sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity

Compare commits

base: sam_oneal:update-github-actions-workflows-1011
Branches Tags
sam_oneal:main sam_oneal:debug-image sam_oneal:renovate/major-pulumi sam_oneal:renovate/security sam_oneal:update-pulumi/26579044728-128 sam_oneal:update-pulumi/26229658565-127 sam_oneal:renovate/major-security sam_oneal:update-pulumi/25497905451-125 sam_oneal:update-github-actions-workflows-1172 sam_oneal:update-pulumi/24511459645-122 sam_oneal:update-pulumi/24191344757-121 sam_oneal:update-pulumi/23901444046-120 sam_oneal:update-pulumi/23595431521-119 sam_oneal:update-pulumi/23295872936-118 sam_oneal:update-github-actions-workflows-704 sam_oneal:update-pulumi/23002983312-117 sam_oneal:update-pulumi/22718886647-116 sam_oneal:update-github-actions-workflows-1114 sam_oneal:update-pulumi/22442999542-115 sam_oneal:update-pulumi/22182641498-114 sam_oneal:update-github-actions-workflows-1092 sam_oneal:update-pulumi/21947465199-113 sam_oneal:iwahhbe/update-dotnet-codegen sam_oneal:update-pulumi/21712281897-112 sam_oneal:update-github-actions-workflows-642 sam_oneal:update-pulumi/21478933959-111 sam_oneal:update-pulumi/21249204200-110 sam_oneal:update-pulumi/21031979833-109 sam_oneal:update-pulumi/20817484855-108 sam_oneal:update-pulumi/20638879280-107 sam_oneal:update-pulumi/20505377620-106 sam_oneal:update-pulumi/20337605127-105 sam_oneal:update-github-actions-workflows-1025 sam_oneal:update-github-actions-workflows-1024 sam_oneal:update-github-actions-workflows-568 sam_oneal:update-github-actions-workflows-1023 sam_oneal:update-github-actions-workflows-1022 sam_oneal:update-github-actions-workflows-1021 sam_oneal:update-github-actions-workflows-1020 sam_oneal:update-github-actions-workflows-1019 sam_oneal:update-pulumi/20133762954-104 sam_oneal:update-github-actions-workflows-1016 sam_oneal:update-github-actions-workflows-1015 sam_oneal:update-github-actions-workflows-1014 sam_oneal:update-github-actions-workflows-1013 sam_oneal:update-github-actions-workflows-1012 sam_oneal:update-github-actions-workflows-1011 sam_oneal:update-pulumi/19929659171-103 sam_oneal:update-github-actions-workflows-1010 sam_oneal:update-github-actions-workflows-1009 sam_oneal:update-github-actions-workflows-1008 sam_oneal:update-github-actions-workflows-1007 sam_oneal:update-github-actions-workflows-1006 sam_oneal:update-github-actions-workflows-1005 sam_oneal:update-github-actions-workflows-1004 sam_oneal:update-github-actions-workflows-1003 sam_oneal:update-pulumi/19736920399-102 sam_oneal:update-github-actions-workflows-1002 sam_oneal:update-github-actions-workflows-1001 sam_oneal:update-github-actions-workflows-1000 sam_oneal:update-pulumi/19537526118-101 sam_oneal:update-pulumi/19332198478-100 sam_oneal:update-github-actions-workflows-985 sam_oneal:update-github-actions-workflows-984 sam_oneal:update-github-actions-workflows-983 sam_oneal:pose/fixes/golangci-lint-upgrade-to-v2 sam_oneal:update-github-actions-workflows-982 sam_oneal:update-github-actions-workflows-981 