sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity

Update GitHub Actions workflows. (#761)

Browse Source 
This PR was automatically generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit f34bb277a6b5001ebd945cebced51ef890cdb7b9.

Co-authored-by: Pulumi Bot <bot@pulumi.com>
This commit is contained in:
pulumi-provider-automation[bot]
2026-02-11 06:04:08 +00:00
committed by GitHub
parent c11144e1b3
commit 8cb8d21332
3 changed files with 66 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
.github/workflows/lint.yml vendored
View File

@@ -1,4 +1,4 @@
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
name: lint
@@ -7,15 +7,6 @@ on:
inputs: {}
env:
PROVIDER: docker-build
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TRAVIS_OS_NAME: linux
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
GOVERSION: "1.21.x"
NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x"
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
@@ -29,29 +20,50 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
jobs:
lint:
name: lint
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
persist-credentials: false
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- name: Setup mise
uses: blampe/mise-action@blampe/plugins
env:
MISE_FETCH_REMOTE_VERSIONS_TIMEOUT: 30s
with:
version: 2026.1.1
github_token: ${{ steps.app-auth.outputs.token }}
- name: Disarm go:embed directives to enable linters that compile source code
run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i
's/go:embed/ goembed/g'
- name: golangci-lint provider pkg
uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
with:
install-mode: none # Handled by mise.
working-directory: .
name: lint
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
plugin_install: https://github.com/pulumi/vfox-pulumi
cache_save: false # A different job handles caching our tools.
- name: prepare workspace
continue-on-error: true
run: make prepare_local_workspace
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: lint
run: make lint

24
.github/workflows/run-acceptance-tests.yml vendored
View File

@@ -536,26 +536,8 @@ jobs:
- prerequisites
- lint
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Disarm go:embed directives to enable linters that compile source code
run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i
's/go:embed/ goembed/g'
- name: golangci-lint provider pkg
uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
with:
install-mode: none # Handled by mise.
working-directory: .
name: lint
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
name: lint
uses: ./.github/workflows/lint.yml
secrets: inherit

117
.golangci.yml
View File

@@ -1,39 +1,32 @@
run:
timeout: 10m
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
linters:
enable-all: false
enable:
- depguard
- errcheck
- exhaustive
- copyloopvar
- gci
- gocritic
- gofumpt
- goheader
- gosec
- govet
- importas
- ineffassign
- lll
- misspell
- nakedret
- nolintlint
- paralleltest
- perfsprint
- prealloc
- revive
- unconvert
- unused
- errcheck
- gci
- goconst
- gofmt
- gosec
- govet
- ineffassign
- lll
- gosimple
- staticcheck
- misspell
- nakedret
- revive
- unconvert
- unused
enable-all: false
issues:
exclude-dirs:
- pkg/vendored
exclude-files:
- schema.go
- pulumiManifest.go
run:
timeout: 20m
linters-settings:
depguard:
rules:
protobuf:
deny:
- pkg: "github.com/golang/protobuf"
desc: Use google.golang.org/protobuf instead
gci:
sections:
- standard # Standard section: captures all standard library packages.
@@ -42,63 +35,3 @@ linters-settings:
- prefix(github.com/pulumi/) # Custom section: groups all imports with the github.com/pulumi/ prefix.
- prefix(github.com/pulumi/pulumi-docker-build) # Custom section: local imports
custom-order: true
gocritic:
enable-all: true
disabled-checks:
- hugeParam
- importShadow
goheader:
template: |-
Copyright 2024, Pulumi Corporation.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
govet:
enable:
- nilness
# Reject comparisons of reflect.Value with DeepEqual or '=='.
- reflectvaluecompare
# Reject sort.Slice calls with a non-slice argument.
- sortslice
# Detect write to struct/arrays by-value that aren't read again.
- unusedwrite
nakedret:
# Make an issue if func has more lines of code than this setting, and it has naked returns.
# Default: 30
max-func-lines: 60
nolintlint:
# Some linter exclusions are added to generated or templated files
# pre-emptively.
# Don't complain about these.
allow-unused: true
issues:
exclude-use-default: false
exclude-rules:
# Don't warn on unused parameters.
# Parameter names are useful; replacing them with '_' is undesirable.
- linters: [revive]
text: 'unused-parameter: parameter \S+ seems to be unused, consider removing or renaming it as _'
# staticcheck already has smarter checks for empty blocks.
# revive's empty-block linter has false positives.
# For example, as of writing this, the following is not allowed.
# for foo() { }
- linters: [revive]
text: "empty-block: this block is empty, you can remove it"
# We *frequently* use the term 'new' in the context of properties
# (new and old properties),
# and we rarely use the 'new' built-in function.
# It's fine to ignore these cases.
- linters: [revive]
text: "redefines-builtin-id: redefinition of the built-in function new"