Fix CI

remove version
Fix CI
2024-03-07 16:46:47 -08:00 · 2024-03-07 16:27:01 -08:00 · 2024-03-07 16:23:15 -08:00
437 changed files with 7055 additions and 71254 deletions
--- a/.gitattributes
+++ b/.gitattributes
@@ -1,2 +0,0 @@
 sdk/**/* linguist-generated=true
 provider/internal/mock*.go linguist-generated=true
--- a/.github/actions/setup-tools/action.yml
+++ b/.github/actions/setup-tools/action.yml
@@ -1,34 +0,0 @@
 name: Setup tools
 description: Installs all tools necessary for building and testing the project.
 runs:
  using: "composite"
  steps:
    - name: Collect workflow stats
      uses: catchpoint/workflow-telemetry-action@v2
      with:
        comment_on_pr: false
      env:
        GITHUB_TOKEN: ""
    - name: Setup mise
      uses: jdx/mise-action@v2
    - name: Go cache paths
      id: go-cache-paths
      shell: sh
      run: |
        echo "go-build=$(go env GOCACHE)" >> $GITHUB_OUTPUT
        echo "go-mod=$(go env GOMODCACHE)" >> $GITHUB_OUTPUT
    - name: Go build cache
      uses: actions/cache@v2
      with:
        path: ${{ steps.go-cache-paths.outputs.go-build }}
        key: ${{ runner.os }}-go-build-${{ hashFiles('**/go.sum') }}
    - name: Go mod cache
      uses: actions/cache@v2
      with:
        path: ${{ steps.go-cache-paths.outputs.go-mod }}
        key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }}
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -1,25 +0,0 @@
 version: 2
 updates:
  - package-ecosystem: gomod
    directory: /
    schedule:
      interval: daily
    groups:
      pulumi:
        patterns:
          - "github.com/pulumi/*"
      docker:
        patterns:
          - "github.com/distribution/*"
          - "github.com/docker/*"
          - "github.com/moby/*"
      security:
        applies-to: security-updates
        patterns:
          - "*"
      other:
        patterns:
          - "*"
    labels:
      - dependencies
      - impact/no-changelog-required
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,591 +0,0 @@
 # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
 name: build
 on:
  push:
    branches:
    - master
    - main
    - feature-**
    paths-ignore:
    - CHANGELOG.md
    tags-ignore:
    - v*
    - sdk/*
    - "**"
  workflow_dispatch: {}
 env:
  GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
  PROVIDER: docker-build
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
  PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PYPI_USERNAME: __token__
  PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
  TRAVIS_OS_NAME: linux
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
  PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
  PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
  PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
  SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
  SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
  SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
  GOVERSION: 1.21.x
  NODEVERSION: 20.x
  PYTHONVERSION: "3.11"
  DOTNETVERSION: |
    6.0.x
    3.1.301
  JAVAVERSION: "11"
  AWS_REGION: us-west-2
  PULUMI_API: https://api.pulumi-staging.io
  ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
  ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
  ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
  AZURE_LOCATION: westus
  DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
  GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
  GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
  GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
  GOOGLE_PROJECT: pulumi-ci-gcp-provider
  GOOGLE_PROJECT_NUMBER: 895284651812
  GOOGLE_REGION: us-central1
  GOOGLE_ZONE: us-central1-a
  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
 jobs:
  prerequisites:
    runs-on: ubuntu-latest
    name: prerequisites
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - if: github.event_name == 'pull_request'
      name: Install Schema Tools
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/schema-tools
    - name: Build codegen binaries
      run: make codegen
    - name: Build Schema
      run: make generate_schema
    - if: github.event_name == 'pull_request'
      name: Check Schema is Valid
      run: >-
        echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV
        schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV
        echo 'EOF' >> $GITHUB_ENV
      env:
        GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
    - if: github.event_name == 'pull_request'
      name: Comment on PR with Details of Schema Check
      uses: thollander/actions-comment-pull-request@v2
      with:
        message: |
          ${{ env.SCHEMA_CHANGES }}
        comment_tag: schemaCheck
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') &&
        github.actor == 'pulumi-bot'
      name: Add label if no breaking changes
      uses: actions-ecosystem/action-add-labels@v1.1.0
      with:
        labels: impact/no-changelog-required
        number: ${{ github.event.issue.number }}
        github_token: ${{ secrets.GITHUB_TOKEN }}
    - name: Build Provider
      run: make provider
    - name: Check worktree clean
      uses: pulumi/git-status-check-action@v1
      with:
        allowed-changes: |-
          sdk/**/pulumi-plugin.json
          sdk/dotnet/Pulumi.*.csproj
          sdk/go/**/pulumiUtilities.go
          sdk/nodejs/package.json
          sdk/python/pyproject.toml
    - run: git status --porcelain
    - name: Tar provider binaries
      run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
        github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
        pulumi-gen-${{ env.PROVIDER}}
    - name: Upload artifacts
      uses: actions/upload-artifact@v4
      with:
        name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
        path: ${{ github.workspace }}/bin/provider.tar.gz
    - name: Test Provider Library
      run: make test_provider
    - name: Upload coverage reports to Codecov
      uses: codecov/codecov-action@v4
      env:
        CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in building provider prerequisites
        fields: repo,commit,author,action
        status: ${{ job.status }}
  build_sdks:
    needs: prerequisites
    runs-on: pulumi-ubuntu-8core
    strategy:
      fail-fast: true
      matrix:
        language:
        - nodejs
        - python
        - dotnet
        - go
        - java
    name: build_sdks
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        java-version: ${{ env.JAVAVERSION }}
        distribution: temurin
        cache: gradle
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v3
      with:
        gradle-version: "7.6"
    - name: Download provider + tfgen binaries
      uses: actions/download-artifact@v4
      with:
        name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
        path: ${{ github.workspace }}/bin
    - name: UnTar provider binaries
      run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
        github.workspace}}/bin
    - name: Restore Binary Permissions
      run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
        -exec chmod +x {} \;
    - name: Generate SDK
      run: make generate_${{ matrix.language }}
    - name: Build SDK
      run: make build_${{ matrix.language }}
    - name: Check worktree clean
      uses: pulumi/git-status-check-action@v1
      with:
        allowed-changes: |-
          sdk/**/pulumi-plugin.json
          sdk/dotnet/Pulumi.*.csproj
          sdk/go/**/pulumiUtilities.go
          sdk/nodejs/package.json
          sdk/python/pyproject.toml
    - run: git status --porcelain
    - name: Tar SDK folder
      run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
    - name: Upload artifacts
      uses: actions/upload-artifact@v4
      with:
        name: ${{ matrix.language  }}-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
        retention-days: 30
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure while building SDKs
        fields: repo,commit,author,action
        status: ${{ job.status }}
  test:
    runs-on: pulumi-ubuntu-8core
    needs:
    - build_sdks
    strategy:
      fail-fast: true
      matrix:
        language:
        - nodejs
        - python
        - dotnet
        - go
        - java
    name: test
    permissions:
      contents: read
      id-token: write
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        java-version: ${{ env.JAVAVERSION }}
        distribution: temurin
        cache: gradle
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v3
      with:
        gradle-version: "7.6"
    - name: Download provider + tfgen binaries
      uses: actions/download-artifact@v4
      with:
        name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
        path: ${{ github.workspace }}/bin
    - name: UnTar provider binaries
      run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
        github.workspace}}/bin
    - name: Restore Binary Permissions
      run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
        -exec chmod +x {} \;
    - name: Download SDK
      uses: actions/download-artifact@v4
      with:
        name: ${{ matrix.language }}-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: UnTar SDK folder
      run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
        github.workspace}}/sdk/${{ matrix.language}}
    - name: Update path
      run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
    - name: Install Node dependencies
      run: yarn global add typescript
    - run: dotnet nuget add source ${{ github.workspace }}/nuget
    - name: Install Python deps
      run: |-
        pip3 install virtualenv==20.0.23
        pip3 install pipenv
    - name: Install dependencies
      run: make install_${{ matrix.language}}_sdk
    - name: Configure AWS Credentials
      uses: aws-actions/configure-aws-credentials@v4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-region: ${{ env.AWS_REGION }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        role-duration-seconds: 3600
        role-session-name: ${{ env.PROVIDER }}@githubActions
        role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
    - name: Authenticate to Google Cloud
      uses: google-github-actions/auth@v0
      with:
        workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
          }}/locations/global/workloadIdentityPools/${{
          env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
          env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
        service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
    - name: Setup gcloud auth
      uses: google-github-actions/setup-gcloud@v2
      with:
        install_components: gke-gcloud-auth-plugin
    - name: Install gotestfmt
      uses: GoTestTools/gotestfmt-action@v2
      with:
        version: v2.5.0
        token: ${{ secrets.GITHUB_TOKEN }}
    - name: Run tests
      run: >-
        set -euo pipefail
        cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in SDK tests
        fields: repo,commit,author,action
        status: ${{ job.status }}
  publish:
    runs-on: ubuntu-latest
    needs: test
    name: publish
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Clear GitHub Actions Ubuntu runner disk space
      uses: jlumbroso/free-disk-space@v1.3.1
      with:
        tool-cache: false
        dotnet: false
        android: true
        haskell: true
        swap-storage: true
        large-packages: false
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Configure AWS Credentials
      uses: aws-actions/configure-aws-credentials@v4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-region: us-east-2
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        role-duration-seconds: 7200
        role-session-name: ${{ env.PROVIDER }}@githubActions
        role-external-id: upload-pulumi-release
        role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
    - name: Run GoReleaser
      uses: goreleaser/goreleaser-action@v5
      env:
        GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
      with:
        args: -p 3 -f .goreleaser.prerelease.yml --clean --skip=validate --timeout 60m0s
        version: latest
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in publishing binaries
        fields: repo,commit,author,action
        status: ${{ job.status }}
  publish_sdk:
    runs-on: ubuntu-latest
    needs: publish
    name: publish_sdk
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Checkout Scripts Repo
      uses: actions/checkout@v4
      with:
        path: ci-scripts
        repository: pulumi/scripts
    - run: echo "ci-scripts" >> .git/info/exclude
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Download python SDK
      uses: actions/download-artifact@v4
      with:
        name: python-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress python SDK
      run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
        ${{github.workspace}}/sdk/python
    - name: Download dotnet SDK
      uses: actions/download-artifact@v4
      with:
        name: dotnet-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress dotnet SDK
      run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
        ${{github.workspace}}/sdk/dotnet
    - name: Download nodejs SDK
      uses: actions/download-artifact@v4
      with:
        name: nodejs-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress nodejs SDK
      run: tar -zxf ${{github.workspace}}/sdk/nodejs.tar.gz -C
        ${{github.workspace}}/sdk/nodejs
    - name: Install Twine
      run: python -m pip install twine==5.0.0
    - name: Publish SDKs
      run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
      env:
        NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
        PYPI_PUBLISH_ARTIFACTS: all
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in publishing SDK
        fields: repo,commit,author,action
        status: ${{ job.status }}
  publish_java_sdk:
    runs-on: ubuntu-latest
    continue-on-error: true
    needs: publish
    name: publish_java_sdk
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        java-version: ${{ env.JAVAVERSION }}
        distribution: temurin
        cache: gradle
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v3
      with:
        gradle-version: "7.6"
    - name: Download java SDK
      uses: actions/download-artifact@v4
      with:
        name: java-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress java SDK
      run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C
        ${{github.workspace}}/sdk/java
    - name: Publish Java SDK
      uses: gradle/gradle-build-action@v3
      env:
        PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }}
      with:
        arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository
        build-root-directory: ./sdk/java
        gradle-version: 7.4.1
  lint:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
        ref: ${{ env.PR_COMMIT_SHA }}
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: golangci-lint provider pkg
      uses: golangci/golangci-lint-action@v4
      with:
        version: ${{ env.GOLANGCI_LINT_VERSION }}
        args: -c ../.golangci.yml
        working-directory: provider
    name: lint
    if: github.event_name == 'repository_dispatch' ||
      github.event.pull_request.head.repo.full_name == github.repository
--- a/.github/workflows/command-dispatch.yml
+++ b/.github/workflows/command-dispatch.yml
@@ -1,67 +0,0 @@
 # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
 name: command-dispatch
 on:
  issue_comment:
    types:
    - created
    - edited
 env:
  GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
  PROVIDER: docker-build
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
  PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PYPI_USERNAME: __token__
  PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
  TRAVIS_OS_NAME: linux
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
  PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
  PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
  PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
  SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
  SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
  SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
  GOVERSION: 1.21.x
  NODEVERSION: 20.x
  PYTHONVERSION: "3.11"
  DOTNETVERSION: |
    6.0.x
    3.1.301
  JAVAVERSION: "11"
  AWS_REGION: us-west-2
  PULUMI_API: https://api.pulumi-staging.io
  ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
  ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
  ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
  AZURE_LOCATION: westus
  DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
  GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
  GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
  GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
  GOOGLE_PROJECT: pulumi-ci-gcp-provider
  GOOGLE_PROJECT_NUMBER: 895284651812
  GOOGLE_REGION: us-central1
  GOOGLE_ZONE: us-central1-a
  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
 jobs:
  command-dispatch-for-testing:
    runs-on: ubuntu-latest
    name: command-dispatch-for-testing
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - uses: peter-evans/slash-command-dispatch@v2
      with:
        token: ${{ secrets.PULUMI_BOT_TOKEN }}
        reaction-token: ${{ secrets.GITHUB_TOKEN }}
        commands: run-acceptance-tests
        permission: write
        issue-type: pull-request
        repository: pulumi/pulumi-docker-build
    if: ${{ github.event.issue.pull_request }}
--- a/.github/workflows/makefile.yaml
+++ b/.github/workflows/makefile.yaml
@@ -0,0 +1,51 @@
 name: Makefile
 on:
  workflow_dispatch:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main
  schedule:
    - cron: "0 0 * * *"
 jobs:
  build:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: read
      actions: read
    steps:
      - name: Checkout repository
        uses: actions/checkout@v4
        id: git
        with:
          submodules: "recursive"
      - name: Build
        id: build
        run: |
          make build
      - name: Install
        id: install
        run: |
          set -ex
          make install
      - name: PulumiUp
        id: up
        run: make up
      - name: PulumiDown
        id: down
        run: make down
      - name: Generate multi-language examples from yaml IaC program
        id: examples
        run: |
          set -ex
          make gen_examples
--- a/.github/workflows/prerelease.yml
+++ b/.github/workflows/prerelease.yml
@@ -1,592 +0,0 @@
 # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
 name: prerelease
 on:
  push:
    tags:
    - v*.*.*-**
 env:
  GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
  PROVIDER: docker-build
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
  PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PYPI_USERNAME: __token__
  PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
  TRAVIS_OS_NAME: linux
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
  PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
  PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
  PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
  SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
  SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
  SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
  GOVERSION: 1.21.x
  NODEVERSION: 20.x
  PYTHONVERSION: "3.11"
  DOTNETVERSION: |
    6.0.x
    3.1.301
  JAVAVERSION: "11"
  AWS_REGION: us-west-2
  PULUMI_API: https://api.pulumi-staging.io
  ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
  ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
  ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
  AZURE_LOCATION: westus
  DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
  GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
  GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
  GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
  GOOGLE_PROJECT: pulumi-ci-gcp-provider
  GOOGLE_PROJECT_NUMBER: 895284651812
  GOOGLE_REGION: us-central1
  GOOGLE_ZONE: us-central1-a
  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
  IS_PRERELEASE: true
 jobs:
  prerequisites:
    runs-on: ubuntu-latest
    name: prerequisites
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - if: github.event_name == 'pull_request'
      name: Install Schema Tools
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/schema-tools
    - name: Build codegen binaries
      run: make codegen
    - name: Build Schema
      run: make generate_schema
    - if: github.event_name == 'pull_request'
      name: Check Schema is Valid
      run: >-
        echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV
        schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV
        echo 'EOF' >> $GITHUB_ENV
      env:
        GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
    - if: github.event_name == 'pull_request'
      name: Comment on PR with Details of Schema Check
      uses: thollander/actions-comment-pull-request@v2
      with:
        message: |
          ${{ env.SCHEMA_CHANGES }}
        comment_tag: schemaCheck
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') &&
        github.actor == 'pulumi-bot'
      name: Add label if no breaking changes
      uses: actions-ecosystem/action-add-labels@v1.1.0
      with:
        labels: impact/no-changelog-required
        number: ${{ github.event.issue.number }}
        github_token: ${{ secrets.GITHUB_TOKEN }}
    - name: Build Provider
      run: make provider
    - name: Check worktree clean
      uses: pulumi/git-status-check-action@v1
      with:
        allowed-changes: |-
          sdk/**/pulumi-plugin.json
          sdk/dotnet/Pulumi.*.csproj
          sdk/go/**/pulumiUtilities.go
          sdk/nodejs/package.json
          sdk/python/pyproject.toml
    - run: git status --porcelain
    - name: Tar provider binaries
      run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
        github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
        pulumi-gen-${{ env.PROVIDER}}
    - name: Upload artifacts
      uses: actions/upload-artifact@v4
      with:
        name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
        path: ${{ github.workspace }}/bin/provider.tar.gz
    - name: Test Provider Library
      run: make test_provider
    - name: Upload coverage reports to Codecov
      uses: codecov/codecov-action@v4
      env:
        CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in building provider prerequisites
        fields: repo,commit,author,action
        status: ${{ job.status }}
  build_sdks:
    needs: prerequisites
    runs-on: pulumi-ubuntu-8core
    strategy:
      fail-fast: true
      matrix:
        language:
        - nodejs
        - python
        - dotnet
        - go
        - java
    name: build_sdks
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        java-version: ${{ env.JAVAVERSION }}
        distribution: temurin
        cache: gradle
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v3
      with:
        gradle-version: "7.6"
    - name: Download provider + tfgen binaries
      uses: actions/download-artifact@v4
      with:
        name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
        path: ${{ github.workspace }}/bin
    - name: UnTar provider binaries
      run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
        github.workspace}}/bin
    - name: Restore Binary Permissions
      run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
        -exec chmod +x {} \;
    - name: Generate SDK
      run: make generate_${{ matrix.language }}
    - name: Build SDK
      run: make build_${{ matrix.language }}
    - name: Check worktree clean
      uses: pulumi/git-status-check-action@v1
      with:
        allowed-changes: |-
          sdk/**/pulumi-plugin.json
          sdk/dotnet/Pulumi.*.csproj
          sdk/go/**/pulumiUtilities.go
          sdk/nodejs/package.json
          sdk/python/pyproject.toml
    - run: git status --porcelain
    - name: Tar SDK folder
      run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
    - name: Upload artifacts
      uses: actions/upload-artifact@v4
      with:
        name: ${{ matrix.language  }}-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure while building SDKs
        fields: repo,commit,author,action
        status: ${{ job.status }}
  test:
    runs-on: pulumi-ubuntu-8core
    needs:
    - build_sdks
    strategy:
      fail-fast: true
      matrix:
        language:
        - nodejs
        - python
        - dotnet
        - go
        - java
    name: test
    permissions:
      contents: read
      id-token: write
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        java-version: ${{ env.JAVAVERSION }}
        distribution: temurin
        cache: gradle
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v3
      with:
        gradle-version: "7.6"
    - name: Download provider + tfgen binaries
      uses: actions/download-artifact@v4
      with:
        name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
        path: ${{ github.workspace }}/bin
    - name: UnTar provider binaries
      run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
        github.workspace}}/bin
    - name: Restore Binary Permissions
      run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
        -exec chmod +x {} \;
    - name: Download SDK
      uses: actions/download-artifact@v4
      with:
        name: ${{ matrix.language }}-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: UnTar SDK folder
      run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
        github.workspace}}/sdk/${{ matrix.language}}
    - name: Update path
      run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
    - name: Install Node dependencies
      run: yarn global add typescript
    - run: dotnet nuget add source ${{ github.workspace }}/nuget
    - name: Install Python deps
      run: |-
        pip3 install virtualenv==20.0.23
        pip3 install pipenv
    - name: Install dependencies
      run: make install_${{ matrix.language}}_sdk
    - name: Configure AWS Credentials
      uses: aws-actions/configure-aws-credentials@v4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-region: ${{ env.AWS_REGION }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        role-duration-seconds: 3600
        role-session-name: ${{ env.PROVIDER }}@githubActions
        role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
    - name: Authenticate to Google Cloud
      uses: google-github-actions/auth@v0
      with:
        workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
          }}/locations/global/workloadIdentityPools/${{
          env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
          env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
        service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
    - name: Setup gcloud auth
      uses: google-github-actions/setup-gcloud@v2
      with:
        install_components: gke-gcloud-auth-plugin
    - name: Install gotestfmt
      uses: GoTestTools/gotestfmt-action@v2
      with:
        version: v2.5.0
        token: ${{ secrets.GITHUB_TOKEN }}
    - name: Run tests
      run: >-
        set -euo pipefail
        cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in SDK tests
        fields: repo,commit,author,action
        status: ${{ job.status }}
  publish:
    runs-on: ubuntu-latest
    needs: test
    name: publish
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Clear GitHub Actions Ubuntu runner disk space
      uses: jlumbroso/free-disk-space@v1.3.1
      with:
        tool-cache: false
        dotnet: false
        android: true
        haskell: true
        swap-storage: true
        large-packages: false
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Configure AWS Credentials
      uses: aws-actions/configure-aws-credentials@v4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-region: us-east-2
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        role-duration-seconds: 7200
        role-session-name: ${{ env.PROVIDER }}@githubActions
        role-external-id: upload-pulumi-release
        role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
    - name: Run GoReleaser
      uses: goreleaser/goreleaser-action@v5
      env:
        GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
      with:
        args: -p 3 -f .goreleaser.prerelease.yml --clean --skip=validate --timeout 60m0s
        version: latest
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in publishing binaries
        fields: repo,commit,author,action
        status: ${{ job.status }}
  publish_sdk:
    runs-on: ubuntu-latest
    needs: publish
    name: publish_sdk
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Checkout Scripts Repo
      uses: actions/checkout@v4
      with:
        path: ci-scripts
        repository: pulumi/scripts
    - run: echo "ci-scripts" >> .git/info/exclude
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Download python SDK
      uses: actions/download-artifact@v4
      with:
        name: python-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress python SDK
      run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
        ${{github.workspace}}/sdk/python
    - name: Download dotnet SDK
      uses: actions/download-artifact@v4
      with:
        name: dotnet-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress dotnet SDK
      run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
        ${{github.workspace}}/sdk/dotnet
    - name: Download nodejs SDK
      uses: actions/download-artifact@v4
      with:
        name: nodejs-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress nodejs SDK
      run: tar -zxf ${{github.workspace}}/sdk/nodejs.tar.gz -C
        ${{github.workspace}}/sdk/nodejs
    - name: Install Twine
      run: python -m pip install twine==5.0.0
    - name: Publish SDKs
      run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
      env:
        NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
        PYPI_PUBLISH_ARTIFACTS: all
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in publishing SDK
        fields: repo,commit,author,action
        status: ${{ job.status }}
  publish_java_sdk:
    runs-on: ubuntu-latest
    continue-on-error: true
    needs: publish
    name: publish_java_sdk
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        java-version: ${{ env.JAVAVERSION }}
        distribution: temurin
        cache: gradle
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v3
      with:
        gradle-version: "7.6"
    - name: Download java SDK
      uses: actions/download-artifact@v4
      with:
        name: java-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress java SDK
      run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C
        ${{github.workspace}}/sdk/java
    - name: Publish Java SDK
      uses: gradle/gradle-build-action@v3
      env:
        PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }}
      with:
        arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository
        build-root-directory: ./sdk/java
        gradle-version: 7.4.1
  publish_go_sdk:
    runs-on: ubuntu-latest
    name: publish-go-sdk
    needs: publish_sdk
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Download go SDK
      uses: actions/download-artifact@v4
      with:
        name: go-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress go SDK
      run: tar -zxf ${{github.workspace}}/sdk/go.tar.gz -C
        ${{github.workspace}}/sdk/go
    - name: Publish Go SDK
      uses: pulumi/publish-go-sdk-action@v1
      with:
        repository: ${{ github.repository }}
        base-ref: ${{ github.sha }}
        source: sdk/go/dockerbuild
        path: sdk/go/dockerbuild
        version: ${{ steps.version.outputs.version }}
        additive: false
        files: "**"
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@@ -1,64 +0,0 @@
 # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
 name: pull-request
 on:
  pull_request_target: {}
 env:
  GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
  PROVIDER: docker-build
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
  PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PYPI_USERNAME: __token__
  PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
  TRAVIS_OS_NAME: linux
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
  PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
  PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
  PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
  SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
  SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
  SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
  GOVERSION: 1.21.x
  NODEVERSION: 20.x
  PYTHONVERSION: "3.11"
  DOTNETVERSION: |
    6.0.x
    3.1.301
  JAVAVERSION: "11"
  AWS_REGION: us-west-2
  PULUMI_API: https://api.pulumi-staging.io
  ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
  ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
  ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
  AZURE_LOCATION: westus
  DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
  GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
  GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
  GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
  GOOGLE_PROJECT: pulumi-ci-gcp-provider
  GOOGLE_PROJECT_NUMBER: 895284651812
  GOOGLE_REGION: us-central1
  GOOGLE_ZONE: us-central1-a
  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
 jobs:
  comment-on-pr:
    runs-on: ubuntu-latest
    name: comment-on-pr
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - name: Comment PR
      uses: thollander/actions-comment-pull-request@v2
      with:
        message: >
          PR is now waiting for a maintainer to run the acceptance tests.
