sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity

Update GitHub Actions workflows. (#716)

Browse Source 
This PR was automatically generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit 02f02bb0bfe879d167ed8f335b4950208454bafb.

---------

Co-authored-by: Pulumi Bot <bot@pulumi.com>
Co-authored-by: Bryce Lampe <bryce@pulumi.com>
This commit is contained in:
pulumi-provider-automation[bot]
2025-12-17 18:20:54 +00:00
committed by GitHub
parent 4c8968185c
commit c64d5baba6
17 changed files with 225 additions and 364 deletions
Download Patch File Download Diff File Expand all files Collapse all files

154
.github/workflows/build.yml vendored
View File

@@ -47,7 +47,7 @@ jobs:
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -59,6 +59,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -122,54 +128,6 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar provider binaries
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
@@ -218,7 +176,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -230,6 +188,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -240,7 +204,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Generate SDK
@@ -259,54 +223,6 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
@@ -335,7 +251,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -380,7 +296,7 @@ jobs:
id-token: write # For ESC secrets and Pulumi access token OIDC.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -392,6 +308,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -402,7 +324,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Download SDK
@@ -477,7 +399,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -489,6 +411,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -499,7 +427,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Clear GitHub Actions Ubuntu runner disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
with:
@@ -510,7 +438,7 @@ jobs:
swap-storage: true
large-packages: false
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
@@ -550,7 +478,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -562,6 +490,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -570,7 +504,7 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
path: ci-scripts
repository: pulumi/scripts
@@ -578,7 +512,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download python SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
@@ -631,7 +565,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false
@@ -639,7 +573,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Disarm go:embed directives to enable linters that compile source code
run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i
's/go:embed/ goembed/g'