sam_oneal:update-pulumi/19136291852-99 sam_oneal:update-github-actions-workflows-980 sam_oneal:update-github-actions-workflows-979 sam_oneal:update-github-actions-workflows-978 sam_oneal:update-github-actions-workflows-977 sam_oneal:update-github-actions-workflows-976 sam_oneal:update-github-actions-workflows-975 sam_oneal:update-github-actions-workflows-974 sam_oneal:update-pulumi/18941265690-98 sam_oneal:update-github-actions-workflows-973 sam_oneal:update-github-actions-workflows-972 sam_oneal:update-github-actions-workflows-971 sam_oneal:update-github-actions-workflows-970 sam_oneal:update-github-actions-workflows-969 sam_oneal:update-github-actions-workflows-965 sam_oneal:update-pulumi/18748991289-97 sam_oneal:update-pulumi/18561908881-96 sam_oneal:update-pulumi/18376962578-95 sam_oneal:update-pulumi/18193512866-94 sam_oneal:update-github-actions-workflows-552 sam_oneal:update-github-actions-workflows-548 sam_oneal:update-github-actions-workflows-546 sam_oneal:update-pulumi/18008090346-93 sam_oneal:update-pulumi/17829264550-92 sam_oneal:update-pulumi/17645108435-91 sam_oneal:update-github-actions-workflows-920 sam_oneal:update-github-actions-workflows-913 sam_oneal:update-github-actions-workflows-912 sam_oneal:update-github-actions-workflows-911 sam_oneal:update-github-actions-workflows-910 sam_oneal:update-pulumi/17296416183-89 sam_oneal:update-pulumi/17127477815-88 sam_oneal:update-github-actions-workflows-889 sam_oneal:update-github-actions-workflows-493 sam_oneal:blampe/json-keys sam_oneal:update-pulumi/16497427062-83 sam_oneal:blampe/go-provider-bracket sam_oneal:update-github-actions-workflows-784 sam_oneal:update-pulumi/14642101166-70 sam_oneal:adopt-ci-mgmt sam_oneal:mise sam_oneal:blampe/gha-token sam_oneal:iwahbe/upgrade-go-provider sam_oneal:ci
sam_oneal:v0.0.19 sam_oneal:sdk/go/dockerbuild/v0.0.18 sam_oneal:v0.0.18 sam_oneal:sdk/go/dockerbuild/v0.0.17 sam_oneal:v0.0.17 sam_oneal:sdk/go/dockerbuild/v0.0.16 sam_oneal:v0.0.16 sam_oneal:sdk/go/dockerbuild/v0.0.15 sam_oneal:v0.0.15 sam_oneal:sdk/go/dockerbuild/v0.0.14 sam_oneal:v0.0.14 sam_oneal:sdk/go/dockerbuild/v0.0.13 sam_oneal:v0.0.13 sam_oneal:sdk/go/dockerbuild/v0.0.12 sam_oneal:v0.0.12 sam_oneal:sdk/go/dockerbuild/v0.0.11 sam_oneal:v0.0.11 sam_oneal:sdk/go/dockerbuild/v0.0.10 sam_oneal:v0.0.10 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.99 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.100 sam_oneal:v0.0.1-alpha.100 sam_oneal:v0.0.1-testwindows.signing sam_oneal:sdk/go/dockerbuild/v0.0.9 sam_oneal:v0.0.9 sam_oneal:sdk/go/dockerbuild/v0.0.8 sam_oneal:v0.0.8 sam_oneal:sdk/go/dockerbuild/v0.0.7 sam_oneal:v0.0.7 sam_oneal:sdk/go/dockerbuild/v0.0.6 sam_oneal:v0.0.6 sam_oneal:sdk/go/dockerbuild/v0.0.5 sam_oneal:v0.0.5 sam_oneal:sdk/go/dockerbuild/v0.0.4 sam_oneal:v0.0.4 sam_oneal:sdk/go/dockerbuild/v0.0.3 sam_oneal:sdk/v0.0.3 sam_oneal:v0.0.3 sam_oneal:v0.0.2 sam_oneal:sdk/v0.0.2 sam_oneal:sdk/v0.0.1 sam_oneal:v0.0.1 sam_oneal:v0.0.1-alpha.3 sam_oneal:v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.1 sam_oneal:v0.0.1-alpha.1