          **Note for the maintainer:** To run the acceptance tests, please comment */run-acceptance-tests* on the PR
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    if: github.event.pull_request.head.repo.full_name != github.repository
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -1,606 +0,0 @@
 # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
 name: release
 on:
  push:
    tags:
    - v*.*.*
    - "!v*.*.*-**"
 env:
  GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
  PROVIDER: docker-build
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
  PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PYPI_USERNAME: __token__
  PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
  TRAVIS_OS_NAME: linux
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
  PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
  PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
  PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
  SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
  SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
  SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
  GOVERSION: 1.21.x
  NODEVERSION: 20.x
  PYTHONVERSION: "3.11"
  DOTNETVERSION: |
    6.0.x
    3.1.301
  JAVAVERSION: "11"
  AWS_REGION: us-west-2
  PULUMI_API: https://api.pulumi-staging.io
  ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
  ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
  ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
  AZURE_LOCATION: westus
  DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
  GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
  GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
  GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
  GOOGLE_PROJECT: pulumi-ci-gcp-provider
  GOOGLE_PROJECT_NUMBER: 895284651812
  GOOGLE_REGION: us-central1
  GOOGLE_ZONE: us-central1-a
  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
 jobs:
  prerequisites:
    runs-on: ubuntu-latest
    name: prerequisites
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - if: github.event_name == 'pull_request'
      name: Install Schema Tools
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/schema-tools
    - name: Build codegen binaries
      run: make codegen
    - name: Build Schema
      run: make generate_schema
    - if: github.event_name == 'pull_request'
      name: Check Schema is Valid
      run: >-
        echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV
        schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV
        echo 'EOF' >> $GITHUB_ENV
      env:
        GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
    - if: github.event_name == 'pull_request'
      name: Comment on PR with Details of Schema Check
      uses: thollander/actions-comment-pull-request@v2
      with:
        message: |
          ${{ env.SCHEMA_CHANGES }}
        comment_tag: schemaCheck
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') &&
        github.actor == 'pulumi-bot'
      name: Add label if no breaking changes
      uses: actions-ecosystem/action-add-labels@v1.1.0
      with:
        labels: impact/no-changelog-required
        number: ${{ github.event.issue.number }}
        github_token: ${{ secrets.GITHUB_TOKEN }}
    - name: Build Provider
      run: make provider
    - name: Check worktree clean
      uses: pulumi/git-status-check-action@v1
      with:
        allowed-changes: |-
          sdk/**/pulumi-plugin.json
          sdk/dotnet/Pulumi.*.csproj
          sdk/go/**/pulumiUtilities.go
          sdk/nodejs/package.json
          sdk/python/pyproject.toml
    - run: git status --porcelain
    - name: Tar provider binaries
      run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
        github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
        pulumi-gen-${{ env.PROVIDER}}
    - name: Upload artifacts
      uses: actions/upload-artifact@v4
      with:
        name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
        path: ${{ github.workspace }}/bin/provider.tar.gz
    - name: Test Provider Library
      run: make test_provider
    - name: Upload coverage reports to Codecov
      uses: codecov/codecov-action@v4
      env:
        CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in building provider prerequisites
        fields: repo,commit,author,action
        status: ${{ job.status }}
  build_sdks:
    needs: prerequisites
    runs-on: pulumi-ubuntu-8core
    strategy:
      fail-fast: true
      matrix:
        language:
        - nodejs
        - python
        - dotnet
        - go
        - java
    name: build_sdks
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        java-version: ${{ env.JAVAVERSION }}
        distribution: temurin
        cache: gradle
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v3
      with:
        gradle-version: "7.6"
    - name: Download provider + tfgen binaries
      uses: actions/download-artifact@v4
      with:
        name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
        path: ${{ github.workspace }}/bin
    - name: UnTar provider binaries
      run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
        github.workspace}}/bin
    - name: Restore Binary Permissions
      run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
        -exec chmod +x {} \;
    - name: Generate SDK
      run: make generate_${{ matrix.language }}
    - name: Build SDK
      run: make build_${{ matrix.language }}
    - name: Check worktree clean
      uses: pulumi/git-status-check-action@v1
      with:
        allowed-changes: |-
          sdk/**/pulumi-plugin.json
          sdk/dotnet/Pulumi.*.csproj
          sdk/go/**/pulumiUtilities.go
          sdk/nodejs/package.json
          sdk/python/pyproject.toml
    - run: git status --porcelain
    - name: Tar SDK folder
      run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
    - name: Upload artifacts
      uses: actions/upload-artifact@v4
      with:
        name: ${{ matrix.language  }}-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure while building SDKs
        fields: repo,commit,author,action
        status: ${{ job.status }}
  test:
    runs-on: pulumi-ubuntu-8core
    needs:
    - build_sdks
    strategy:
      fail-fast: true
      matrix:
        language:
        - nodejs
        - python
        - dotnet
        - go
        - java
    name: test
    permissions:
      contents: read
      id-token: write
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        java-version: ${{ env.JAVAVERSION }}
        distribution: temurin
        cache: gradle
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v3
      with:
        gradle-version: "7.6"
    - name: Download provider + tfgen binaries
      uses: actions/download-artifact@v4
      with:
        name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
        path: ${{ github.workspace }}/bin
    - name: UnTar provider binaries
      run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
        github.workspace}}/bin
    - name: Restore Binary Permissions
      run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
        -exec chmod +x {} \;
    - name: Download SDK
      uses: actions/download-artifact@v4
      with:
        name: ${{ matrix.language }}-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: UnTar SDK folder
      run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
        github.workspace}}/sdk/${{ matrix.language}}
    - name: Update path
      run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
    - name: Install Node dependencies
      run: yarn global add typescript
    - run: dotnet nuget add source ${{ github.workspace }}/nuget
    - name: Install Python deps
      run: |-
        pip3 install virtualenv==20.0.23
        pip3 install pipenv
    - name: Install dependencies
      run: make install_${{ matrix.language}}_sdk
    - name: Configure AWS Credentials
      uses: aws-actions/configure-aws-credentials@v4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-region: ${{ env.AWS_REGION }}
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        role-duration-seconds: 3600
        role-session-name: ${{ env.PROVIDER }}@githubActions
        role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
    - name: Authenticate to Google Cloud
      uses: google-github-actions/auth@v0
      with:
        workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
          }}/locations/global/workloadIdentityPools/${{
          env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
          env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
        service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
    - name: Setup gcloud auth
      uses: google-github-actions/setup-gcloud@v2
      with:
        install_components: gke-gcloud-auth-plugin
    - name: Install gotestfmt
      uses: GoTestTools/gotestfmt-action@v2
      with:
        version: v2.5.0
        token: ${{ secrets.GITHUB_TOKEN }}
    - name: Run tests
      run: >-
        set -euo pipefail
        cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in SDK tests
        fields: repo,commit,author,action
        status: ${{ job.status }}
  publish:
    runs-on: ubuntu-latest
    needs: test
    name: publish
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Clear GitHub Actions Ubuntu runner disk space
      uses: jlumbroso/free-disk-space@v1.3.1
      with:
        tool-cache: false
        dotnet: false
        android: true
        haskell: true
        swap-storage: true
        large-packages: false
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Configure AWS Credentials
      uses: aws-actions/configure-aws-credentials@v4
      with:
        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
        aws-region: us-east-2
        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
        role-duration-seconds: 7200
        role-session-name: ${{ env.PROVIDER }}@githubActions
        role-external-id: upload-pulumi-release
        role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
    - name: Run GoReleaser
      uses: goreleaser/goreleaser-action@v5
      env:
        GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
      with:
        args: -p 3 release --clean --timeout 60m0s
        version: latest
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in publishing binaries
        fields: repo,commit,author,action
        status: ${{ job.status }}
  publish_sdk:
    runs-on: ubuntu-latest
    needs: publish
    name: publish_sdks
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Checkout Scripts Repo
      uses: actions/checkout@v4
      with:
        path: ci-scripts
        repository: pulumi/scripts
    - run: echo "ci-scripts" >> .git/info/exclude
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Download python SDK
      uses: actions/download-artifact@v4
      with:
        name: python-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress python SDK
      run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
        ${{github.workspace}}/sdk/python
    - name: Download dotnet SDK
      uses: actions/download-artifact@v4
      with:
        name: dotnet-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress dotnet SDK
      run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
        ${{github.workspace}}/sdk/dotnet
    - name: Download nodejs SDK
      uses: actions/download-artifact@v4
      with:
        name: nodejs-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress nodejs SDK
      run: tar -zxf ${{github.workspace}}/sdk/nodejs.tar.gz -C
        ${{github.workspace}}/sdk/nodejs
    - name: Install Twine
      run: python -m pip install twine==5.0.0
    - name: Publish SDKs
      run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
      env:
        NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
        PYPI_PUBLISH_ARTIFACTS: all
    - if: failure() && github.event_name == 'push'
      name: Notify Slack
      uses: 8398a7/action-slack@v3
      with:
        author_name: Failure in publishing SDK
        fields: repo,commit,author,action
        status: ${{ job.status }}
  publish_java_sdk:
    runs-on: ubuntu-latest
    continue-on-error: true
    needs: publish
    name: publish_java_sdk
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        java-version: ${{ env.JAVAVERSION }}
        distribution: temurin
        cache: gradle
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v3
      with:
        gradle-version: "7.6"
    - name: Download java SDK
      uses: actions/download-artifact@v4
      with:
        name: java-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress java SDK
      run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C
        ${{github.workspace}}/sdk/java
    - name: Publish Java SDK
      uses: gradle/gradle-build-action@v3
      env:
        PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }}
      with:
        arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository
        build-root-directory: ./sdk/java
        gradle-version: 7.4.1
  publish_go_sdk:
    runs-on: ubuntu-latest
    name: publish-go-sdk
    needs: publish_sdk
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - id: version
      name: Set Provider Version
      uses: pulumi/provider-version-action@v1
      with:
        set-env: PROVIDER_VERSION
    - name: Download go SDK
      uses: actions/download-artifact@v4
      with:
        name: go-sdk.tar.gz
        path: ${{ github.workspace}}/sdk/
    - name: Uncompress go SDK
      run: tar -zxf ${{github.workspace}}/sdk/go.tar.gz -C
        ${{github.workspace}}/sdk/go
    - name: Publish Go SDK
      uses: pulumi/publish-go-sdk-action@v1
      with:
        repository: ${{ github.repository }}
        base-ref: ${{ github.sha }}
        source: sdk/go/dockerbuild
        path: sdk/go/dockerbuild
        version: ${{ steps.version.outputs.version }}
        additive: false
        files: "**"
  dispatch_docs_build:
    runs-on: ubuntu-latest
    needs: publish_go_sdk
    steps:
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Dispatch Event
      run: pulumictl create docs-build pulumi-${{ env.PROVIDER }}
        ${GITHUB_REF#refs/tags/}
      env:
        GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
    name: dispatch_docs_build
--- a/.github/workflows/run-acceptance-tests.yml
+++ b/.github/workflows/run-acceptance-tests.yml
@@ -1,299 +0,0 @@
 # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
 name: run-acceptance-tests
 on:
  repository_dispatch:
    types:
      - run-acceptance-tests-command
  pull_request:
    paths-ignore:
      - CHANGELOG.md
  workflow_dispatch: {}
 env:
  GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
  PROVIDER: docker-build
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
  PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PYPI_USERNAME: __token__
  PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
  TRAVIS_OS_NAME: linux
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
  PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
  PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
  PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
  SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
  SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
  SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
  AWS_REGION: us-west-2
  PULUMI_API: https://api.pulumi-staging.io
  ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
  ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
  ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
  AZURE_LOCATION: westus
  DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
  GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
  GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
  GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
  GOOGLE_PROJECT: pulumi-ci-gcp-provider
  GOOGLE_PROJECT_NUMBER: 895284651812
  GOOGLE_REGION: us-central1
  GOOGLE_ZONE: us-central1-a
  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
  PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }}
 jobs:
  comment-notification:
    runs-on: ubuntu-latest
    name: comment-notification
    steps:
      - name: Create URL to the run output
        id: vars
        run: echo
          run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
          >> "$GITHUB_OUTPUT"
      - name: Update with Result
        uses: peter-evans/create-or-update-comment@v1
        with:
          token: ${{ secrets.PULUMI_BOT_TOKEN }}
          repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
          issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
          body: "Please view the PR build: ${{ steps.vars.outputs.run-url }}"
    if: github.event_name == 'repository_dispatch'
  prerequisites:
    if: github.event_name == 'repository_dispatch' ||
      github.event.pull_request.head.repo.full_name == github.repository
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
      actions: write # For telemetry.
      pull-requests: write # For schema comment.
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v4
        with:
          lfs: true
          ref: ${{ env.PR_COMMIT_SHA }}
      - name: Setup tools
        uses: ./.github/actions/setup-tools
      - id: version
        name: Set Provider Version
        uses: pulumi/provider-version-action@v1
        with:
          set-env: PROVIDER_VERSION
      - name: Build codegen binaries
        run: make codegen
      - name: Build Schema
        run: make generate_schema
      - if: github.event_name == 'pull_request'
        name: Check Schema is Valid
        run: >-
          echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV
          schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV
          echo 'EOF' >> $GITHUB_ENV
        env:
          GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
      - if: github.event_name == 'pull_request'
        name: Comment on PR with Details of Schema Check
        uses: thollander/actions-comment-pull-request@v2
        with:
          message: |
            ${{ env.SCHEMA_CHANGES }}
          comment_tag: schemaCheck
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - if:
          contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') &&
          github.actor == 'pulumi-bot'
        name: Add label if no breaking changes
        uses: actions-ecosystem/action-add-labels@v1.1.0
        with:
          labels: impact/no-changelog-required
          number: ${{ github.event.issue.number }}
          github_token: ${{ secrets.GITHUB_TOKEN }}
      - name: Build Provider
        run: make provider
      - name: Check worktree clean
        uses: pulumi/git-status-check-action@v1
        with:
          allowed-changes: |-
            sdk/**/pulumi-plugin.json
            sdk/dotnet/Pulumi.*.csproj
            sdk/go/**/pulumiUtilities.go
            sdk/nodejs/package.json
            sdk/python/pyproject.toml
      - run: git status --porcelain
      - name: Tar provider binaries
        run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
          github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
          pulumi-gen-${{ env.PROVIDER}}
      - name: Upload artifacts
        uses: actions/upload-artifact@v4
        with:
          name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
          path: ${{ github.workspace }}/bin/provider.tar.gz
      - name: Test Provider Library
        run: make test_provider
      - name: Upload coverage reports to Codecov
        uses: codecov/codecov-action@v4
        env:
          CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
      - if: failure() && github.event_name == 'push'
        name: Notify Slack
        uses: 8398a7/action-slack@v3
        with:
          author_name: Failure in building provider prerequisites
          fields: repo,commit,author,action
          status: ${{ job.status }}
      - name: Generate & Build SDK
        run: mise run sdk
      - name: Check worktree clean
        uses: pulumi/git-status-check-action@v1
        with:
          allowed-changes: |-
            sdk/**/pulumi-plugin.json
            sdk/dotnet/Pulumi.*.csproj
            sdk/go/**/pulumiUtilities.go
            sdk/nodejs/package.json
            sdk/python/pyproject.toml
      - run: git status --porcelain
      - name: Tar SDK folder
        run: tar -zcf sdk.tar.gz -C sdk .
