-build
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TRAVIS_OS_NAME: linux TRAVIS_OS_NAME: linux
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
GOVERSION: "1.21.x" GOVERSION: "1.21.x"
NODEVERSION: "20.x" NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8" PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x" DOTNETVERSION: "8.0.x"
JAVAVERSION: "11" JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -32,7 +25,10 @@ env:
GOOGLE_REGION: us-central1 GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
PULUMI_PULUMI_ENABLE_JOURNALING: "true" PULUMI_PULUMI_ENABLE_JOURNALING: "true"
TF_APPEND_USER_AGENT: pulumi
PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }}
jobs: jobs:
comment-notification: comment-notification:
@@ -209,9 +205,6 @@ jobs:
- name: Test Provider Library - name: Test Provider Library
run: make test_provider run: make test_provider
env: env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov - name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1

10
.github/workflows/weekly-pulumi-update.yml vendored
View File

@@ -8,19 +8,12 @@ on:
env: env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PROVIDER: docker-build PROVIDER: docker-build
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TRAVIS_OS_NAME: linux TRAVIS_OS_NAME: linux
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
GOVERSION: "1.21.x" GOVERSION: "1.21.x"
NODEVERSION: "20.x" NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8" PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x" DOTNETVERSION: "8.0.x"
JAVAVERSION: "11" JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -29,7 +22,10 @@ env:
GOOGLE_REGION: us-central1 GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
PULUMI_PULUMI_ENABLE_JOURNALING: "true" PULUMI_PULUMI_ENABLE_JOURNALING: "true"
TF_APPEND_USER_AGENT: pulumi
jobs: jobs:
weekly-pulumi-update: weekly-pulumi-update:

2
examples/tests/ecr/Pulumi.yaml
View File

@@ -38,3 +38,5 @@ variables:
auth-token: auth-token:
fn::aws:ecr:getAuthorizationToken: fn::aws:ecr:getAuthorizationToken:
registryId: ${ecr-repository.registryId} registryId: ${ecr-repository.registryId}
config:
aws:region: us-west-2