..
compare: sam_oneal:update-github-actions-workflows-910
Branches Tags
sam_oneal:debug-image sam_oneal:renovate/major-pulumi sam_oneal:renovate/security sam_oneal:main sam_oneal:update-pulumi/26579044728-128 sam_oneal:update-pulumi/26229658565-127 sam_oneal:renovate/major-security sam_oneal:update-pulumi/25497905451-125 sam_oneal:update-github-actions-workflows-1172 sam_oneal:update-pulumi/24511459645-122 sam_oneal:update-pulumi/24191344757-121 sam_oneal:update-pulumi/23901444046-120 sam_oneal:update-pulumi/23595431521-119 sam_oneal:update-pulumi/23295872936-118 sam_oneal:update-github-actions-workflows-704 sam_oneal:update-pulumi/23002983312-117 sam_oneal:update-pulumi/22718886647-116 sam_oneal:update-github-actions-workflows-1114 sam_oneal:update-pulumi/22442999542-115 sam_oneal:update-pulumi/22182641498-114 sam_oneal:update-github-actions-workflows-1092 sam_oneal:update-pulumi/21947465199-113 sam_oneal:iwahhbe/update-dotnet-codegen sam_oneal:update-pulumi/21712281897-112 sam_oneal:update-github-actions-workflows-642 sam_oneal:update-pulumi/21478933959-111 sam_oneal:update-pulumi/21249204200-110 sam_oneal:update-pulumi/21031979833-109 sam_oneal:update-pulumi/20817484855-108 sam_oneal:update-pulumi/20638879280-107 sam_oneal:update-pulumi/20505377620-106 sam_oneal:update-pulumi/20337605127-105 sam_oneal:update-github-actions-workflows-1025 sam_oneal:update-github-actions-workflows-1024 sam_oneal:update-github-actions-workflows-568 sam_oneal:update-github-actions-workflows-1023 sam_oneal:update-github-actions-workflows-1022 sam_oneal:update-github-actions-workflows-1021 sam_oneal:update-github-actions-workflows-1020 sam_oneal:update-github-actions-workflows-1019 sam_oneal:update-pulumi/20133762954-104 sam_oneal:update-github-actions-workflows-1016 sam_oneal:update-github-actions-workflows-1015 sam_oneal:update-github-actions-workflows-1014 sam_oneal:update-github-actions-workflows-1013 sam_oneal:update-github-actions-workflows-1012 sam_oneal:update-github-actions-workflows-1011 sam_oneal:update-pulumi/19929659171-103 sam_oneal:update-github-actions-workflows-1010 sam_oneal:update-github-actions-workflows-1009 sam_oneal:update-github-actions-workflows-1008 sam_oneal:update-github-actions-workflows-1007 sam_oneal:update-github-actions-workflows-1006 sam_oneal:update-github-actions-workflows-1005 sam_oneal:update-github-actions-workflows-1004 sam_oneal:update-github-actions-workflows-1003 sam_oneal:update-pulumi/19736920399-102 sam_oneal:update-github-actions-workflows-1002 sam_oneal:update-github-actions-workflows-1001 sam_oneal:update-github-actions-workflows-1000 sam_oneal:update-pulumi/19537526118-101 sam_oneal:update-pulumi/19332198478-100 sam_oneal:update-github-actions-workflows-985 sam_oneal:update-github-actions-workflows-984 sam_oneal:update-github-actions-workflows-983 sam_oneal:pose/fixes/golangci-lint-upgrade-to-v2 sam_oneal:update-github-actions-workflows-982 sam_oneal:update-github-actions-workflows-981 sam_oneal:update-pulumi/19136291852-99 