      - name: Upload artifacts
        uses: actions/upload-artifact@v4
        with:
          name: sdk.tar.gz
          path: ${{ github.workspace}}/sdk.tar.gz
          retention-days: 30
      - if: failure() && github.event_name == 'push'
        name: Notify Slack
        uses: 8398a7/action-slack@v3
        with:
          author_name: Failure while building SDKs
          fields: repo,commit,author,action
          status: ${{ job.status }}
  test:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
      actions: write # For telemetry.
    needs:
      - prerequisites
    strategy:
      fail-fast: true
      matrix:
        shard: [0, 1, 2, 3, 4, 5, 6, 7]
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v4
        with:
          lfs: true
          ref: ${{ env.PR_COMMIT_SHA }}
      - name: Setup tools
        uses: ./.github/actions/setup-tools
      - id: version
        name: Set Provider Version
        uses: pulumi/provider-version-action@v1
        with:
          set-env: PROVIDER_VERSION
      - name: Download provider + tfgen binaries
        uses: actions/download-artifact@v4
        with:
          name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
          path: ${{ github.workspace }}/bin
      - name: UnTar provider binaries
        run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
          github.workspace}}/bin
      - name: Restore Binary Permissions
        run:
          find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
          -exec chmod +x {} \;
      - name: Download SDK
        uses: actions/download-artifact@v4
        with:
          name: sdk.tar.gz
          path: ${{ github.workspace}}
      - name: UnTar SDK folder
        run: tar -zxf ${{ github.workspace}}/sdk.tar.gz -C ${{github.workspace}}/sdk
      - name: Update path
        run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
      - name: Install Node dependencies
        run: yarn global add typescript
      - run: dotnet nuget add source ${{ github.workspace }}/nuget
      - name: Install dependencies
        run: mise run install
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v4
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-region: ${{ env.AWS_REGION }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          role-duration-seconds: 3600
          role-session-name: ${{ env.PROVIDER }}@githubActions
          role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
      - name: Authenticate to Google Cloud
        uses: google-github-actions/auth@v0
        with:
          workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
            }}/locations/global/workloadIdentityPools/${{
            env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
            env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
          service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
      - name: Setup gcloud auth
        uses: google-github-actions/setup-gcloud@v2
        with:
          skip_install: true
      - name: Shard tests
        run: mise run "test:examples:shard" -- --total ${{ strategy.job-total }} --index ${{ strategy.job-index }} > go-test
      - name: Run tests
        run: mise run "test:examples" $(cat go-test) 2>&1 | tee /tmp/gotest.log | gotestfmt
      - if: failure() && github.event_name == 'push'
        name: Notify Slack
        uses: 8398a7/action-slack@v3
        with:
          author_name: Failure in SDK tests
          fields: repo,commit,author,action
          status: ${{ job.status }}
    if: github.event_name == 'repository_dispatch' ||
      github.event.pull_request.head.repo.full_name == github.repository
  sentinel:
    runs-on: ubuntu-latest
    name: sentinel
    steps:
      - name: Mark workflow as successful
        uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76
        with:
          authToken: ${{ secrets.GITHUB_TOKEN }}
          context: Sentinel
          state: success
          description: Sentinel checks passed
          sha: ${{ github.event.pull_request.head.sha || github.sha }}
    if: github.event_name == 'repository_dispatch' ||
      github.event.pull_request.head.repo.full_name == github.repository
    needs:
      - test
      - lint
  lint:
    if: github.event_name == 'repository_dispatch' ||
      github.event.pull_request.head.repo.full_name == github.repository
    runs-on: ubuntu-latest
    permissions:
      contents: read
      id-token: write
      actions: write # For telemetry.
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v4
        with:
          lfs: true
          ref: ${{ env.PR_COMMIT_SHA }}
      - name: Setup tools
        uses: ./.github/actions/setup-tools
      - run: make lint
--- a/.github/workflows/weekly-pulumi-update.yml
+++ b/.github/workflows/weekly-pulumi-update.yml
@@ -1,138 +0,0 @@
 # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
 name: weekly-pulumi-update
 on:
  schedule:
  - cron: 35 12 * * 4
  workflow_dispatch: {}
 env:
  GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
  PROVIDER: docker-build
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
  PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PYPI_USERNAME: __token__
  PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
  TRAVIS_OS_NAME: linux
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
  PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
  PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
  PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
  SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
  SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
  SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
  GOVERSION: 1.21.x
  NODEVERSION: 20.x
  PYTHONVERSION: "3.11"
  DOTNETVERSION: |
    6.0.x
    3.1.301
  JAVAVERSION: "11"
  AWS_REGION: us-west-2
  PULUMI_API: https://api.pulumi-staging.io
  ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
  ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
  ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
  ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
  AZURE_LOCATION: westus
  DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
  GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
  GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
  GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
  GOOGLE_PROJECT: pulumi-ci-gcp-provider
  GOOGLE_PROJECT_NUMBER: 895284651812
  GOOGLE_REGION: us-central1
  GOOGLE_ZONE: us-central1-a
  DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
 jobs:
  weekly-pulumi-update:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout Repo
      uses: actions/checkout@v4
      with:
        lfs: true
    - name: Install Go
      uses: actions/setup-go@v5
      with:
        go-version: ${{ env.GOVERSION }}
        cache-dependency-path: "**/*.sum"
    - name: Install pulumictl
      uses: jaxxstorm/action-install-gh-release@v1.11.0
      with:
        repo: pulumi/pulumictl
    - name: Install Pulumi CLI
      uses: pulumi/actions@v5
    - name: Setup DotNet
      uses: actions/setup-dotnet@v4
      with:
        dotnet-version: ${{ env.DOTNETVERSION }}
    - name: Setup Node
      uses: actions/setup-node@v4
      with:
        node-version: ${{ env.NODEVERSION }}
        registry-url: https://registry.npmjs.org
    - name: Setup Python
      uses: actions/setup-python@v5
      with:
        python-version: ${{ env.PYTHONVERSION }}
    - name: Update Pulumi/Pulumi
      id: gomod
      run: >-
        git config --local user.email 'bot@pulumi.com'
        git config --local user.name 'pulumi-bot'
        git checkout -b update-pulumi/${{ github.run_id }}-${{ github.run_number }}
        for MODFILE in $(find . -name go.mod); do pushd $(dirname $MODFILE); go get github.com/pulumi/pulumi/pkg/v3 github.com/pulumi/pulumi/sdk/v3; go mod tidy; popd; done
        gh repo view pulumi/pulumi --json latestRelease --jq .latestRelease.tagName | sed 's/^v//' > .pulumi.version
        git update-index -q --refresh
        if ! git diff-files --quiet; then echo changes=1 >> "$GITHUB_OUTPUT"; fi
    - name: Provider with Pulumi Upgrade
      if: steps.gomod.outputs.changes != 0
      run: >-
        make codegen && make local_generate
        git add sdk/nodejs
        git commit -m "Regenerating Node.js SDK based on updated modules" || echo "ignore commit failure, may be empty"
        git add sdk/python
        git commit -m "Regenerating Python SDK based on updated modules" || echo "ignore commit failure, may be empty"
        git add sdk/dotnet
        git commit -m "Regenerating .NET SDK based on updated modules" || echo "ignore commit failure, may be empty"
        git add sdk/go*
        git commit -m "Regenerating Go SDK based on updated modules" || echo "ignore commit failure, may be empty"
        git add sdk/java*
        git commit -m "Regenerating Java SDK based on updated modules" || echo "ignore commit failure, may be empty"
        git add .
        git commit -m "Updated modules" || echo "ignore commit failure, may be empty"
        git push origin update-pulumi/${{ github.run_id }}-${{ github.run_number }}
    - name: Create PR
      id: create-pr
      if: steps.gomod.outputs.changes != 0
      uses: repo-sync/pull-request@v2.6.2
      with:
        source_branch: update-pulumi/${{ github.run_id }}-${{ github.run_number }}
        destination_branch: main
        pr_title: Automated Pulumi/Pulumi upgrade
        github_token: ${{ secrets.PULUMI_BOT_TOKEN }}
      env:
        GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
    name: weekly-pulumi-update
--- a/.gitignore
+++ b/.gitignore
@@ -2,24 +2,15 @@
 **/bin/
 **/obj/
 **/node_modules/
 **/venv
 **/.vs
 **/.idea
 **/.ionide
-**/.vscode
+.pulumi
 *.swp
 Pulumi.*.yaml
 yarn.lock
 ci-scripts
-nuget/
+/nuget/
-coverage.txt
+provider/**/schema-embed.json
-sdk/dotnet/version.txt
+sdk/python/venv
 sdk/java/.gradle
 sdk/java/build/
 sdk/java/build.gradle
 # Allow local mise overrides.
 .mise.*.local.toml
 .mise.local.toml
--- a/.golangci.yml
+++ b/.golangci.yml
@@ -1,104 +0,0 @@
 run:
  timeout: 10m
 linters:
  enable-all: false
  enable:
    - depguard
    - errcheck
    - exhaustive
    - exportloopref
    - gci
    - gocritic
    - gofumpt
    - goheader
    - gosec
    - govet
    - importas
    - ineffassign
    - lll
    - misspell
    - nakedret
    - nolintlint
    - paralleltest
    - perfsprint
    - prealloc
    - revive
    - unconvert
    - unused
 linters-settings:
  depguard:
    rules:
      protobuf:
        deny:
          - pkg: "github.com/golang/protobuf"
            desc: Use google.golang.org/protobuf instead
  gci:
    sections:
      - standard # Standard section: captures all standard library packages.
      - blank # Blank section: contains all blank imports.
      - default # Default section: contains all imports that could not be matched to another section type.
      - prefix(github.com/pulumi/) # Custom section: groups all imports with the github.com/pulumi/ prefix.
      - prefix(github.com/pulumi/pulumi-dockerbuild/) # Custom section: local imports
    custom-order: true
  gocritic:
    enable-all: true
    disabled-checks:
      - hugeParam
      - importShadow
  goheader:
    template: |-
      Copyright 2024, Pulumi Corporation.
      Licensed under the Apache License, Version 2.0 (the "License");
      you may not use this file except in compliance with the License.
      You may obtain a copy of the License at
          http://www.apache.org/licenses/LICENSE-2.0
      Unless required by applicable law or agreed to in writing, software
      distributed under the License is distributed on an "AS IS" BASIS,
      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      See the License for the specific language governing permissions and
      limitations under the License.
  govet:
    enable:
      - nilness
      # Reject comparisons of reflect.Value with DeepEqual or '=='.
      - reflectvaluecompare
      # Reject sort.Slice calls with a non-slice argument.
      - sortslice
      # Detect write to struct/arrays by-value that aren't read again.
      - unusedwrite
  nakedret:
    # Make an issue if func has more lines of code than this setting, and it has naked returns.
    # Default: 30
    max-func-lines: 60
  nolintlint:
    # Some linter exclusions are added to generated or templated files
    # pre-emptively.
    # Don't complain about these.
    allow-unused: true
 issues:
  exclude-use-default: false
  exclude-rules:
    # Don't warn on unused parameters.
    # Parameter names are useful; replacing them with '_' is undesirable.
    - linters: [revive]
      text: 'unused-parameter: parameter \S+ seems to be unused, consider removing or renaming it as _'
    # staticcheck already has smarter checks for empty blocks.
    # revive's empty-block linter has false positives.
    # For example, as of writing this, the following is not allowed.
    #   for foo() { }
    - linters: [revive]
      text: "empty-block: this block is empty, you can remove it"
    # We *frequently* use the term 'new' in the context of properties
    # (new and old properties),
    # and we rarely use the 'new' built-in function.
    # It's fine to ignore these cases.
    - linters: [revive]
      text: "redefines-builtin-id: redefinition of the built-in function new"
--- a/.goreleaser.prerelease.yml
+++ b/.goreleaser.prerelease.yml
@@ -1,38 +0,0 @@
 # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
 project_name: pulumi-docker-build
 builds:
 - dir: provider
  env:
  - CGO_ENABLED=0
  - GO111MODULE=on
  goos:
  - darwin
  - windows
  - linux
  goarch:
  - amd64
  - arm64
  ignore: []
  main: ./cmd/pulumi-resource-docker-build/
  ldflags:
  - -X
    github.com/pulumi/pulumi-docker-build/provider/pkg/version.Version={{.Tag}}
  - -X github.com/pulumi/pulumi-docker-build/provider.Version={{.Tag}}
  binary: pulumi-resource-docker-build
 archives:
 - name_template: "{{ .Binary }}-{{ .Tag }}-{{ .Os }}-{{ .Arch }}"
  id: archive
 snapshot:
  name_template: "{{ .Tag }}-SNAPSHOT"
 changelog:
  skip: true
 release:
  disable: true
 blobs:
 - provider: s3
  region: us-west-2
  bucket: get.pulumi.com
  folder: releases/plugins/
  ids:
  - archive
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -1,38 +0,0 @@
 # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
 project_name: pulumi-docker-build
 builds:
 - dir: provider
  env:
  - CGO_ENABLED=0
  - GO111MODULE=on
  goos:
  - darwin
  - windows
  - linux
  goarch:
  - amd64
  - arm64
  ignore: []
  main: ./cmd/pulumi-resource-docker-build/
  ldflags:
  - -X
    github.com/pulumi/pulumi-docker-build/provider/pkg/version.Version={{.Tag}}
  - -X github.com/pulumi/pulumi-docker-build/provider.Version={{.Tag}}
  binary: pulumi-resource-docker-build
 archives:
 - name_template: "{{ .Binary }}-{{ .Tag }}-{{ .Os }}-{{ .Arch }}"
  id: archive
 snapshot:
  name_template: "{{ .Tag }}-SNAPSHOT"
 changelog:
  skip: true
 release:
  disable: false
 blobs:
 - provider: s3
  region: us-west-2
  bucket: get.pulumi.com
  folder: releases/plugins/
  ids:
  - archive
--- a/.mise.toml
+++ b/.mise.toml
@@ -1,133 +0,0 @@
 [tasks.provider]
 run = ["make provider"]
 sources = ["provider/**/*.go", "go.mod"]
 outputs = ["bin/pulumi-resource-docker-build"]
 # Generate
 [tasks."generate:nodejs"]
 depends = ["provider"]
 run = "make generate_nodejs"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["sdk/nodejs/**/*.ts"]
 [tasks."generate:python"]
 run = "make generate_python"
 depends = ["provider"]
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["sdk/python/**/*.py"]
 [tasks."generate:dotnet"]
 depends = ["provider"]
 run = "make generate_dotnet"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["sdk/dotnet/**/*.cs"]
 [tasks."generate:go"]
 depends = ["provider"]
 run = "make generate_go"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["sdk/go/**/*.go"]
 [tasks."generate:java"]
 depends = ["provider"]
 run = "make generate_java"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["sdk/java/**/*.java"]
 # Build
 [tasks."build:nodejs"]
 depends = ["generate:nodejs"]
 run = "make build_nodejs"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["*"]
 [tasks."build:python"]
 depends = ["generate:python"]
 run = "make build_python"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["*"]
 [tasks."build:dotnet"]
 depends = ["generate:dotnet"]
 run = "make build_dotnet"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["*"]
 [tasks."build:go"]
 depends = ["generate:go"]
 run = "make build_go"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["*"]
 [tasks."build:java"]
 depends = ["generate:java"]
 run = "make build_java"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["*"]
 # TODO: Might be able to link these directly?
 [tasks."install:dotnet"]
 run = "make install_dotnet_sdk"
 [tasks."install:nodejs"]
 run = "make install_nodejs_sdk"
 [tasks.sdk]
 depends = ["generate:*", "build:*"]
 [tasks.install]
 depends = ["install:*"]
 [tasks.test]
 sources = ["**/*.go"]
 outputs = ["*"]
 run = "make test_provider"
 [tasks."test:examples"]
 run = "go test -v -json -cover -timeout 2h -tags=all -parallel 4"
 [tasks."test:examples:shard"]
 run = "go run github.com/blampe/shard@latest --root ./examples"
 [tasks.schema]
 run = "pulumi package get-schema bin/pulumi-resource-docker-build | jq 'del(.version)' > provider/cmd/pulumi-resource-docker-build/schema.json"
 sources = ["bin/pulumi-resource-docker-build"]
 outputs = ["provider/cmd/pulumi-resource-docker-build/schema.json"]
 [tasks.docs]
 run = "go generate docs/generate.go"
 depends = ["schema"]
 sources = ["docs/yaml/*.yaml"]
 outputs= ["provider/internal/embed/*.md"]
 # TODO: tasks.examples
 [tools]
 # Development tooling.
 go = "latest" # Will read version from go.mod.
 lefthook = "1.7.12"
 golangci-lint = "1.58.1"
 # Build and test tools.
 pulumi = "3.128.0"
 node = "22"
 dotnet = "6"
 python = "3.11.9"
 java = "temurin-11"
 gradle = "7.6"
 "go:github.com/pulumi/schema-tools" = "v0.6.0"
 "go:github.com/gotesttools/gotestfmt/v2/cmd/gotestfmt" = "v2.5.0"
 "go:github.com/pulumi/pulumictl/cmd/pulumictl" = "a1b89aaf4299fe5bc78e140fc60eba79088b3dc5" # blampe/replace branch doesn't work?
 yarn = "1.22.19"
 gcloud = "455.0.0"
 [env]
 # TODO(https://github.com/jdx/mise/issues/1898): create = true
 _.python.venv = { path = "venv", create = false }
 CGO_ENABLED = "0"
 [settings]
 experimental = true    # Enable Go backend.
 python_compile = false # Don't build Python from source.
--- a/.pulumi.version
+++ b/.pulumi.version
@@ -1 +0,0 @@
 3.128.0
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,52 +0,0 @@
 ## Unreleased
 ### Fixed
 - Refreshing an `Index` resource will no longer fail if its stored credentials
  have expired. (https://github.com/pulumi/pulumi-docker-build/pull/194)
 ### Changed
 - Local and tar exporters will now trigger an update if an export doesn't exist
  at the expected path. (https://github.com/pulumi/pulumi-docker-build/pull/195)
 ## 0.0.5 (2024-08-08)
 ### Fixed
 - Fixed Go SDK publishing.
 ### Changed
 - Upgraded docker from 27.0.3 to 27.1.0.
 ## 0.0.4 (2024-07-15)
 ### Changed
 - Upgraded buildkit from 0.13.0 to 0.15.0.
 - Upgraded buildx from 0.13.1. to 0.16.0.
 - Upgraded docker from 26.0.0-rc1 to 27.0.3.
 - Fixed an issue where warnings were not displayed correctly.
 ## 0.0.3 (2024-05-31)
 ### Fixed
 - Fixed the default value for `ACTIONS_CACHE_URL` when using GitHub action caching. (https://github.com/pulumi/pulumi-docker-build/pull/80)
 - Fixed Java SDK publishing. (https://github.com/pulumi/pulumi-docker-build/pull/89)
 - Fixed a panic that could occur when `context` was omitted. (https://github.com/pulumi/pulumi-docker-build/pull/83)
 ### Changed
 - The provider will now wait for new builders to fully boot.
 ## 0.0.2 (2024-04-25)
 ### Fixed
 - Upgraded pulumi-go-provider to fix a panic during cancellation.
 ## 0.0.1 (2024-04-23)
 Initial release.
--- a/CODE-OF-CONDUCT.md
+++ b/CODE-OF-CONDUCT.md
@@ -1,80 +0,0 @@
 # Contributor Covenant Code of Conduct
 ## Our Pledge
 In the interest of fostering an open and welcoming environment, we as
 contributors and maintainers pledge to making participation in our project and
 our community a harassment-free experience for everyone, regardless of age, body
 size, disability, ethnicity, gender identity and expression, level of experience,
 education, socio-economic status, nationality, personal appearance, race,
 religion, or sexual identity and orientation.
 ## Our Standards
 Examples of behavior that contributes to creating a positive environment
 include:
 * Using welcoming and inclusive language
 * Being respectful of differing viewpoints and experiences
 * Gracefully accepting constructive criticism
 * Focusing on what is best for the community
 * Showing empathy towards other community members
 * Contribute in a positive and constructive way
 Examples of unacceptable behavior by participants include:
 * The use of sexualized language or imagery and unwelcome sexual attention or
  advances
 * Trolling, insulting/derogatory comments, and personal or political attacks
 * Public or private harassment
 * Publishing others' private information, such as a physical or electronic
  address, without explicit permission
 * Other conduct which could reasonably be considered inappropriate in a
  professional setting
 ## Our Community Guidelines
 * Be clear and stay on topic. Communicating with strangers on the Internet can make it hard to convey or read tone, and sarcasm is frequently misunderstood. Try to use clear language, and think about how the other person will receive it.
 * Don’t cross-post the same thing in multiple GitHub Discussion topics or multiple Slack channels. This can make it difficult for people answering your questions and creates "scrollback spam".
 * Public discussion is preferred to private. Avoid using Slack DMs for questions, and instead share them in public Slack channels or GitHub Discussion threads. This allows a larger audience to both share their knowledge as well as learn from your question or issue. If you're having a problem, chances are someone else is having a similar problem. Learning in public is a community contribution.
 * Minimize notifications to other community members. Avoid tagging other community members in Slack messages or Discussion threads, unless you are replying to something specific. Community members are here to help each other, but are not "on call" for support, and we expect everyone to try to minimize "notification fatigue". If your issue is time-sensitive or critical, use methods like support@pulumi.com instead.
 ## Our Responsibilities
 Project maintainers are responsible for clarifying the standards of acceptable
 behavior and are expected to take appropriate and fair corrective action in
 response to any instances of unacceptable behavior.
 Project maintainers have the right and responsibility to remove, edit, or
 reject comments, commits, code, wiki edits, issues, GitHub Discussions posts, 
 and other contributions that are not aligned to this Code of Conduct, or to ban 
 temporarily or permanently any contributor for other behaviors that they deem 
 inappropriate, threatening, offensive, or harmful.
 ## Scope
 This Code of Conduct applies both within project spaces (including the Community Slack
 and GitHub Discussions forums) and in public spaces when an individual is representing the 
 project or its community. Examples of representing a project or community include 
 using an official project e-mail address, posting via an official social media account, 
 or acting as an appointed representative at an online or offline event. Representation 
 of a project may be further defined and clarified by project maintainers.
 ## Enforcement
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported by contacting the project team at code-of-conduct@pulumi.com. All
 complaints will be reviewed and investigated and will result in a response that
 is deemed necessary and appropriate to the circumstances. The project team is
 obligated to maintain confidentiality with regard to the reporter of an incident.
 Further details of specific enforcement policies may be posted separately.
 Project maintainers who do not follow or enforce the Code of Conduct in good
 faith may face temporary or permanent repercussions as determined by other
 members of the project's leadership.
 ## Attribution
 This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
 available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html
 [homepage]: https://www.contributor-covenant.org
--- a/269
+++ b/269
@@ -1,101 +1,91 @@
-PROJECT_NAME := Pulumi Docker Build Resource Provider
+PROJECT_NAME := Pulumi Docker Native Resource Provider
-PACK             := docker-build
+PACK             := docker-native
 PACKDIR          := sdk
-PROJECT          := github.com/pulumi/pulumi-docker-build
+PROJECT          := github.com/pulumi/pulumi-docker-native
-NODE_MODULE_NAME := @pulumi/docker-build
+NODE_MODULE_NAME := @pulumi/docker-native
-NUGET_PKG_NAME   := Pulumi.DockerBuild
+NUGET_PKG_NAME   := Pulumi.DockerNative
-PROVIDER         := pulumi-resource-${PACK}
+PROVIDER        := pulumi-resource-${PACK}
-PROVIDER_PATH    := provider
+VERSION         ?= $(shell pulumictl get version)
-VERSION_PATH     := ${PROVIDER_PATH}.Version
+PROVIDER_PATH   := provider
-SCHEMA_PATH      := ${PROVIDER_PATH}/cmd/pulumi-resource-${PACK}/schema.json
+VERSION_PATH    := ${PROVIDER_PATH}.Version
-GOPATH			 := $(shell go env GOPATH)
+GOPATH			:= $(shell go env GOPATH)
-WORKING_DIR      := $(shell pwd)
+WORKING_DIR     := $(shell pwd)
-EXAMPLES_DIR     := ${WORKING_DIR}/examples/yaml
+EXAMPLES_DIR    := ${WORKING_DIR}/examples/yaml
-TESTPARALLELISM  := 4
+TESTPARALLELISM := 4
-# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable
+ensure::
-# Local & branch builds will just used this fixed default version unless specified
+	cd provider && go mod tidy
-PROVIDER_VERSION ?= 0.1.0-alpha.0+dev
+	cd sdk && go mod tidy
-# Use this normalised version everywhere rather than the raw input to ensure consistency.
+	cd tests && go mod tidy
 VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)")
-export PULUMI_IGNORE_AMBIENT_PLUGINS = true
+provider::
-export PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION = true
+	(cd provider && go build -o $(WORKING_DIR)/bin/${PROVIDER} -ldflags "-X ${PROJECT}/${VERSION_PATH}=${VERSION}" $(PROJECT)/${PROVIDER_PATH}/cmd/$(PROVIDER))
 .PHONY: ensure
 ensure:: tidy lint test_provider examples
 .PHONY: tidy
 tidy:
 	go mod tidy
 .PHONY: provider
 provider: bin/${PROVIDER} bin/pulumi-gen-${PACK} # Required by CI
 .PHONY: local_generate
 local_generate: sdk # Required by CI
 provider_debug::
-	(cd provider && go build -o $(WORKING_DIR)/bin/${PROVIDER} -gcflags="all=-N -l" -ldflags "-X ${PROJECT}/${VERSION_PATH}=${VERSION_GENERIC}" $(PROJECT)/${PROVIDER_PATH}/cmd/$(PROVIDER))
+	(cd provider && go build -o $(WORKING_DIR)/bin/${PROVIDER} -gcflags="all=-N -l" -ldflags "-X ${PROJECT}/${VERSION_PATH}=${VERSION}" $(PROJECT)/${PROVIDER_PATH}/cmd/$(PROVIDER))
-test_provider:: # Required by CI
+test_provider::
-	go test -short -v -coverprofile="coverage.txt" -coverpkg=./provider/... -timeout 2h -parallel ${TESTPARALLELISM} ./provider/...
+	cd tests && go test -short -v -count=1 -cover -timeout 2h -parallel ${TESTPARALLELISM} ./...
-test_examples: install_nodejs_sdk install_dotnet_sdk
+codegen:
 	go test -short -v -cover -tags=all -timeout 2h -parallel ${TESTPARALLELISM} ./examples/...
-test_all:: test_provider test_examples
+dotnet_sdk:: DOTNET_VERSION := $(shell pulumictl get version --language dotnet)
 dotnet_sdk::
 	rm -rf sdk/dotnet
 	pulumi package gen-sdk $(WORKING_DIR)/bin/$(PROVIDER) --language dotnet
 	cd ${PACKDIR}/dotnet/&& \
 		echo "${DOTNET_VERSION}" >version.txt && \
 		dotnet build /p:Version=${DOTNET_VERSION}
-.PHONY:
+go_sdk:: $(WORKING_DIR)/bin/$(PROVIDER)
-gen_examples:
+	rm -rf sdk/go
 	pulumi package gen-sdk $(WORKING_DIR)/bin/$(PROVIDER) --language go
-examples: $(shell mkdir -p examples)
+nodejs_sdk:: VERSION := $(shell pulumictl get version --language javascript)
-examples: sdk examples/yaml examples/go examples/nodejs examples/python examples/dotnet examples/java
+nodejs_sdk::
 	rm -rf sdk/nodejs
 	pulumi package gen-sdk $(WORKING_DIR)/bin/$(PROVIDER) --language nodejs
 	cd ${PACKDIR}/nodejs/ && \
 		yarn install && \
 		yarn run tsc && \
 		cp ../../README.md ../../LICENSE package.json yarn.lock bin/ && \
 		sed -i.bak 's/$${VERSION}/$(VERSION)/g' bin/package.json && \
 		rm ./bin/package.json.bak
-examples/yaml:
+python_sdk:: PYPI_VERSION := $(shell pulumictl get version --language python)
-	rm -rf ${WORKING_DIR}/examples/yaml/app
+python_sdk::
-	cp -r ${WORKING_DIR}/examples/app ${WORKING_DIR}/examples/yaml/app
+	rm -rf sdk/python
 	pulumi package gen-sdk $(WORKING_DIR)/bin/$(PROVIDER) --language python
 	cp README.md ${PACKDIR}/python/
 	cd ${PACKDIR}/python/ && \
 		python3 setup.py clean --all 2>/dev/null && \
 		rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \
 		sed -i.bak -e 's/^VERSION = .*/VERSION = "$(PYPI_VERSION)"/g' -e 's/^PLUGIN_VERSION = .*/PLUGIN_VERSION = "$(VERSION)"/g' ./bin/setup.py && \
 		rm ./bin/setup.py.bak && \
 		cd ./bin && python3 setup.py build sdist
-examples/go: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
+gen_examples: gen_go_example \
-	$(call example,go)
+		gen_nodejs_example \
-	@git checkout examples/go/go.mod
+		gen_python_example \
 		gen_dotnet_example
-examples/nodejs: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
+gen_%_example:
-	$(call example,nodejs)
+	rm -rf ${WORKING_DIR}/examples/$*
 	@git checkout examples/nodejs/package.json
 examples/python: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
 	$(call example,python)
 	@git checkout examples/python/requirements.txt
 examples/dotnet: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
 	$(call example,dotnet)
 	@git checkout examples/dotnet/provider-docker-build.csproj
 examples/java: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
 	$(call example,java)
 	@git checkout examples/java/pom.xml
 define pulumi_login
    export PULUMI_CONFIG_PASSPHRASE=asdfqwerty1234; \
    pulumi login --local;
 endef
 define example
 	rm -rf ${WORKING_DIR}/examples/$(1)
 	pulumi convert \
 		--cwd ${WORKING_DIR}/examples/yaml \
 		--logtostderr \
 		--generate-only \
 		--non-interactive \
-		--language $(1) \
+		--language $* \
-		--out ${WORKING_DIR}/examples/$(1)
+		--out ${WORKING_DIR}/examples/$*
-	cp -r ${WORKING_DIR}/examples/app ${WORKING_DIR}/examples/$(1)/app
+
-	cp ${WORKING_DIR}/examples/yaml/.dockerignore ${WORKING_DIR}/examples/$(1)/.dockerignore
+define pulumi_login
    export PULUMI_CONFIG_PASSPHRASE=asdfqwerty1234; \
    pulumi login --local;
 endef
 up::
@@ -119,128 +109,39 @@ devcontainer::
 	cp -f .devcontainer/devcontainer.json .devcontainer.json
 .PHONY: build
-build:: provider sdk/dotnet sdk/go sdk/nodejs sdk/python sdk/java ${SCHEMA_PATH}
+
 build:: provider dotnet_sdk go_sdk nodejs_sdk python_sdk
 # Required for the codegen action that runs in pulumi/pulumi
 only_build:: build
-.PHONY: lint
+lint::
-lint:
+	for DIR in "provider" "sdk" "tests" ; do \
-	golangci-lint run --fix -c .golangci.yml
+		pushd $$DIR && golangci-lint run -c ../.golangci.yml --timeout 10m && popd ; \
 	done
 install:: install_nodejs_sdk install_dotnet_sdk
 	cp $(WORKING_DIR)/bin/${PROVIDER} ${GOPATH}/bin
 GO_TEST 	 := go test -v -count=1 -cover -timeout 2h -parallel ${TESTPARALLELISM}
-install_dotnet_sdk:: # Required by CI
+test_all:: test_provider
 	cd tests/sdk/nodejs && $(GO_TEST) ./...
 	cd tests/sdk/python && $(GO_TEST) ./...
 	cd tests/sdk/dotnet && $(GO_TEST) ./...
 	cd tests/sdk/go && $(GO_TEST) ./...
 install_dotnet_sdk::
 	rm -rf $(WORKING_DIR)/nuget/$(NUGET_PKG_NAME).*.nupkg
 	mkdir -p $(WORKING_DIR)/nuget
 	find . -name '*.nupkg' -print -exec cp -p {} ${WORKING_DIR}/nuget \;
-install_python_sdk:: # Required by CI
+install_python_sdk::
 	#target intentionally blank
-install_go_sdk:: # Required by CI
+install_go_sdk::
 	#target intentionally blank
-install_nodejs_sdk:: # Required by CI
+install_nodejs_sdk::
 	-yarn unlink --cwd $(WORKING_DIR)/sdk/nodejs/bin
 	yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin
 .PHONY: codegen
 codegen: # Required by CI
 .PHONY: generate_schema
 generate_schema: ${SCHEMA_PATH} # Required by CI
 .PHONY: build_go install_go_sdk
 generate_go: sdk/go # Required by CI
 build_go: # Required by CI
 .PHONY: build_java install_java_sdk
 generate_java: sdk/java # Required by CI
 build_java: # Required by CI
 .PHONY: build_python install_python_sdk
 generate_python: sdk/python # Required by CI
 build_python: # Required by CI
 .PHONY: build_nodejs install_nodejs_sdk
 generate_nodejs: sdk/nodejs # Required by CI
 build_nodejs: # Required by CI
 .PHONY: build_dotnet install_dotnet_sdk
 generate_dotnet: sdk/dotnet # Required by CI
 build_dotnet: # Required by CI
 ${SCHEMA_PATH}: bin/${PROVIDER}
 	pulumi package get-schema bin/${PROVIDER} | jq 'del(.version)' > $(SCHEMA_PATH)
 bin/${PROVIDER}: $(shell find ./provider -name '*.go') go.mod
 	(cd provider && go build -o ../bin/${PROVIDER} -ldflags "-X ${PROJECT}/${VERSION_PATH}=${VERSION_GENERIC}" $(PROJECT)/${PROVIDER_PATH}/cmd/$(PROVIDER))
 bin/pulumi-gen-${PACK}: # Required by CI
 	touch bin/pulumi-gen-${PACK}
 go.mod: $(shell find provider -name '*.go')
 go.sum: go.mod
 sdk: $(shell mkdir -p sdk)
 sdk: sdk/python sdk/nodejs sdk/java sdk/python sdk/go sdk/dotnet
 # Folders can't be used for up-to-date checks as they will be marked as up-to-date even if the step fails - leading to a broken state.
 .PHONY: sdk/*
 sdk/python: TMPDIR := $(shell mktemp -d)
 sdk/python: bin/${PROVIDER}
 	rm -rf sdk/python
 	pulumi package gen-sdk bin/$(PROVIDER) --language python -o ${TMPDIR}
 	cp README.md ${TMPDIR}/python/
 	cd ${TMPDIR}/python/ && \
 		rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \
 		python3 -m venv venv && \
 		./venv/bin/python -m pip install build && \
 		cd ./bin && \
 		../venv/bin/python -m build .
 	mv -f ${TMPDIR}/python ${WORKING_DIR}/sdk/.
 sdk/nodejs: TMPDIR := $(shell mktemp -d)
 sdk/nodejs: bin/${PROVIDER}
 	rm -rf sdk/nodejs
 	pulumi package gen-sdk bin/$(PROVIDER) --language nodejs -o ${TMPDIR}
 	cp README.md LICENSE ${TMPDIR}/nodejs
 	cd ${TMPDIR}/nodejs/ && \
 		yarn install && \
 		yarn run tsc && \
 		cp README.md LICENSE package.json yarn.lock bin/
 	mv -f ${TMPDIR}/nodejs ${WORKING_DIR}/sdk/.
 sdk/go: TMPDIR := $(shell mktemp -d)
 sdk/go: PATH := "$(WORKING_DIR)/bin:$(PATH)"
 sdk/go: bin/${PROVIDER}
 	rm -rf sdk/go
 	PATH=$(PATH) pulumi package gen-sdk bin/$(PROVIDER) --language go -o ${TMPDIR}
 	cp go.mod ${TMPDIR}/go/dockerbuild/go.mod
 	cd ${TMPDIR}/go/dockerbuild && \
 		go mod edit -module=github.com/pulumi/pulumi-${PACK}/${PACKDIR}/go/dockerbuild && \
 		go mod tidy
 	mv -f ${TMPDIR}/go ${WORKING_DIR}/sdk/go
 sdk/dotnet: TMPDIR := $(shell mktemp -d)
 sdk/dotnet: bin/${PROVIDER}
 	rm -rf sdk/dotnet
 	pulumi package gen-sdk bin/${PROVIDER} --language dotnet -o ${TMPDIR}
 	cd ${TMPDIR}/dotnet/ && \
 		echo "$(VERSION_GENERIC)" > version.txt && \
 		dotnet build
 	mv -f ${TMPDIR}/dotnet ${WORKING_DIR}/sdk/.
 sdk/java: PACKAGE_VERSION := $(shell pulumictl convert-version --language generic -v "$(VERSION_GENERIC)")
 sdk/java: TMPDIR := $(shell mktemp -d)
 sdk/java: bin/${PROVIDER}
 	rm -rf sdk/java
 	pulumi package gen-sdk --language java bin/${PROVIDER} -o ${TMPDIR}
 	cd ${TMPDIR}/java/ && gradle --console=plain build
 	mv -f ${TMPDIR}/java ${WORKING_DIR}/sdk/.
 docs: $(shell find docs/yaml -type f) $(shell find ./provider/internal/embed -name '*.md') ${SCHEMA_PATH}
 	go generate docs/generate.go
 	@touch docs
--- a/README.md
+++ b/README.md
@@ -1,23 +1,106 @@
-[![Slack](http://www.pulumi.com/images/docs/badges/slack.svg)](https://slack.pulumi.com)
+# Pulumi Native Provider Boilerplate
 [![NPM version](https://badge.fury.io/js/%40pulumi%2fdocker-build.svg)](https://www.npmjs.com/package/@pulumi/docker-build)
 [![Python version](https://badge.fury.io/py/pulumi-docker-build.svg)](https://pypi.org/project/pulumi-docker-build)
 [![NuGet version](https://badge.fury.io/nu/pulumi.dockerbuild.svg)](https://badge.fury.io/nu/pulumi.dockerbuild)
 [![PkgGoDev](https://pkg.go.dev/badge/github.com/pulumi/pulumi-docker-build/sdk/go)](https://pkg.go.dev/github.com/pulumi/pulumi-docker-build/sdk/go)
 [![License](https://img.shields.io/npm/l/%40pulumi%2Fpulumi.svg)](https://github.com/pulumi/pulumi-docker-build/blob/main/LICENSE)
-# Docker-Build Resource Provider
+This repository is a boilerplate showing how to create and locally test a native Pulumi provider.