sam_oneal:update-github-actions-workflows-980 sam_oneal:update-github-actions-workflows-979 sam_oneal:update-github-actions-workflows-978 sam_oneal:update-github-actions-workflows-977 sam_oneal:update-github-actions-workflows-976 sam_oneal:update-github-actions-workflows-975 sam_oneal:update-github-actions-workflows-974 sam_oneal:update-pulumi/18941265690-98 sam_oneal:update-github-actions-workflows-973 sam_oneal:update-github-actions-workflows-972 sam_oneal:update-github-actions-workflows-971 sam_oneal:update-github-actions-workflows-970 sam_oneal:update-github-actions-workflows-969 sam_oneal:update-github-actions-workflows-965 sam_oneal:update-pulumi/18748991289-97 sam_oneal:update-pulumi/18561908881-96 sam_oneal:update-pulumi/18376962578-95 sam_oneal:update-pulumi/18193512866-94 sam_oneal:update-github-actions-workflows-552 sam_oneal:update-github-actions-workflows-548 sam_oneal:update-github-actions-workflows-546 sam_oneal:update-pulumi/18008090346-93 sam_oneal:update-pulumi/17829264550-92 sam_oneal:update-pulumi/17645108435-91 sam_oneal:update-github-actions-workflows-920 sam_oneal:update-github-actions-workflows-913 sam_oneal:update-github-actions-workflows-912 sam_oneal:update-github-actions-workflows-911 sam_oneal:update-github-actions-workflows-910 sam_oneal:update-pulumi/17296416183-89 sam_oneal:update-pulumi/17127477815-88 sam_oneal:update-github-actions-workflows-889 sam_oneal:update-github-actions-workflows-493 sam_oneal:blampe/json-keys sam_oneal:update-pulumi/16497427062-83 sam_oneal:blampe/go-provider-bracket sam_oneal:update-github-actions-workflows-784 sam_oneal:update-pulumi/14642101166-70 sam_oneal:adopt-ci-mgmt sam_oneal:mise sam_oneal:blampe/gha-token sam_oneal:iwahbe/upgrade-go-provider sam_oneal:ci
sam_oneal:v0.0.19 sam_oneal:sdk/go/dockerbuild/v0.0.18 sam_oneal:v0.0.18 sam_oneal:sdk/go/dockerbuild/v0.0.17 sam_oneal:v0.0.17 sam_oneal:sdk/go/dockerbuild/v0.0.16 sam_oneal:v0.0.16 sam_oneal:sdk/go/dockerbuild/v0.0.15 sam_oneal:v0.0.15 sam_oneal:sdk/go/dockerbuild/v0.0.14 sam_oneal:v0.0.14 sam_oneal:sdk/go/dockerbuild/v0.0.13 sam_oneal:v0.0.13 sam_oneal:sdk/go/dockerbuild/v0.0.12 sam_oneal:v0.0.12 sam_oneal:sdk/go/dockerbuild/v0.0.11 sam_oneal:v0.0.11 sam_oneal:sdk/go/dockerbuild/v0.0.10 sam_oneal:v0.0.10 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.99 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.100 sam_oneal:v0.0.1-alpha.100 sam_oneal:v0.0.1-testwindows.signing sam_oneal:sdk/go/dockerbuild/v0.0.9 sam_oneal:v0.0.9 sam_oneal:sdk/go/dockerbuild/v0.0.8 sam_oneal:v0.0.8 sam_oneal:sdk/go/dockerbuild/v0.0.7 sam_oneal:v0.0.7 sam_oneal:sdk/go/dockerbuild/v0.0.6 sam_oneal:v0.0.6 sam_oneal:sdk/go/dockerbuild/v0.0.5 sam_oneal:v0.0.5 sam_oneal:sdk/go/dockerbuild/v0.0.4 sam_oneal:v0.0.4 sam_oneal:sdk/go/dockerbuild/v0.0.3 sam_oneal:sdk/v0.0.3 sam_oneal:v0.0.3 sam_oneal:v0.0.2 sam_oneal:sdk/v0.0.2 sam_oneal:sdk/v0.0.1 sam_oneal:v0.0.1 sam_oneal:v0.0.1-alpha.3 sam_oneal:v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.1 sam_oneal:v0.0.1-alpha.1