-A [Pulumi](http://pulumi.com) provider for building modern Docker images with [buildx](https://docs.docker.com/build/architecture/) and [BuildKit](https://docs.docker.com/build/buildkit/).
+## Authoring a Pulumi Native Provider
-Not to be confused with the earlier
+This boilerplate creates a working Pulumi-owned provider named `xyz`.
-[Docker](http://github.com/pulumi/pulumi-docker) provider, which is still
+It implements a random number generator that you can [build and test out for yourself](#test-against-the-example) and then replace the Random code with code specific to your provider.
 appropriate for managing resources unrelated to building images.
 | Provider               | Use cases                                                                                                                                                |
 | ----------------       | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | `@pulumi/docker-build` | Anything related to building images with `docker build`.                                                                                                 |
 | `@pulumi/docker`       | Everything else -- including running containers and creating networks.                                                                                   |
-## Reference
+### Prerequisites
-For more information, including examples and migration guidance, please see the Docker-Build provider's detailed [API documentation](https://www.pulumi.com/registry/packages/docker-build/).
+Prerequisites for this repository are already satisfied by the [Pulumi Devcontainer](https://github.com/pulumi/devcontainer) if you are using Github Codespaces, or VSCode.
 If you are not using VSCode, you will need to ensure the following tools are installed and present in your `$PATH`:
 * [`pulumictl`](https://github.com/pulumi/pulumictl#installation)
 * [Go 1.21](https://golang.org/dl/) or 1.latest
 * [NodeJS](https://nodejs.org/en/) 14.x.  We recommend using [nvm](https://github.com/nvm-sh/nvm) to manage NodeJS installations.
 * [Yarn](https://yarnpkg.com/)
 * [TypeScript](https://www.typescriptlang.org/)
 * [Python](https://www.python.org/downloads/) (called as `python3`).  For recent versions of MacOS, the system-installed version is fine.
 * [.NET](https://dotnet.microsoft.com/download)
 ### Build & test the boilerplate XYZ provider
 1. Create a new Github CodeSpaces environment using this repository.
 1. Open a terminal in the CodeSpaces environment.
 1. Run `make build install` to build and install the provider.
 1. Run `make gen_examples` to generate the example programs in `examples/` off of the source `examples/yaml` example program.
 1. Run `make up` to run the example program in `examples/yaml`.
 1. Run `make down` to tear down the example program.
 ### Creating a new provider repository
 Pulumi offers this repository as a [GitHub template repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/creating-a-repository-from-a-template) for convenience.  From this repository:
 1. Click "Use this template".
 1. Set the following options:
   * Owner: pulumi 
   * Repository name: pulumi-xyz-native (replace "xyz" with the name of your provider)
   * Description: Pulumi provider for xyz
   * Repository type: Public
 1. Clone the generated repository.
 From the templated repository:
 1. Search-replace `xyz` with the name of your desired provider.
 #### Build the provider and install the plugin
   ```bash
   $ make build install
   ```
 This will:
 1. Create the SDK codegen binary and place it in a `./bin` folder (gitignored)
 2. Create the provider binary and place it in the `./bin` folder (gitignored)
 3. Generate the dotnet, Go, Node, and Python SDKs and place them in the `./sdk` folder
 4. Install the provider on your machine.
 #### Test against the example
 ```bash
 $ cd examples/simple
 $ yarn link @pulumi/xyz
 $ yarn install
 $ pulumi stack init test
 $ pulumi up
 ```
 Now that you have completed all of the above steps, you have a working provider that generates a random string for you.
 #### A brief repository overview
 You now have:
 1. A `provider/` folder containing the building and implementation logic
    1. `cmd/pulumi-resource-xyz/main.go` - holds the provider's sample implementation logic.
 2. `deployment-templates` - a set of files to help you around deployment and publication
 3. `sdk` - holds the generated code libraries created by `pulumi-gen-xyz/main.go`
 4. `examples` a folder of Pulumi programs to try locally and/or use in CI.
 5. A `Makefile` and this `README`.
 #### Additional Details
 This repository depends on the pulumi-go-provider library. For more details on building providers, please check
 the [Pulumi Go Provider docs](https://github.com/pulumi/pulumi-go-provider).
 ### Build Examples
 Create an example program using the resources defined in your provider, and place it in the `examples/` folder.
 You can now repeat the steps for [build, install, and test](#test-against-the-example).
 ## Configuring CI and releases
 1. Follow the instructions laid out in the [deployment templates](./deployment-templates/README-DEPLOYMENT.md).
 ## References
 Other resources/examples for implementing providers:
 * [Pulumi Command provider](https://github.com/pulumi/pulumi-command/blob/master/provider/pkg/provider/provider.go)
 * [Pulumi Go Provider repository](https://github.com/pulumi/pulumi-go-provider)
--- a/codecov.yml
+++ b/codecov.yml
@@ -1,12 +0,0 @@
 comment:
  layout: "header, files, footer"
  hide_project_coverage: false
 coverage:
  status:
    project:
      default:
        informational: true
    patch:
      default:
        informational: true
--- a/docs/generate.go
+++ b/docs/generate.go
@@ -1,216 +0,0 @@
 // Copyright 2024, Pulumi Corporation.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //     http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 //go:generate go run generate.go yaml ../provider/internal/embed
 // Package main ingests a multi-document YAML file and converts it into
 // Markdown examples.
 package main
 import (
 	"fmt"
 	"io"
 	"log"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"strings"
 	"gopkg.in/yaml.v3"
 	"github.com/pulumi/pulumi/sdk/v3/go/common/util/contract"
 )
 func main() {
 	if len(os.Args) < 3 {
 		_, _ = fmt.Fprintf(os.Stdout, "Usage: %s <yaml source dir path> <markdown destination path>\n", os.Args[0])
 		os.Exit(1)
 	}
 	yamlPath := os.Args[1]
 	mdPath := os.Args[2]
 	if !filepath.IsAbs(yamlPath) {
 		cwd, err := os.Getwd()
 		contract.AssertNoErrorf(err, "getting working directory")
 		yamlPath = filepath.Join(cwd, yamlPath)
 	}
 	if err := os.MkdirAll(mdPath, 0o750); err != nil {
 		panic(err)
 	}
 	fileInfo, err := os.Lstat(mdPath)
 	if err != nil || !fileInfo.IsDir() {
 		fmt.Fprintf(os.Stderr, "Expect markdown destination %q to be a directory\n", mdPath)
 		os.Exit(1)
 	}
 	yamlFiles, err := os.ReadDir(yamlPath)
 	if err != nil {
 		panic(err)
 	}
 	for _, yamlFile := range yamlFiles {
 		if err := processYaml(filepath.Join(yamlPath, yamlFile.Name()), mdPath); err != nil {
 			log.Fatal(fmt.Errorf("processing %q: %w", yamlFile.Name(), err))
 		}
 	}
 }
 func markdownExamples(examples []string) string {
 	s := "{{% examples %}}\n## Example Usage\n"
 	for _, example := range examples {
 		s += example
 	}
 	s += "{{% /examples %}}"
 	return s
 }
 func markdownExample(description string,
 	typescript string,
 	python string,
 	csharp string,
 	golang string,
 	yaml string,
 	java string,
 ) string {
 	return fmt.Sprintf("{{%% example %%}}\n### %s\n\n"+
 		"```typescript\n%s```\n"+
 		"```python\n%s```\n"+
 		"```csharp\n%s```\n"+
 		"```go\n%s```\n"+
 		"```yaml\n%s```\n"+
 		"```java\n%s```\n"+
 		"{{%% /example %%}}\n",
 		description, typescript, python, csharp, golang, yaml, java)
 }
 func convert(language, tempDir, programFile string) (string, error) {
 	exampleDir := filepath.Join(tempDir, "example"+language)
 	//nolint:gosec // No user-provided input.
 	cmd := exec.Command(
 		"pulumi",
 		"convert",
 		"--language",
 		language,
 		"--out",
 		filepath.Clean(filepath.Join(tempDir, exampleDir)),
 		"--generate-only",
 	)
 	cmd.Stderr = os.Stderr
 	cmd.Stdout = os.Stdout
 	cmd.Dir = tempDir
 	if err := cmd.Run(); err != nil {
 		return "", fmt.Errorf("converting: %w", err)
 	}
 	content, err := os.ReadFile(filepath.Clean(filepath.Join(tempDir, exampleDir, programFile)))
 	if err != nil {
 		return "", fmt.Errorf("reading: %w", err)
 	}
 	return string(content), nil
 }
 func processYaml(path, mdDir string) error {
 	yamlFile, err := os.Open(filepath.Clean(path))
 	if err != nil {
 		return err
 	}
 	base := filepath.Base(path)
 	md := strings.NewReplacer(".yaml", ".md", ".yml", ".md").Replace(base)
 	defer contract.IgnoreClose(yamlFile)
 	decoder := yaml.NewDecoder(yamlFile)
 	exampleStrings := []string{}
 	for {
 		keepGoing, err := func() (bool, error) {
 			example := map[string]interface{}{}
 			err := decoder.Decode(&example)
 			if err == io.EOF {
 				return false, nil
 			}
 			description, ok := example["description"].(string)
 			if !ok {
 				description = ""
 			}
 			dir, err := os.MkdirTemp("", "")
 			if err != nil {
 				return false, err
 			}
 			defer func() {
 				contract.IgnoreError(os.RemoveAll(dir))
 			}()
 			src, err := os.OpenFile(filepath.Clean(filepath.Join(dir, "Pulumi.yaml")), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0o600)
 			if err != nil {
 				return false, err
 			}
 			fmt.Println("Converting:", example)
 			if err := yaml.NewEncoder(src).Encode(example); err != nil {
 				return false, err
 			}
 			contract.AssertNoErrorf(src.Close(), "closing")
 			typescript, err := convert("typescript", dir, "index.ts")
 			if err != nil {
 				return false, err
 			}
 			python, err := convert("python", dir, "__main__.py")
 			if err != nil {
 				return false, err
 			}
 			csharp, err := convert("csharp", dir, "Program.cs")
 			if err != nil {
 				return false, err
 			}
 			golang, err := convert("go", dir, "main.go")
 			if err != nil {
 				return false, err
 			}
 			java, err := convert("java", dir, "src/main/java/generated_program/App.java")
 			if err != nil {
 				return false, err
 			}
 			yamlContent, err := os.ReadFile(filepath.Clean(filepath.Join(dir, "Pulumi.yaml")))
 			if err != nil {
 				return false, err
 			}
 			yaml := string(yamlContent)
 			exampleStrings = append(exampleStrings, markdownExample(description, typescript, python, csharp, golang, yaml, java))
 			return true, nil
 		}()
 		if err != nil {
 			return err
 		}
 		if !keepGoing {
 			break
 		}
 	}
 	_, _ = fmt.Fprintf(os.Stdout, "Writing %s\n", filepath.Join(mdDir, md))
 	f, err := os.OpenFile(filepath.Clean(filepath.Join(mdDir, md)), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0o600)
 	if err != nil {
 		return err
 	}
 	defer contract.IgnoreClose(f)
 	_, err = f.WriteString(markdownExamples(exampleStrings))
 	contract.AssertNoErrorf(err, "writing examples")
 	return nil
 }
--- a/docs/yaml/image-examples.yaml
+++ b/docs/yaml/image-examples.yaml
@@ -1,190 +0,0 @@
 name: ecr
 description: Push to AWS ECR with caching
 outputs:
  ref: ${my-image.ref}
 resources:
  ecr-repository:
    type: aws:ecr:Repository
  my-image:
    type: docker-build:Image
    properties:
      tags:
        - ${ecr-repository.repositoryUrl}:latest
      push: true
      context:
        location: ./app
      cacheFrom:
        - registry:
            ref: ${ecr-repository.repositoryUrl}:cache
      cacheTo:
        - registry:
            ref: ${ecr-repository.repositoryUrl}:cache
            imageManifest: true
            ociMediaTypes: true
      registries:
        - username: ${auth-token.userName}
          password: ${auth-token.password}
          address: ${ecr-repository.repositoryUrl}
 runtime: yaml
 variables:
  auth-token:
    fn::aws:ecr:getAuthorizationToken:
      registryId: ${ecr-repository.registryId}
 ---
 name: multi-platform
 runtime: yaml
 description: Multi-platform image
 resources:
  image:
    type: docker-build:Image
    properties:
      context:
        location: "app"
      platforms:
        - plan9/amd64
        - plan9/386
      push: false
 ---
 name: registry
 runtime: yaml
 description: Registry export
 resources:
  image:
    type: docker-build:Image
    properties:
      tags:
        - "docker.io/pulumi/pulumi:3.107.0"
      context:
        location: "app"
      push: true
      registries:
        - address: docker.io
          username: pulumibot
          password: ${dockerHubPassword}
 outputs:
  ref: ${my-image.ref}
 ---
 name: caching
 runtime: yaml
 description: Caching
 resources:
  image:
    type: docker-build:Image
    properties:
      context:
        location: "app"
      cacheTo:
        - local:
            dest: tmp/cache
            mode: max
      cacheFrom:
        - local:
            src: tmp/cache
      push: false
 ---
 name: dbc
 runtime: yaml
 description: Docker Build Cloud
 resources:
  image:
    type: docker-build:Image
    properties:
      context:
        location: "app"
      exec: true
      builder:
        name: cloud-builder-name
      push: false
 ---
 name: build-args
 runtime: yaml
 description: Build arguments
 resources:
  image:
    type: docker-build:Image
    properties:
      context:
        location: "app"
      buildArgs:
        SET_ME_TO_TRUE: "true"
      push: false
 ---
 name: build-target
 runtime: yaml
 description: Build target
 resources:
  image:
    type: docker-build:Image
    properties:
      context:
        location: "app"
      target: "build-me"
      push: false
 ---
 name: named-contexts
 runtime: yaml
 description: Named contexts
 resources:
  image:
    type: docker-build:Image
    properties:
      context:
        location: app
        named:
          "golang:latest":
            location: "docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984"
      push: false
 ---
 name: remote-context
 runtime: yaml
 description: Remote context
 resources:
  image:
    type: docker-build:Image
    properties:
      context:
        location: "https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile"
      push: false
 ---
 name: inline
 runtime: yaml
 description: Inline Dockerfile
 resources:
  image:
    type: docker-build:Image
    properties:
      dockerfile:
        inline: |
          FROM busybox
          COPY hello.c ./
      context:
        location: "app"
      push: false
 ---
 name: remote-context
 runtime: yaml
 description: Remote context
 resources:
  image:
    type: docker-build:Image
    properties:
      dockerfile:
        location: app/Dockerfile
      context:
        location: "https://github.com/docker-library/hello-world.git"
      push: false
 ---
 name: docker-load
 runtime: yaml
 description: Local export
 resources:
  image:
    type: docker-build:Image
    properties:
      context:
        location: "app"
      exports:
        - docker:
            tar: true
      push: false
--- a/docs/yaml/index-examples.yaml
+++ b/docs/yaml/index-examples.yaml
@@ -1,48 +0,0 @@
 name: registry-caching
 description: Multi-platform registry caching
 runtime: yaml
 resources:
  arm64:
    type: docker-build:Image
    properties:
      context:
        location: "app"
      platforms:
        - linux/arm64
      tags:
        - "docker.io/pulumi/pulumi:3.107.0-arm64"
      cacheTo:
        - registry:
            ref: "docker.io/pulumi/pulumi:cache-arm64"
            mode: max
      cacheFrom:
        - registry:
            ref: "docker.io/pulumi/pulumi:cache-arm64"
  amd64:
    type: docker-build:Image
    properties:
      context:
        location: "app"
      platforms:
        - linux/amd64
      tags:
        - "docker.io/pulumi/pulumi:3.107.0-amd64"
      cacheTo:
        - registry:
            ref: "docker.io/pulumi/pulumi:cache-amd64"
            mode: max
      cacheFrom:
        - registry:
            ref: "docker.io/pulumi/pulumi:cache-amd64"
  index:
    type: docker-build:Index
    properties:
      tag: "docker.io/pulumi/pulumi:3.107.0"
      sources:
        - ${amd64.ref}
        - ${arm64.ref}
 outputs:
  ref: ${index.ref}
--- a/examples/app/Dockerfile
+++ b/examples/app/Dockerfile
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo 👍
--- a/examples/app/Dockerfile.buildArgs
+++ b/examples/app/Dockerfile.buildArgs
@@ -1,5 +0,0 @@
 FROM alpine
 ARG SET_ME_TO_TRUE
 RUN [ "$SET_ME_TO_TRUE" = "true" ]
 RUN echo "That's the correct build arg, thanks! 👍"
--- a/examples/app/Dockerfile.emptyContext
+++ b/examples/app/Dockerfile.emptyContext
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo "This image doesn't use any local files, so it doesn't need a context parameter 👍"
--- a/examples/app/Dockerfile.extraHosts
+++ b/examples/app/Dockerfile.extraHosts
@@ -1,3 +0,0 @@
 FROM bash AS base
 RUN getent hosts metadata.google.internal
--- a/examples/app/Dockerfile.multiPlatform
+++ b/examples/app/Dockerfile.multiPlatform
@@ -1,7 +0,0 @@
 FROM --platform=$BUILDPLATFORM alpine as build
 RUN echo ${BUILDPLATFORM} > buildplatform
 RUN echo ${TARGETPLATFORM} > targetplatform
 FROM build
 RUN cat buildplatform
 RUN cat targetplatform
--- a/examples/app/Dockerfile.namedContexts
+++ b/examples/app/Dockerfile.namedContexts
@@ -1,5 +0,0 @@
 # syntax=docker/dockerfile:1.4
 FROM golang:latest
 RUN version="$(go version)" && echo $version && [ "$version" = "go version go1.21.7 linux/amd64" ]
 RUN echo "This image uses named contexts to pin golang:latest to a specific SHA 👍"
--- a/examples/app/Dockerfile.secrets
+++ b/examples/app/Dockerfile.secrets
@@ -1,4 +0,0 @@
 FROM alpine
 RUN --mount=type=secret,id=password [ "$(cat /run/secrets/password)" = "hunter2" ]
--- a/examples/app/Dockerfile.sshMount
+++ b/examples/app/Dockerfile.sshMount
@@ -1,5 +0,0 @@
 FROM alpine
 RUN apk add openssh-client
 RUN --mount=type=ssh ssh-add -l
--- a/examples/app/Dockerfile.target
+++ b/examples/app/Dockerfile.target
@@ -1,8 +0,0 @@
 FROM alpine as build-me
 RUN echo 👍
 FROM build-me as also-build-me
 RUN echo 🤙
 FROM build-me as dont-build-me
 RUN [ "true" = "false" ]
--- a/examples/dotnet/.dockerignore
+++ b/examples/dotnet/.dockerignore
@@ -1,2 +0,0 @@
 command-output
 tmp
--- a/examples/dotnet/Program.cs
+++ b/examples/dotnet/Program.cs
@@ -1,268 +1,21 @@
 using System.Collections.Generic;
 using System.Linq;
 using Pulumi;
-using DockerBuild = Pulumi.DockerBuild;
+using DockerNative = Pulumi.DockerNative;
 return await Deployment.RunAsync(() => 
 {
-    var config = new Config();
+    var myRandomResource = new DockerNative.Random("myRandomResource", new()
    var dockerHubPassword = config.Require("dockerHubPassword");
    var multiPlatform = new DockerBuild.Image("multiPlatform", new()
    {
-        Push = false,
+        Length = 24,
        Dockerfile = new DockerBuild.Inputs.DockerfileArgs
        {
            Location = "./app/Dockerfile.multiPlatform",
        },
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        Platforms = new[]
        {
            DockerBuild.Platform.Plan9_amd64,
            DockerBuild.Platform.Plan9_386,
        },
    });
    var registryPush = new DockerBuild.Image("registryPush", new()
    {
        Push = false,
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        Tags = new[]
        {
            "docker.io/pulumibot/buildkit-e2e:example",
        },
        Exports = new[]
        {
            new DockerBuild.Inputs.ExportArgs
            {
                Registry = new DockerBuild.Inputs.ExportRegistryArgs
                {
                    OciMediaTypes = true,
                    Push = false,
                },
            },
        },
        Registries = new[]
        {
            new DockerBuild.Inputs.RegistryArgs
            {
                Address = "docker.io",
                Username = "pulumibot",
                Password = dockerHubPassword,
            },
        },
    });
    var cached = new DockerBuild.Image("cached", new()
    {
        Push = false,
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        CacheTo = new[]
        {
            new DockerBuild.Inputs.CacheToArgs
            {
                Local = new DockerBuild.Inputs.CacheToLocalArgs
                {
                    Dest = "tmp/cache",
                    Mode = DockerBuild.CacheMode.Max,
                },
            },
        },
        CacheFrom = new[]
        {
            new DockerBuild.Inputs.CacheFromArgs
            {
                Local = new DockerBuild.Inputs.CacheFromLocalArgs
                {
                    Src = "tmp/cache",
                },
            },
        },
    });
    var buildArgs = new DockerBuild.Image("buildArgs", new()
    {
        Push = false,
        Dockerfile = new DockerBuild.Inputs.DockerfileArgs
        {
            Location = "./app/Dockerfile.buildArgs",
        },
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        BuildArgs = 
        {
            { "SET_ME_TO_TRUE", "true" },
        },
    });
    var extraHosts = new DockerBuild.Image("extraHosts", new()
    {
        Push = false,
        Dockerfile = new DockerBuild.Inputs.DockerfileArgs
        {
            Location = "./app/Dockerfile.extraHosts",
        },
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        AddHosts = new[]
        {
            "metadata.google.internal:169.254.169.254",
        },
    });
    var sshMount = new DockerBuild.Image("sshMount", new()
    {
        Push = false,
        Dockerfile = new DockerBuild.Inputs.DockerfileArgs
        {
            Location = "./app/Dockerfile.sshMount",
        },
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        Ssh = new[]
        {
            new DockerBuild.Inputs.SSHArgs
            {
                Id = "default",
            },
        },
    });
    var secrets = new DockerBuild.Image("secrets", new()
    {
        Push = false,
        Dockerfile = new DockerBuild.Inputs.DockerfileArgs
        {
            Location = "./app/Dockerfile.secrets",
        },
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        Secrets = 
        {
            { "password", "hunter2" },
        },
    });
    var labels = new DockerBuild.Image("labels", new()
    {
        Push = false,
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        Labels = 
        {
            { "description", "This image will get a descriptive label 👍" },
        },
    });
    var target = new DockerBuild.Image("target", new()
    {
        Push = false,
        Dockerfile = new DockerBuild.Inputs.DockerfileArgs
        {
            Location = "./app/Dockerfile.target",
        },
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        Target = "build-me",
    });
    var namedContexts = new DockerBuild.Image("namedContexts", new()
    {
        Push = false,
        Dockerfile = new DockerBuild.Inputs.DockerfileArgs
        {
            Location = "./app/Dockerfile.namedContexts",
        },
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
            Named = 
            {
                { "golang:latest", new DockerBuild.Inputs.ContextArgs
                {
                    Location = "docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984",
                } },
            },
        },
    });
    var remoteContext = new DockerBuild.Image("remoteContext", new()
    {
        Push = false,
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile",
        },
    });
    var remoteContextWithInline = new DockerBuild.Image("remoteContextWithInline", new()
    {
        Push = false,
        Dockerfile = new DockerBuild.Inputs.DockerfileArgs
        {
            Inline = @"FROM busybox
 COPY hello.c ./
 ",
        },
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "https://github.com/docker-library/hello-world.git",
        },
    });
    var inline = new DockerBuild.Image("inline", new()
    {
        Push = false,
        Dockerfile = new DockerBuild.Inputs.DockerfileArgs
        {
            Inline = @"FROM alpine
 RUN echo ""This uses an inline Dockerfile! 👍""
 ",
        },
    });
    var dockerLoad = new DockerBuild.Image("dockerLoad", new()
    {
        Push = false,
        Context = new DockerBuild.Inputs.BuildContextArgs
        {
            Location = "./app",
        },
        Exports = new[]
        {
            new DockerBuild.Inputs.ExportArgs
            {
                Docker = new DockerBuild.Inputs.ExportDockerArgs
                {
                    Tar = true,
                },
            },
        },
    });
    return new Dictionary<string, object?>
    {
-        ["platforms"] = multiPlatform.Platforms,
+        ["output"] = 
        {
            { "value", myRandomResource.Result },
        },
    };
 });
--- a/examples/dotnet/Pulumi.yaml
+++ b/examples/dotnet/Pulumi.yaml
@@ -1,10 +1,6 @@
-name: provider-docker-build
+name: provider-docker-native
 runtime: dotnet
 config:
  dockerHubPassword:
    type: string
    secret: true
 plugins:
  providers:
-    - name: docker-build
+    - name: docker-native
      path: ../../bin
--- a/examples/dotnet/app/Dockerfile
+++ b/examples/dotnet/app/Dockerfile
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo 👍
--- a/examples/dotnet/app/Dockerfile.buildArgs
+++ b/examples/dotnet/app/Dockerfile.buildArgs
@@ -1,5 +0,0 @@
 FROM alpine
 ARG SET_ME_TO_TRUE
 RUN [ "$SET_ME_TO_TRUE" = "true" ]
 RUN echo "That's the correct build arg, thanks! 👍"
--- a/examples/dotnet/app/Dockerfile.emptyContext
+++ b/examples/dotnet/app/Dockerfile.emptyContext
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo "This image doesn't use any local files, so it doesn't need a context parameter 👍"
--- a/examples/dotnet/app/Dockerfile.extraHosts
+++ b/examples/dotnet/app/Dockerfile.extraHosts
@@ -1,3 +0,0 @@
 FROM bash AS base
 RUN getent hosts metadata.google.internal
--- a/examples/dotnet/app/Dockerfile.multiPlatform
+++ b/examples/dotnet/app/Dockerfile.multiPlatform
@@ -1,7 +0,0 @@
 FROM --platform=$BUILDPLATFORM alpine as build
 RUN echo ${BUILDPLATFORM} > buildplatform
 RUN echo ${TARGETPLATFORM} > targetplatform
 FROM build
 RUN cat buildplatform
 RUN cat targetplatform
--- a/examples/dotnet/app/Dockerfile.namedContexts
+++ b/examples/dotnet/app/Dockerfile.namedContexts
@@ -1,5 +0,0 @@
 # syntax=docker/dockerfile:1.4
 FROM golang:latest
 RUN version="$(go version)" && echo $version && [ "$version" = "go version go1.21.7 linux/amd64" ]
 RUN echo "This image uses named contexts to pin golang:latest to a specific SHA 👍"
--- a/examples/dotnet/app/Dockerfile.secrets
+++ b/examples/dotnet/app/Dockerfile.secrets
@@ -1,4 +0,0 @@
 FROM alpine
 RUN --mount=type=secret,id=password [ "$(cat /run/secrets/password)" = "hunter2" ]
--- a/examples/dotnet/app/Dockerfile.sshMount
+++ b/examples/dotnet/app/Dockerfile.sshMount
@@ -1,5 +0,0 @@
 FROM alpine
 RUN apk add openssh-client
 RUN --mount=type=ssh ssh-add -l
--- a/examples/dotnet/app/Dockerfile.target
+++ b/examples/dotnet/app/Dockerfile.target
@@ -1,8 +0,0 @@
 FROM alpine as build-me
 RUN echo 👍
 FROM build-me as also-build-me
 RUN echo 🤙
 FROM build-me as dont-build-me
 RUN [ "true" = "false" ]
--- a/examples/dotnet/provider-docker-native.csproj
+++ b/examples/dotnet/provider-docker-native.csproj
@@ -8,7 +8,7 @@
 	<ItemGroup>
 		<PackageReference Include="Pulumi" Version="3.*" />
-		<PackageReference Include="Pulumi.DockerBuild" Version="0.0.2-alpha.1712594380+4cd6d49b.dirty" />
+		<PackageReference Include="Pulumi.DockerNative" Version="0.0.1-alpha.1709848295+3427e611.dirty" />
 	</ItemGroup>
 </Project>
--- a/examples/dotnet_test.go
+++ b/examples/dotnet_test.go
@@ -1,39 +0,0 @@
 //go:build dotnet || all
 // +build dotnet all
 package examples
 import (
 	"os"
 	"os/exec"
 	"path"
 	"path/filepath"
 	"testing"
 	"github.com/pulumi/pulumi/pkg/v3/testing/integration"
 	"github.com/stretchr/testify/require"
 )
 func TestDotNetExample(t *testing.T) {
 	cwd, err := os.Getwd()
 	require.NoError(t, err)
 	nuget := filepath.Join(cwd, "../nuget")
 	t.Setenv("PULUMI_LOCAL_NUGET", nuget)
 	cmd := exec.Command("dotnet", "nuget", "add", "source", nuget)
 	_ = cmd.Run()
 	test := integration.ProgramTestOptions{
 		Dir: path.Join(cwd, "dotnet"),
 		Dependencies: []string{
 			"Pulumi.DockerBuild",
 		},
 		Secrets: map[string]string{
 			"dockerHubPassword": os.Getenv("DOCKER_HUB_PASSWORD"),
 		},
 		NoParallel: true,
 	}
 	integration.ProgramTest(t, &test)
 }
--- a/examples/go/.dockerignore
+++ b/examples/go/.dockerignore
@@ -1,2 +0,0 @@
 command-output
 tmp
--- a/examples/go/Pulumi.yaml
+++ b/examples/go/Pulumi.yaml
@@ -1,10 +1,6 @@
-name: provider-docker-build
+name: provider-docker-native
 runtime: go
 config:
  dockerHubPassword:
    type: string
    secret: true
 plugins:
  providers:
-    - name: docker-build
+    - name: docker-native
      path: ../../bin
--- a/examples/go/app/Dockerfile
+++ b/examples/go/app/Dockerfile
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo 👍
--- a/examples/go/app/Dockerfile.buildArgs
+++ b/examples/go/app/Dockerfile.buildArgs
@@ -1,5 +0,0 @@
 FROM alpine
 ARG SET_ME_TO_TRUE
 RUN [ "$SET_ME_TO_TRUE" = "true" ]
 RUN echo "That's the correct build arg, thanks! 👍"
--- a/examples/go/app/Dockerfile.emptyContext
+++ b/examples/go/app/Dockerfile.emptyContext
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo "This image doesn't use any local files, so it doesn't need a context parameter 👍"
--- a/examples/go/app/Dockerfile.extraHosts
+++ b/examples/go/app/Dockerfile.extraHosts
@@ -1,3 +0,0 @@
 FROM bash AS base
 RUN getent hosts metadata.google.internal
--- a/examples/go/app/Dockerfile.multiPlatform
+++ b/examples/go/app/Dockerfile.multiPlatform
@@ -1,7 +0,0 @@
 FROM --platform=$BUILDPLATFORM alpine as build
 RUN echo ${BUILDPLATFORM} > buildplatform
 RUN echo ${TARGETPLATFORM} > targetplatform
 FROM build
 RUN cat buildplatform
 RUN cat targetplatform
--- a/examples/go/app/Dockerfile.namedContexts
+++ b/examples/go/app/Dockerfile.namedContexts
@@ -1,5 +0,0 @@
 # syntax=docker/dockerfile:1.4
 FROM golang:latest
 RUN version="$(go version)" && echo $version && [ "$version" = "go version go1.21.7 linux/amd64" ]
 RUN echo "This image uses named contexts to pin golang:latest to a specific SHA 👍"
--- a/examples/go/app/Dockerfile.secrets
+++ b/examples/go/app/Dockerfile.secrets
@@ -1,4 +0,0 @@
 FROM alpine
 RUN --mount=type=secret,id=password [ "$(cat /run/secrets/password)" = "hunter2" ]
--- a/examples/go/app/Dockerfile.sshMount
+++ b/examples/go/app/Dockerfile.sshMount
@@ -1,5 +0,0 @@
 FROM alpine
 RUN apk add openssh-client
 RUN --mount=type=ssh ssh-add -l
--- a/examples/go/app/Dockerfile.target
+++ b/examples/go/app/Dockerfile.target
@@ -1,8 +0,0 @@
 FROM alpine as build-me
 RUN echo 👍
 FROM build-me as also-build-me
 RUN echo 🤙
 FROM build-me as dont-build-me
 RUN [ "true" = "false" ]
--- a/examples/go/go.mod
+++ b/examples/go/go.mod
@@ -1,95 +1,7 @@
-module provider-docker-build
+module provider-docker-native
-go 1.21.7
+go 1.20
 toolchain go1.21.9
 require (
-	github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.0-20240425180359-26c144c916b7
+	github.com/pulumi/pulumi/sdk/v3 v3.30.0
 	github.com/pulumi/pulumi/sdk/v3 v3.128.0
 )
 require (
 	dario.cat/mergo v1.0.0 // indirect
 	github.com/BurntSushi/toml v1.2.1 // indirect
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/ProtonMail/go-crypto v1.0.0 // indirect
 	github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
 	github.com/atotto/clipboard v0.1.4 // indirect
 	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
 	github.com/blang/semver v3.5.1+incompatible // indirect
 	github.com/charmbracelet/bubbles v0.16.1 // indirect
 	github.com/charmbracelet/bubbletea v0.25.0 // indirect
 	github.com/charmbracelet/lipgloss v0.7.1 // indirect
 	github.com/cheggaaa/pb v1.0.29 // indirect
 	github.com/cloudflare/circl v1.3.7 // indirect
 	github.com/containerd/console v1.0.4 // indirect
 	github.com/cyphar/filepath-securejoin v0.2.4 // indirect
 	github.com/djherbis/times v1.5.0 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
 	github.com/go-git/go-billy/v5 v5.5.0 // indirect
 	github.com/go-git/go-git/v5 v5.12.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/glog v1.2.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/hcl/v2 v2.19.1 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
 	github.com/kevinburke/ssh_config v1.2.0 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mattn/go-localereader v0.0.1 // indirect
 	github.com/mattn/go-runewidth v0.0.15 // indirect
 	github.com/mitchellh/go-ps v1.0.0 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
 	github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
 	github.com/muesli/cancelreader v0.2.2 // indirect
 	github.com/muesli/reflow v0.3.0 // indirect
 	github.com/muesli/termenv v0.15.2 // indirect
 	github.com/opentracing/basictracer-go v1.1.0 // indirect
 	github.com/opentracing/opentracing-go v1.2.0 // indirect
 	github.com/pgavlin/fx v0.1.6 // indirect
 	github.com/pjbgf/sha1cd v0.3.0 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pkg/term v1.1.0 // indirect
 	github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect
 	github.com/pulumi/esc v0.9.1 // indirect
 	github.com/rivo/uniseg v0.4.4 // indirect
 	github.com/rogpeppe/go-internal v1.12.0 // indirect
 	github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect
 	github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect
 	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
 	github.com/skeema/knownhosts v1.2.2 // indirect
 	github.com/spf13/cast v1.5.0 // indirect
 	github.com/spf13/cobra v1.8.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/texttheater/golang-levenshtein v1.0.1 // indirect
 	github.com/tweekmonster/luser v0.0.0-20161003172636-3fa38070dbd7 // indirect
 	github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect
 	github.com/uber/jaeger-lib v2.4.1+incompatible // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/zclconf/go-cty v1.14.1 // indirect
 	go.uber.org/atomic v1.10.0 // indirect
 	golang.org/x/crypto v0.24.0 // indirect
 	golang.org/x/exp v0.0.0-20240604190554-fc45aab8b7f8 // indirect
 	golang.org/x/mod v0.18.0 // indirect
 	golang.org/x/net v0.26.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
 	golang.org/x/sys v0.21.0 // indirect
 	golang.org/x/term v0.21.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
 	golang.org/x/tools v0.22.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20240311173647-c811ad7063a7 // indirect
 	google.golang.org/grpc v1.63.2 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	lukechampine.com/frand v1.4.2 // indirect
 )
--- a/examples/go/main.go
+++ b/examples/go/main.go
@@ -1,233 +1,21 @@
 package main
 import (
-	"github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
+	"github.com/pulumi/pulumi-docker-native/sdk/go/docker"
 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
 	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
 )
 func main() {
 	pulumi.Run(func(ctx *pulumi.Context) error {
-		cfg := config.New(ctx, "")
+		myRandomResource, err := docker.NewRandom(ctx, "myRandomResource", &docker.RandomArgs{
-		dockerHubPassword := cfg.Require("dockerHubPassword")
+			Length: pulumi.Int(24),
 		multiPlatform, err := dockerbuild.NewImage(ctx, "multiPlatform", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Dockerfile: &dockerbuild.DockerfileArgs{
 				Location: pulumi.String("./app/Dockerfile.multiPlatform"),
 			},
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			Platforms: dockerbuild.PlatformArray{
 				dockerbuild.Platform_Plan9_amd64,
 				dockerbuild.Platform_Plan9_386,
 			},
 		})
 		if err != nil {
 			return err
 		}
-		_, err = dockerbuild.NewImage(ctx, "registryPush", &dockerbuild.ImageArgs{
+		ctx.Export("output", map[string]interface{}{
-			Push: pulumi.Bool(false),
+			"value": myRandomResource.Result,
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			Tags: pulumi.StringArray{
 				pulumi.String("docker.io/pulumibot/buildkit-e2e:example"),
 			},
 			Exports: dockerbuild.ExportArray{
 				&dockerbuild.ExportArgs{
 					Registry: &dockerbuild.ExportRegistryArgs{
 						OciMediaTypes: pulumi.Bool(true),
 						Push:          pulumi.Bool(false),
 					},
 				},
 			},
 			Registries: dockerbuild.RegistryArray{
 				&dockerbuild.RegistryArgs{
 					Address:  pulumi.String("docker.io"),