1 Commits
update-git ... update-git

Author SHA1 Message Date
Pulumi Bot
613dffd366 [internal] Update GitHub Actions workflow files 2025-09-01 05:35:15 +00:00
59 changed files with 2368 additions and 1834 deletions
Expand all files Collapse all files

35
.ci-mgmt.yaml
View File

@@ -4,26 +4,23 @@ major-version: 0
providerDefaultBranch: main
providerVersion: github.com/pulumi/pulumi-docker-build/provider.Version
aws: true
modulePath: .
gcp: true
sdkModuleDir: sdk/go/dockerbuild
parallel: 3
esc:
enabled: true
envOverride:
AWS_REGION: us-west-2
PULUMI_API: "https://api.pulumi-staging.io"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT: pulumi-ci-gcp-provider
GOOGLE_PROJECT_NUMBER: 895284651812
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
AWS_REGION: us-west-2
PULUMI_API: "https://api.pulumi-staging.io"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT: pulumi-ci-gcp-provider
GOOGLE_PROJECT_NUMBER: 895284651812
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}

11
.config/mise.test.toml
View File

@@ -1,11 +0,0 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
# Overrides for test workflows
[env]
# Acceptance (specifically providertest) tests require that PULUMI_HOME be the default
PULUMI_HOME = "{{ env.HOME }}/.pulumi"
[tools]
# always use pulumi latest for tests
pulumi = "latest"

29
.config/mise.toml
View File

@@ -1,29 +0,0 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
# You can create your own root-level mise.toml file to override/augment this. See https://mise.jdx.dev/configuration.html
[env]
_.source = "{{config_root}}/scripts/get-versions.sh"
PULUMI_HOME = "{{config_root}}/.pulumi"
[tools]
# Runtimes
# TODO: we may not need 'get_env' once https://github.com/jdx/mise/discussions/6339 is fixed
go = "{{ get_env(name='GO_VERSION_MISE', default='latest') }}"
node = '20.19.5'
python = '3.11.8'
dotnet = '8.0.414'
# Corretto version used as Java SE/OpenJDK version no longer offered
java = 'corretto-11'
# Executable tools
pulumi = "{{ get_env(name='PULUMI_VERSION_MISE', default='latest') }}"
"github:pulumi/pulumictl" = '0.0.50'
"github:pulumi/schema-tools" = "0.6.0"
"aqua:gradle/gradle-distributions" = '7.6.6'
golangci-lint = "1.64.8" # See note about about overrides if you need to customize this.
"npm:yarn" = "1.22.22"
[settings]
experimental = true # Required for Go binaries (e.g. pulumictl).
lockfile = false

19
.github/actions/download-provider/action.yml vendored
View File

@@ -1,19 +0,0 @@
name: Download Provider Binary
description: Downloads the provider binary artifact and restores executable permissions
runs:
using: "composite"
steps:
- name: Download provider
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: UnTar provider binaries
shell: bash
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace}}/bin
- name: Restore Binary Permissions
shell: bash
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \;

20
.github/actions/download-sdk/action.yml vendored
View File

@@ -1,20 +0,0 @@
name: Download SDK
description: Downloads and extracts SDK artifacts for a specific language
inputs:
language:
description: 'The SDK language to download (nodejs, python, dotnet, java)'
required: true
runs:
using: "composite"
steps:
- name: Download SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
name: ${{ inputs.language }}-sdk.tar.gz
path: ${{ github.workspace }}/sdk/
- name: UnTar SDK folder
shell: bash
run: tar -zxf ${{ github.workspace }}/sdk/${{ inputs.language }}.tar.gz -C ${{ github.workspace }}/sdk/${{ inputs.language }}