 					Username: pulumi.String("pulumibot"),
 					Password: pulumi.String(dockerHubPassword),
 				},
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "cached", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			CacheTo: dockerbuild.CacheToArray{
 				&dockerbuild.CacheToArgs{
 					Local: &dockerbuild.CacheToLocalArgs{
 						Dest: pulumi.String("tmp/cache"),
 						Mode: dockerbuild.CacheModeMax,
 					},
 				},
 			},
 			CacheFrom: dockerbuild.CacheFromArray{
 				&dockerbuild.CacheFromArgs{
 					Local: &dockerbuild.CacheFromLocalArgs{
 						Src: pulumi.String("tmp/cache"),
 					},
 				},
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "buildArgs", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Dockerfile: &dockerbuild.DockerfileArgs{
 				Location: pulumi.String("./app/Dockerfile.buildArgs"),
 			},
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			BuildArgs: pulumi.StringMap{
 				"SET_ME_TO_TRUE": pulumi.String("true"),
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "extraHosts", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Dockerfile: &dockerbuild.DockerfileArgs{
 				Location: pulumi.String("./app/Dockerfile.extraHosts"),
 			},
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			AddHosts: pulumi.StringArray{
 				pulumi.String("metadata.google.internal:169.254.169.254"),
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "sshMount", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Dockerfile: &dockerbuild.DockerfileArgs{
 				Location: pulumi.String("./app/Dockerfile.sshMount"),
 			},
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			Ssh: dockerbuild.SSHArray{
 				&dockerbuild.SSHArgs{
 					Id: pulumi.String("default"),
 				},
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "secrets", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Dockerfile: &dockerbuild.DockerfileArgs{
 				Location: pulumi.String("./app/Dockerfile.secrets"),
 			},
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			Secrets: pulumi.StringMap{
 				"password": pulumi.String("hunter2"),
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "labels", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			Labels: pulumi.StringMap{
 				"description": pulumi.String("This image will get a descriptive label 👍"),
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "target", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Dockerfile: &dockerbuild.DockerfileArgs{
 				Location: pulumi.String("./app/Dockerfile.target"),
 			},
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			Target: pulumi.String("build-me"),
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "namedContexts", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Dockerfile: &dockerbuild.DockerfileArgs{
 				Location: pulumi.String("./app/Dockerfile.namedContexts"),
 			},
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 				Named: dockerbuild.ContextMap{
 					"golang:latest": &dockerbuild.ContextArgs{
 						Location: pulumi.String("docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984"),
 					},
 				},
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "remoteContext", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile"),
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "remoteContextWithInline", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Dockerfile: &dockerbuild.DockerfileArgs{
 				Inline: pulumi.String("FROM busybox\nCOPY hello.c ./\n"),
 			},
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("https://github.com/docker-library/hello-world.git"),
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "inline", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Dockerfile: &dockerbuild.DockerfileArgs{
 				Inline: pulumi.String("FROM alpine\nRUN echo \"This uses an inline Dockerfile! 👍\"\n"),
 			},
 		})
 		if err != nil {
 			return err
 		}
 		_, err = dockerbuild.NewImage(ctx, "dockerLoad", &dockerbuild.ImageArgs{
 			Push: pulumi.Bool(false),
 			Context: &dockerbuild.BuildContextArgs{
 				Location: pulumi.String("./app"),
 			},
 			Exports: dockerbuild.ExportArray{
 				&dockerbuild.ExportArgs{
 					Docker: &dockerbuild.ExportDockerArgs{
 						Tar: pulumi.Bool(true),
 					},
 				},
 			},
 		})
 		if err != nil {
 			return err
 		}
 		ctx.Export("platforms", multiPlatform.Platforms)
 		return nil
 	})
 }
--- a/examples/go_test.go
+++ b/examples/go_test.go
@@ -1,30 +0,0 @@
 //go:build go || all
 // +build go all
 package examples
 import (
 	"os"
 	"path"
 	"testing"
 	"github.com/pulumi/pulumi/pkg/v3/testing/integration"
 	"github.com/stretchr/testify/require"
 )
 func TestGoExample(t *testing.T) {
 	cwd, err := os.Getwd()
 	require.NoError(t, err)
 	test := integration.ProgramTestOptions{
 		Dir: path.Join(cwd, "go"),
 		Dependencies: []string{
 			"github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild=../sdk/go/dockerbuild",
 		},
 		Secrets: map[string]string{
 			"dockerHubPassword": os.Getenv("DOCKER_HUB_PASSWORD"),
 		},
 	}
 	integration.ProgramTest(t, &test)
 }
--- a/examples/java/.dockerignore
+++ b/examples/java/.dockerignore
@@ -1,2 +0,0 @@
 command-output
 tmp
--- a/examples/java/Pulumi.yaml
+++ b/examples/java/Pulumi.yaml
@@ -1,10 +0,0 @@
 name: provider-docker-build
 runtime: java
 config:
  dockerHubPassword:
    type: string
    secret: true
 plugins:
  providers:
    - name: docker-build
      path: ../../bin
--- a/examples/java/app/Dockerfile
+++ b/examples/java/app/Dockerfile
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo 👍
--- a/examples/java/app/Dockerfile.buildArgs
+++ b/examples/java/app/Dockerfile.buildArgs
@@ -1,5 +0,0 @@
 FROM alpine
 ARG SET_ME_TO_TRUE
 RUN [ "$SET_ME_TO_TRUE" = "true" ]
 RUN echo "That's the correct build arg, thanks! 👍"
--- a/examples/java/app/Dockerfile.emptyContext
+++ b/examples/java/app/Dockerfile.emptyContext
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo "This image doesn't use any local files, so it doesn't need a context parameter 👍"
--- a/examples/java/app/Dockerfile.extraHosts
+++ b/examples/java/app/Dockerfile.extraHosts
@@ -1,3 +0,0 @@
 FROM bash AS base
 RUN getent hosts metadata.google.internal
--- a/examples/java/app/Dockerfile.multiPlatform
+++ b/examples/java/app/Dockerfile.multiPlatform
@@ -1,7 +0,0 @@
 FROM --platform=$BUILDPLATFORM alpine as build
 RUN echo ${BUILDPLATFORM} > buildplatform
 RUN echo ${TARGETPLATFORM} > targetplatform
 FROM build
 RUN cat buildplatform
 RUN cat targetplatform
--- a/examples/java/app/Dockerfile.namedContexts
+++ b/examples/java/app/Dockerfile.namedContexts
@@ -1,5 +0,0 @@
 # syntax=docker/dockerfile:1.4
 FROM golang:latest
 RUN version="$(go version)" && echo $version && [ "$version" = "go version go1.21.7 linux/amd64" ]
 RUN echo "This image uses named contexts to pin golang:latest to a specific SHA 👍"
--- a/examples/java/app/Dockerfile.secrets
+++ b/examples/java/app/Dockerfile.secrets
@@ -1,4 +0,0 @@
 FROM alpine
 RUN --mount=type=secret,id=password [ "$(cat /run/secrets/password)" = "hunter2" ]
--- a/examples/java/app/Dockerfile.sshMount
+++ b/examples/java/app/Dockerfile.sshMount
@@ -1,5 +0,0 @@
 FROM alpine
 RUN apk add openssh-client
 RUN --mount=type=ssh ssh-add -l
--- a/examples/java/app/Dockerfile.target
+++ b/examples/java/app/Dockerfile.target
@@ -1,8 +0,0 @@
 FROM alpine as build-me
 RUN echo 👍
 FROM build-me as also-build-me
 RUN echo 🤙
 FROM build-me as dont-build-me
 RUN [ "true" = "false" ]
--- a/examples/java/pom.xml
+++ b/examples/java/pom.xml
@@ -1,92 +0,0 @@
 <?xml version="1.0" encoding="UTF-8"?>
 		<project xmlns="http://maven.apache.org/POM/4.0.0"
 				 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 				 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 			<modelVersion>4.0.0</modelVersion>
 			<groupId>com.pulumi</groupId>
 			<artifactId>provider-docker-build</artifactId>
 			<version>1.0-SNAPSHOT</version>
 			<properties>
 				<encoding>UTF-8</encoding>
 				<maven.compiler.source>11</maven.compiler.source>
 				<maven.compiler.target>11</maven.compiler.target>
 				<maven.compiler.release>11</maven.compiler.release>
 				<mainClass>generated_program.App</mainClass>
 				<mainArgs/>
 			</properties>
 			<dependencies>
 				<dependency>
 					<groupId>com.pulumi</groupId>
 					<artifactId>pulumi</artifactId>
 					<version>(,1.0]</version>
 				</dependency>
 				<dependency>
            		<groupId>com.pulumi</groupId>
            		<artifactId>docker-build</artifactId>
                    <version>[0.0.0,)</version>
        		</dependency>
 			</dependencies>
 			<build>
 				<plugins>
 					<plugin>
 						<groupId>org.apache.maven.plugins</groupId>
 						<artifactId>maven-jar-plugin</artifactId>
 						<version>3.2.2</version>
 						<configuration>
 							<archive>
 								<manifest>
 									<addClasspath>true</addClasspath>
 									<mainClass>${mainClass}</mainClass>
 								</manifest>
 							</archive>
 						</configuration>
 					</plugin>
 					<plugin>
 						<groupId>org.apache.maven.plugins</groupId>
 						<artifactId>maven-assembly-plugin</artifactId>
 						<version>3.4.2</version>
 						<configuration>
 							<archive>
 								<manifest>
 									<addClasspath>true</addClasspath>
 									<mainClass>${mainClass}</mainClass>
 								</manifest>
 							</archive>
 							<descriptorRefs>
 								<descriptorRef>jar-with-dependencies</descriptorRef>
 							</descriptorRefs>
 						</configuration>
 						<executions>
 							<execution>
 								<id>make-my-jar-with-dependencies</id>
 								<phase>package</phase>
 								<goals>
 									<goal>single</goal>
 								</goals>
 							</execution>
 						</executions>
 					</plugin>
 					<plugin>
 						<groupId>org.codehaus.mojo</groupId>
 						<artifactId>exec-maven-plugin</artifactId>
 						<version>3.1.0</version>
 						<configuration>
 							<mainClass>${mainClass}</mainClass>
 							<commandlineArgs>${mainArgs}</commandlineArgs>
 						</configuration>
 					</plugin>
 					<plugin>
 						<groupId>org.apache.maven.plugins</groupId>
 						<artifactId>maven-wrapper-plugin</artifactId>
 						<version>3.1.1</version>
 						<configuration>
 							<mavenVersion>3.8.5</mavenVersion>
 						</configuration>
 					</plugin>
 				</plugins>
 			</build>
 		</project>
--- a/examples/java/src/main/java/generated_program/App.java
+++ b/examples/java/src/main/java/generated_program/App.java
@@ -1,204 +0,0 @@
 package generated_program;
 import com.pulumi.Context;
 import com.pulumi.Pulumi;
 import com.pulumi.core.Output;
 import com.pulumi.dockerbuild.Image;
 import com.pulumi.dockerbuild.ImageArgs;
 import com.pulumi.dockerbuild.inputs.DockerfileArgs;
 import com.pulumi.dockerbuild.inputs.BuildContextArgs;
 import com.pulumi.dockerbuild.inputs.ExportArgs;
 import com.pulumi.dockerbuild.inputs.ExportRegistryArgs;
 import com.pulumi.dockerbuild.inputs.RegistryArgs;
 import com.pulumi.dockerbuild.inputs.CacheToArgs;
 import com.pulumi.dockerbuild.inputs.CacheToLocalArgs;
 import com.pulumi.dockerbuild.inputs.CacheFromArgs;
 import com.pulumi.dockerbuild.inputs.CacheFromLocalArgs;
 import com.pulumi.dockerbuild.inputs.SSHArgs;
 import com.pulumi.dockerbuild.inputs.ExportDockerArgs;
 import java.util.List;
 import java.util.ArrayList;
 import java.util.Map;
 import java.io.File;
 import java.nio.file.Files;
 import java.nio.file.Paths;
 public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var config = ctx.config();
        final var dockerHubPassword = config.get("dockerHubPassword");
        var multiPlatform = new Image("multiPlatform", ImageArgs.builder()        
            .push(false)
            .dockerfile(DockerfileArgs.builder()
                .location("./app/Dockerfile.multiPlatform")
                .build())
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .platforms(            
                "plan9/amd64",
                "plan9/386")
            .build());
        var registryPush = new Image("registryPush", ImageArgs.builder()        
            .push(false)
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .tags("docker.io/pulumibot/buildkit-e2e:example")
            .exports(ExportArgs.builder()
                .registry(ExportRegistryArgs.builder()
                    .ociMediaTypes(true)
                    .push(false)
                    .build())
                .build())
            .registries(RegistryArgs.builder()
                .address("docker.io")
                .username("pulumibot")
                .password(dockerHubPassword)
                .build())
            .build());
        var cached = new Image("cached", ImageArgs.builder()        
            .push(false)
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .cacheTo(CacheToArgs.builder()
                .local(CacheToLocalArgs.builder()
                    .dest("tmp/cache")
                    .mode("max")
                    .build())
                .build())
            .cacheFrom(CacheFromArgs.builder()
                .local(CacheFromLocalArgs.builder()
                    .src("tmp/cache")
                    .build())
                .build())
            .build());
        var buildArgs = new Image("buildArgs", ImageArgs.builder()        
            .push(false)
            .dockerfile(DockerfileArgs.builder()
                .location("./app/Dockerfile.buildArgs")
                .build())
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .buildArgs(Map.of("SET_ME_TO_TRUE", "true"))
            .build());
        var extraHosts = new Image("extraHosts", ImageArgs.builder()        
            .push(false)
            .dockerfile(DockerfileArgs.builder()
                .location("./app/Dockerfile.extraHosts")
                .build())
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .addHosts("metadata.google.internal:169.254.169.254")
            .build());
        var sshMount = new Image("sshMount", ImageArgs.builder()        
            .push(false)
            .dockerfile(DockerfileArgs.builder()
                .location("./app/Dockerfile.sshMount")
                .build())
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .ssh(SSHArgs.builder()
                .id("default")
                .build())
            .build());
        var secrets = new Image("secrets", ImageArgs.builder()        
            .push(false)
            .dockerfile(DockerfileArgs.builder()
                .location("./app/Dockerfile.secrets")
                .build())
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .secrets(Map.of("password", "hunter2"))
            .build());
        var labels = new Image("labels", ImageArgs.builder()        
            .push(false)
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .labels(Map.of("description", "This image will get a descriptive label 👍"))
            .build());
        var target = new Image("target", ImageArgs.builder()        
            .push(false)
            .dockerfile(DockerfileArgs.builder()
                .location("./app/Dockerfile.target")
                .build())
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .target("build-me")
            .build());
        var namedContexts = new Image("namedContexts", ImageArgs.builder()        
            .push(false)
            .dockerfile(DockerfileArgs.builder()
                .location("./app/Dockerfile.namedContexts")
                .build())
            .context(BuildContextArgs.builder()
                .location("./app")
                .named(Map.of("golang:latest", Map.of("location", "docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984")))
                .build())
            .build());
        var remoteContext = new Image("remoteContext", ImageArgs.builder()        
            .push(false)
            .context(BuildContextArgs.builder()
                .location("https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile")
                .build())
            .build());
        var remoteContextWithInline = new Image("remoteContextWithInline", ImageArgs.builder()        
            .push(false)
            .dockerfile(DockerfileArgs.builder()
                .inline("""
 FROM busybox
 COPY hello.c ./
                """)
                .build())
            .context(BuildContextArgs.builder()
                .location("https://github.com/docker-library/hello-world.git")
                .build())
            .build());
        var inline = new Image("inline", ImageArgs.builder()        
            .push(false)
            .dockerfile(DockerfileArgs.builder()
                .inline("""
 FROM alpine
 RUN echo "This uses an inline Dockerfile! 👍"
                """)
                .build())
            .build());
        var dockerLoad = new Image("dockerLoad", ImageArgs.builder()        
            .push(false)
            .context(BuildContextArgs.builder()
                .location("./app")
                .build())
            .exports(ExportArgs.builder()
                .docker(ExportDockerArgs.builder()
                    .tar(true)
                    .build())
                .build())
            .build());
        ctx.export("platforms", multiPlatform.platforms());
    }
 }
--- a/examples/java_test.go
+++ b/examples/java_test.go
@@ -1,29 +0,0 @@
 //go:build java || all
 // +build java all
 package examples
 import (
 	"os"
 	"path"
 	"testing"
 	"github.com/pulumi/pulumi/pkg/v3/testing/integration"
 	"github.com/stretchr/testify/require"
 )
 func TestJavaExample(t *testing.T) {
 	t.Skip("not working yet")
 	cwd, err := os.Getwd()
 	require.NoError(t, err)
 	test := integration.ProgramTestOptions{
 		Dir: path.Join(cwd, "java"),
 		Secrets: map[string]string{
 			"dockerHubPassword": os.Getenv("DOCKER_HUB_PASSWORD"),
 		},
 	}
 	integration.ProgramTest(t, &test)
 }
--- a/examples/main_test.go
+++ b/examples/main_test.go
@@ -1,61 +0,0 @@
 package examples
 import (
 	"crypto/rsa"
 	"errors"
 	"io"
 	"math/rand"
 	"net"
 	"os"
 	"path/filepath"
 	"testing"
 	"golang.org/x/crypto/ssh/agent"
 )
 func TestMain(m *testing.M) {
 	sock := sshagent()
 	os.Setenv("SSH_AUTH_SOCK", sock)
 	os.Exit(m.Run())
 }
 // sshagent crates an in-memory SSH agent with one identity.
 func sshagent() string {
 	dir, err := os.MkdirTemp(os.TempDir(), "docker-test-*")
 	if err != nil {
 		panic(err)
 	}
 	sock := filepath.Join(dir, "test.sock")
 	l, err := net.Listen("unix", sock)
 	if err != nil {
 		panic(err)
 	}
 	a := agent.NewKeyring()
 	//nolint:gosec
 	key, err := rsa.GenerateKey(rand.New(rand.NewSource(42)), 2048)
 	if err != nil {
 		panic(err)
 	}
 	err = a.Add(agent.AddedKey{PrivateKey: key})
 	if err != nil {
 		panic(err)
 	}
 	go func() {
 		for {
 			conn, err := l.Accept()
 			if err != nil {
 				panic(err)
 			}
 			if err := agent.ServeAgent(a, conn); err != nil && !errors.Is(err, io.EOF) {
 				panic(err)
 			}
 		}
 	}()
 	return sock
 }
--- a/examples/nodejs/.dockerignore
+++ b/examples/nodejs/.dockerignore
@@ -1,2 +0,0 @@
 command-output
 tmp
--- a/examples/nodejs/Pulumi.yaml
+++ b/examples/nodejs/Pulumi.yaml
@@ -1,10 +1,6 @@
-name: provider-docker-build
+name: provider-docker-native
 runtime: nodejs
 config:
  dockerHubPassword:
    type: string
    secret: true
 plugins:
  providers:
-    - name: docker-build
+    - name: docker-native
      path: ../../bin
--- a/examples/nodejs/app/Dockerfile
+++ b/examples/nodejs/app/Dockerfile
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo 👍
--- a/examples/nodejs/app/Dockerfile.buildArgs
+++ b/examples/nodejs/app/Dockerfile.buildArgs
@@ -1,5 +0,0 @@
 FROM alpine
 ARG SET_ME_TO_TRUE
 RUN [ "$SET_ME_TO_TRUE" = "true" ]
 RUN echo "That's the correct build arg, thanks! 👍"
--- a/examples/nodejs/app/Dockerfile.emptyContext
+++ b/examples/nodejs/app/Dockerfile.emptyContext
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo "This image doesn't use any local files, so it doesn't need a context parameter 👍"
--- a/examples/nodejs/app/Dockerfile.extraHosts
+++ b/examples/nodejs/app/Dockerfile.extraHosts
@@ -1,3 +0,0 @@
 FROM bash AS base
 RUN getent hosts metadata.google.internal
--- a/examples/nodejs/app/Dockerfile.multiPlatform
+++ b/examples/nodejs/app/Dockerfile.multiPlatform
@@ -1,7 +0,0 @@
 FROM --platform=$BUILDPLATFORM alpine as build
 RUN echo ${BUILDPLATFORM} > buildplatform
 RUN echo ${TARGETPLATFORM} > targetplatform
 FROM build
 RUN cat buildplatform
 RUN cat targetplatform
--- a/examples/nodejs/app/Dockerfile.namedContexts
+++ b/examples/nodejs/app/Dockerfile.namedContexts
@@ -1,5 +0,0 @@
 # syntax=docker/dockerfile:1.4
 FROM golang:latest
 RUN version="$(go version)" && echo $version && [ "$version" = "go version go1.21.7 linux/amd64" ]
 RUN echo "This image uses named contexts to pin golang:latest to a specific SHA 👍"
--- a/examples/nodejs/app/Dockerfile.secrets
+++ b/examples/nodejs/app/Dockerfile.secrets
@@ -1,4 +0,0 @@
 FROM alpine
 RUN --mount=type=secret,id=password [ "$(cat /run/secrets/password)" = "hunter2" ]
--- a/examples/nodejs/app/Dockerfile.sshMount
+++ b/examples/nodejs/app/Dockerfile.sshMount
@@ -1,5 +0,0 @@
 FROM alpine
 RUN apk add openssh-client
 RUN --mount=type=ssh ssh-add -l
--- a/examples/nodejs/app/Dockerfile.target
+++ b/examples/nodejs/app/Dockerfile.target
@@ -1,8 +0,0 @@
 FROM alpine as build-me
 RUN echo 👍
 FROM build-me as also-build-me
 RUN echo 🤙
 FROM build-me as dont-build-me
 RUN [ "true" = "false" ]
--- a/examples/nodejs/index.ts
+++ b/examples/nodejs/index.ts
@@ -1,169 +1,7 @@
 import * as pulumi from "@pulumi/pulumi";
-import * as docker_build from "@pulumi/docker-build";
+import * as docker_native from "@pulumi/docker-native";
-const config = new pulumi.Config();
+const myRandomResource = new docker_native.Random("myRandomResource", {length: 24});
-const dockerHubPassword = config.require("dockerHubPassword");
+export const output = {
-const multiPlatform = new docker_build.Image("multiPlatform", {
+    value: myRandomResource.result,
-    push: false,
+};
    dockerfile: {
        location: "./app/Dockerfile.multiPlatform",
    },
    context: {
        location: "./app",
    },
    platforms: [
        docker_build.Platform.Plan9_amd64,
        docker_build.Platform.Plan9_386,
    ],
 });
 const registryPush = new docker_build.Image("registryPush", {
    push: false,
    context: {
        location: "./app",
    },
    tags: ["docker.io/pulumibot/buildkit-e2e:example"],
    exports: [{
        registry: {
            ociMediaTypes: true,
            push: false,
        },
    }],
    registries: [{
        address: "docker.io",
        username: "pulumibot",
        password: dockerHubPassword,
    }],
 });
 const cached = new docker_build.Image("cached", {
    push: false,
    context: {
        location: "./app",
    },
    cacheTo: [{
        local: {
            dest: "tmp/cache",
            mode: docker_build.CacheMode.Max,
        },
    }],
    cacheFrom: [{
        local: {
            src: "tmp/cache",
        },
    }],
 });
 const buildArgs = new docker_build.Image("buildArgs", {
    push: false,
    dockerfile: {
        location: "./app/Dockerfile.buildArgs",
    },
    context: {
        location: "./app",
    },
    buildArgs: {
        SET_ME_TO_TRUE: "true",
    },
 });
 const extraHosts = new docker_build.Image("extraHosts", {
    push: false,
    dockerfile: {
        location: "./app/Dockerfile.extraHosts",
    },
    context: {
        location: "./app",
    },
    addHosts: ["metadata.google.internal:169.254.169.254"],
 });
 const sshMount = new docker_build.Image("sshMount", {
    push: false,
    dockerfile: {
        location: "./app/Dockerfile.sshMount",
    },
    context: {
        location: "./app",
    },
    ssh: [{
        id: "default",
    }],
 });
 const secrets = new docker_build.Image("secrets", {
    push: false,
    dockerfile: {
        location: "./app/Dockerfile.secrets",
    },
    context: {
        location: "./app",
    },
    secrets: {
        password: "hunter2",
    },
 });
 const labels = new docker_build.Image("labels", {
    push: false,
    context: {
        location: "./app",
    },
    labels: {
        description: "This image will get a descriptive label 👍",
    },
 });
 const target = new docker_build.Image("target", {
    push: false,
    dockerfile: {
        location: "./app/Dockerfile.target",
    },
    context: {
        location: "./app",
    },
    target: "build-me",
 });
 const namedContexts = new docker_build.Image("namedContexts", {
    push: false,
    dockerfile: {
        location: "./app/Dockerfile.namedContexts",
    },
    context: {
        location: "./app",
        named: {
            "golang:latest": {
                location: "docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984",
            },
        },
    },
 });
 const remoteContext = new docker_build.Image("remoteContext", {
    push: false,
    context: {
        location: "https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile",
    },
 });
 const remoteContextWithInline = new docker_build.Image("remoteContextWithInline", {
    push: false,
    dockerfile: {
        inline: `FROM busybox
 COPY hello.c ./
 `,
    },
    context: {
        location: "https://github.com/docker-library/hello-world.git",
    },
 });
 const inline = new docker_build.Image("inline", {
    push: false,
    dockerfile: {
        inline: `FROM alpine
 RUN echo "This uses an inline Dockerfile! 👍"
 `,
    },
 });
 const dockerLoad = new docker_build.Image("dockerLoad", {
    push: false,
    context: {
        location: "./app",
    },
    exports: [{
        docker: {
            tar: true,
        },
    }],
 });
 export const platforms = multiPlatform.platforms;
--- a/examples/nodejs/package.json
+++ b/examples/nodejs/package.json
@@ -1,10 +1,11 @@
 {
-  "name": "provider-docker-build",
+	"name": "provider-docker-native",
-  "devDependencies": {
+	"devDependencies": {
-    "@types/node": "^18"
+		"@types/node": "^14"
-  },
+	},
-  "dependencies": {
+	"dependencies": {
-    "typescript": "^4.0.0",
+		"typescript": "^4.0.0",
-    "@pulumi/pulumi": "^3.128.0"
+		"@pulumi/pulumi": "^3.0.0",
-  }
+		"@pulumi/docker-native": "0.0.1-alpha.1709848295+3427e611.dirty"
 	}
 }
--- a/examples/nodejs_test.go
+++ b/examples/nodejs_test.go
@@ -1,213 +0,0 @@
 //go:build nodejs || all
 // +build nodejs all
 package examples
 import (
 	"encoding/base64"
 	"fmt"
 	"math/rand"
 	"os"
 	"path"
 	"strings"
 	"testing"
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/ecr"
 	"github.com/pulumi/pulumi/pkg/v3/testing/integration"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 func TestNodeExample(t *testing.T) {
 	cwd, err := os.Getwd()
 	require.NoError(t, err)
 	test := integration.ProgramTestOptions{
 		Dir:          path.Join(cwd, "nodejs"),
 		Dependencies: []string{"@pulumi/docker-build"},
 		Secrets: map[string]string{
 			"dockerHubPassword": os.Getenv("DOCKER_HUB_PASSWORD"),
 		},
 	}
 	integration.ProgramTest(t, &test)
 }
 // TestCaching simulates a slow build with --cache-to enabled. We aren't able
 // to directly detect cache hits, so we re-run the update and confirm it took
 // less time than the image originally took to build.
 //
 // This is a moderately slow test because we need to "build" (i.e., sleep)
 // longer than it would take for cache layer uploads under slow network
 // conditions.
 func TestCaching(t *testing.T) {
 	t.Parallel()
 	sleep := 20.0 // seconds
 	// Provision ECR outside of our stack, because the cache needs to be shared
 	// across updates.
 	ecr, ecrOK := tmpEcr(t)
 	cwd, err := os.Getwd()
 	require.NoError(t, err)
 	localCache := t.TempDir()
 	tests := []struct {
 		name string
 		skip bool
 		cacheTo   string
 		cacheFrom string
 		address   string
 		username  string
 		password  string
 	}{
 		{
 			name:      "local",
 			cacheTo:   fmt.Sprintf("type=local,mode=max,oci-mediatypes=true,dest=%s", localCache),
 			cacheFrom: fmt.Sprintf("type=local,src=%s", localCache),
 		},
 		{
 			name:      "gha",
 			skip:      os.Getenv("ACTIONS_CACHE_URL") == "",
 			cacheTo:   "type=gha,mode=max,scope=cache-test",
 			cacheFrom: "type=gha,scope=cache-test",
 		},
 		{
 			name:      "dockerhub",
 			skip:      os.Getenv("DOCKER_HUB_PASSWORD") == "",
 			cacheTo:   "type=registry,mode=max,ref=docker.io/pulumibot/myapp:cache",
 			cacheFrom: "type=registry,ref=docker.io/pulumibot/myapp:cache",
 			address:   "docker.io",
 			username:  "pulumibot",
 			password:  os.Getenv("DOCKER_HUB_PASSWORD"),
 		},
 		{
 			name:      "ecr",
 			skip:      !ecrOK,
 			cacheTo:   fmt.Sprintf("type=registry,mode=max,image-manifest=true,oci-mediatypes=true,ref=%s:cache", ecr.address),
 			cacheFrom: fmt.Sprintf("type=registry,ref=%s:cache", ecr.address),
 			address:   ecr.address,
 			username:  ecr.username,
 			password:  ecr.password,
 		},
 	}
 	for _, tt := range tests {
 		tt := tt
 		t.Run(tt.name, func(t *testing.T) {
 			if tt.skip {
 				t.Skip("Missing environment variables")
 			}
 			sleepFuzzed := sleep + rand.Float64() // Add some fuzz to bust any prior build caches.
 			test := integration.ProgramTestOptions{
 				Dir: path.Join(cwd, "tests", "caching"),
 				ExtraRuntimeValidation: func(t *testing.T, stack integration.RuntimeValidationStackInfo) {
 					duration, ok := stack.Outputs["durationSeconds"]
 					assert.True(t, ok)
 					assert.Greater(t, duration.(float64), sleepFuzzed)
 				},
 				Dependencies: []string{"@pulumi/docker-build"},
 				Config: map[string]string{
 					"SLEEP_SECONDS": fmt.Sprint(sleepFuzzed),
 					"cacheTo":       tt.cacheTo,
 					"cacheFrom":     tt.cacheFrom,
 					"name":          tt.name,
 					"address":       tt.address,
 					"username":      tt.username,
 				},
 				Secrets: map[string]string{
 					"password": tt.password,
 				},
 				NoParallel:  true,
 				Quick:       true,
 				SkipPreview: true,
 				SkipRefresh: true,
 				Verbose:     true,
 			}
 			// First run should be un-cached.
 			integration.ProgramTest(t, &test)
 			// Now run again and confirm our build was faster due to a cache hit.
 			test.ExtraRuntimeValidation = func(t *testing.T, stack integration.RuntimeValidationStackInfo) {
 				duration, ok := stack.Outputs["durationSeconds"]
 				assert.True(t, ok)
 				assert.Less(t, duration.(float64), sleepFuzzed)
 			}
 			test.Config["name"] += "-cached"
 			integration.ProgramTest(t, &test)
 		})
 	}
 }
 type ECR struct {
 	address  string
 	username string
 	password string
 }
 // tmpEcr creates a new ECR repo and cleans it up after the test concludes.
 func tmpEcr(t *testing.T) (ECR, bool) {
 	sess, err := session.NewSession(&aws.Config{
 		Region: aws.String("us-west-2"),
 	})
 	if err != nil {
 		return ECR{}, false
 	}
 	svc := ecr.New(sess)
 	name := strings.ToLower(t.Name()) + fmt.Sprint(rand.Intn(1000))
 	// Always attempt to delete pre-existing repos, in case our cleanup didn't
 	// run.
 	_, _ = svc.DeleteRepository(&ecr.DeleteRepositoryInput{
 		Force:          aws.Bool(true),
 		RepositoryName: aws.String(name),
 	})
 	params := &ecr.CreateRepositoryInput{
 		RepositoryName: aws.String(name),
 	}
 	resp, err := svc.CreateRepository(params)
 	if err != nil {
 		return ECR{}, false
 	}
 	repo := resp.Repository
 	t.Cleanup(func() {
 		svc.DeleteRepository(&ecr.DeleteRepositoryInput{
 			Force:          aws.Bool(true),
 			RegistryId:     repo.RegistryId,
 			RepositoryName: repo.RepositoryName,
 		})
 	})
 	// Now grab auth for the repo.
 	auth, err := svc.GetAuthorizationToken(&ecr.GetAuthorizationTokenInput{})
 	if err != nil {
 		return ECR{}, false
 	}
 	b64token := auth.AuthorizationData[0].AuthorizationToken
 	token, err := base64.StdEncoding.DecodeString(*b64token)
 	if err != nil {
 		return ECR{}, false
 	}
 	parts := strings.SplitN(string(token), ":", 2)
 	if len(parts) != 2 {
 		return ECR{}, false
 	}
 	username := parts[0]
 	password := parts[1]
 	return ECR{
 		address:  *repo.RepositoryUri,
 		username: username,
 		password: password,
 	}, true
 }
--- a/examples/python/.dockerignore
+++ b/examples/python/.dockerignore
@@ -1,2 +0,0 @@
 command-output
 tmp
--- a/examples/python/Pulumi.yaml
+++ b/examples/python/Pulumi.yaml
@@ -1,10 +1,6 @@
-name: provider-docker-build
+name: provider-docker-native
 runtime: python
 config:
  dockerHubPassword:
    type: string
    secret: true
 plugins:
  providers:
-    - name: docker-build
+    - name: docker-native
      path: ../../bin
--- a/examples/python/main.py
+++ b/examples/python/main.py
@@ -1,155 +1,7 @@
 import pulumi
-import pulumi_docker_build as docker_build
+import pulumi_docker_native as docker_native
-config = pulumi.Config()
+my_random_resource = docker_native.Random("myRandomResource", length=24)
-docker_hub_password = config.require("dockerHubPassword")
+pulumi.export("output", {
-multi_platform = docker_build.Image("multiPlatform",
+    "value": my_random_resource.result,
-    push=False,
+})
    dockerfile=docker_build.DockerfileArgs(
        location="./app/Dockerfile.multiPlatform",
    ),
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    platforms=[
        docker_build.Platform.PLAN9_AMD64,
        docker_build.Platform.PLAN9_386,
    ])
 registry_push = docker_build.Image("registryPush",
    push=False,
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    tags=["docker.io/pulumibot/buildkit-e2e:example"],
    exports=[docker_build.ExportArgs(
        registry=docker_build.ExportRegistryArgs(
            oci_media_types=True,
            push=False,
        ),
    )],
    registries=[docker_build.RegistryArgs(
        address="docker.io",
        username="pulumibot",
        password=docker_hub_password,
    )])
 cached = docker_build.Image("cached",
    push=False,
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    cache_to=[docker_build.CacheToArgs(
        local=docker_build.CacheToLocalArgs(
            dest="tmp/cache",
            mode=docker_build.CacheMode.MAX,
        ),
    )],
    cache_from=[docker_build.CacheFromArgs(
        local=docker_build.CacheFromLocalArgs(
            src="tmp/cache",
        ),
    )])
 build_args = docker_build.Image("buildArgs",
    push=False,
    dockerfile=docker_build.DockerfileArgs(
        location="./app/Dockerfile.buildArgs",
    ),
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    build_args={
        "SET_ME_TO_TRUE": "true",
    })
 extra_hosts = docker_build.Image("extraHosts",
    push=False,
    dockerfile=docker_build.DockerfileArgs(
        location="./app/Dockerfile.extraHosts",
    ),
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    add_hosts=["metadata.google.internal:169.254.169.254"])
 ssh_mount = docker_build.Image("sshMount",
    push=False,
    dockerfile=docker_build.DockerfileArgs(
        location="./app/Dockerfile.sshMount",
    ),
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    ssh=[docker_build.SSHArgs(
        id="default",
    )])
 secrets = docker_build.Image("secrets",
    push=False,
    dockerfile=docker_build.DockerfileArgs(
        location="./app/Dockerfile.secrets",
    ),
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    secrets={
        "password": "hunter2",
    })
 labels = docker_build.Image("labels",
    push=False,
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    labels={
        "description": "This image will get a descriptive label 👍",
    })
 target = docker_build.Image("target",
    push=False,
    dockerfile=docker_build.DockerfileArgs(
        location="./app/Dockerfile.target",
    ),
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    target="build-me")
 named_contexts = docker_build.Image("namedContexts",
    push=False,
    dockerfile=docker_build.DockerfileArgs(
        location="./app/Dockerfile.namedContexts",
    ),
    context=docker_build.BuildContextArgs(
        location="./app",
        named={
            "golang:latest": docker_build.ContextArgs(
                location="docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984",
            ),
        },
    ))
 remote_context = docker_build.Image("remoteContext",
    push=False,
    context=docker_build.BuildContextArgs(
        location="https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile",
    ))
 remote_context_with_inline = docker_build.Image("remoteContextWithInline",
    push=False,
    dockerfile=docker_build.DockerfileArgs(
        inline="""FROM busybox
 COPY hello.c ./
 """,
    ),
    context=docker_build.BuildContextArgs(
        location="https://github.com/docker-library/hello-world.git",
    ))
 inline = docker_build.Image("inline",
    push=False,
    dockerfile=docker_build.DockerfileArgs(
        inline="""FROM alpine
 RUN echo "This uses an inline Dockerfile! 👍"
 """,
    ))
 docker_load = docker_build.Image("dockerLoad",
    push=False,
    context=docker_build.BuildContextArgs(
        location="./app",
    ),
    exports=[docker_build.ExportArgs(
        docker=docker_build.ExportDockerArgs(
            tar=True,
        ),
    )])
 pulumi.export("platforms", multi_platform.platforms)
--- a/examples/python/app/Dockerfile
+++ b/examples/python/app/Dockerfile
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo 👍
--- a/examples/python/app/Dockerfile.buildArgs
+++ b/examples/python/app/Dockerfile.buildArgs
@@ -1,5 +0,0 @@
 FROM alpine
 ARG SET_ME_TO_TRUE
 RUN [ "$SET_ME_TO_TRUE" = "true" ]
 RUN echo "That's the correct build arg, thanks! 👍"
--- a/examples/python/app/Dockerfile.emptyContext
+++ b/examples/python/app/Dockerfile.emptyContext
@@ -1,2 +0,0 @@
 FROM alpine
 RUN echo "This image doesn't use any local files, so it doesn't need a context parameter 👍"
--- a/examples/python/app/Dockerfile.extraHosts
+++ b/examples/python/app/Dockerfile.extraHosts
@@ -1,3 +0,0 @@
 FROM bash AS base
 RUN getent hosts metadata.google.internal
--- a/examples/python/app/Dockerfile.multiPlatform
+++ b/examples/python/app/Dockerfile.multiPlatform
@@ -1,7 +0,0 @@
 FROM --platform=$BUILDPLATFORM alpine as build
 RUN echo ${BUILDPLATFORM} > buildplatform
 RUN echo ${TARGETPLATFORM} > targetplatform
 FROM build
 RUN cat buildplatform
 RUN cat targetplatform
--- a/examples/python/app/Dockerfile.namedContexts
+++ b/examples/python/app/Dockerfile.namedContexts
@@ -1,5 +0,0 @@
 # syntax=docker/dockerfile:1.4
 FROM golang:latest
 RUN version="$(go version)" && echo $version && [ "$version" = "go version go1.21.7 linux/amd64" ]
 RUN echo "This image uses named contexts to pin golang:latest to a specific SHA 👍"
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Bryce Lampe	9cff9765e2	Fix CI	2024-03-07 16:46:47 -08:00
Bryce Lampe	ddb67fe48f	remove version	2024-03-07 16:27:01 -08:00
Bryce Lampe	e809180bf8	Fix CI	2024-03-07 16:23:15 -08:00
		`@@ -1,2 +0,0 @@`
			`sdk/*/ linguist-generated=true`
			`provider/internal/mock*.go linguist-generated=true`
		`@@ -1,2 +0,0 @@`
			`FROM alpine`
			`RUN echo "This image doesn't use any local files, so it doesn't need a context parameter 👍"`
		`@@ -1,3 +0,0 @@`
			`FROM bash AS base`

			`RUN getent hosts metadata.google.internal`
		`@@ -1,4 +0,0 @@`
			`FROM alpine`

			`RUN --mount=type=secret,id=password [ "$(cat /run/secrets/password)" = "hunter2" ]`