2
.github/actions/esc-action/index.js vendored
View File

@@ -5,7 +5,7 @@ var stream = fs.createWriteStream(file, { flags: "a" });
for (const [name, value] of Object.entries(process.env)) {
try {
stream.write(`${name}<<EEEOOOFFF\n${value}\nEEEOOOFFF\n`); // << syntax accommodates multiline strings.
stream.write(`${name}=${value}\n`);
} catch (err) {
console.log(`error: failed to set output for ${name}: ${err.message}`);
}

41
.github/actions/setup-tools/action.yml vendored
View File

@@ -1,41 +0,0 @@
name: Setup Tools
description: Installs all tools (Go, Node, Python, .NET, Java, Pulumi, etc.) using mise
inputs:
cache:
description: Enable caching
required: false
default: "false"
github_token:
description: GitHub token
required: true
runs:
using: "composite"
steps:
- name: Setup mise
uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3
env:
MISE_FETCH_REMOTE_VERSIONS_TIMEOUT: 30s
with:
version: 2025.11.6
cache_save: ${{ inputs.cache }}
github_token: ${{ inputs.github_token }}
- name: Setup Go Cache
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
cache: ${{ inputs.cache }}
cache-dependency-path: |
provider/*.sum
upstream/*.sum
sdk/go/*.sum
sdk/*.sum
*.sum
- name: Setup Node
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6
with:
# we don't set node-version because we install with mise.
# this step is needed to setup npm auth
registry-url: https://registry.npmjs.org

384
.github/workflows/build.yml vendored
View File

@@ -25,10 +25,13 @@ env:
DOTNETVERSION: "8.0.x"
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -37,40 +40,33 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
jobs:
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
permissions:
id-token: write # For ESC secrets.
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
cache: 'true'
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
@@ -91,7 +87,7 @@ jobs:
echo 'EOF';
} >> "$GITHUB_ENV"
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
@@ -121,7 +117,6 @@ jobs:
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
@@ -167,7 +162,7 @@ jobs:
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -176,30 +171,25 @@ jobs:
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
pulumi-gen-${{ env.PROVIDER}}
- name: Upload artifacts
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
uses: codecov/codecov-action@fdcc8476540edceab3de004e990f80d881c6cc00 # v5.5.0
env:
CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
build_sdks:
needs: prerequisites
runs-on: pulumi-ubuntu-8core
@@ -213,36 +203,63 @@ jobs:
- go
- java
name: build_sdks
permissions:
pull-requests: write # For Renovate SDK updates.
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin
- name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Generate SDK
run: make generate_${{ matrix.language }}
- name: Build SDK
@@ -258,7 +275,6 @@ jobs:
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
@@ -304,49 +320,33 @@ jobs:
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
- name: Upload artifacts
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
retention-days: 30
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
tag_release_if_labeled_needs_release:
name: Tag release if labeled as needs-release
needs: publish
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- name: check if this commit needs release
if: ${{ env.RELEASE_BOT_ENDPOINT != '' }}
uses: pulumi/action-release-by-pr-label@main
@@ -354,10 +354,10 @@ jobs:
command: "release-if-needed"
repo: ${{ github.repository }}
commit: ${{ github.sha }}
slack_channel: C02MGR8JVST
slack_channel: ${{ secrets.RELEASE_OPS_SLACK_CHANNEL }}
env:
RELEASE_BOT_ENDPOINT: ${{ steps.esc-secrets.outputs.RELEASE_BOT_ENDPOINT }}
RELEASE_BOT_KEY: ${{ steps.esc-secrets.outputs.RELEASE_BOT_KEY }}
RELEASE_BOT_ENDPOINT: ${{ secrets.RELEASE_BOT_ENDPOINT }}
RELEASE_BOT_KEY: ${{ secrets.RELEASE_BOT_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
test:
@@ -377,39 +377,74 @@ jobs:
name: test
permissions:
contents: read
id-token: write # For ESC secrets and Pulumi access token OIDC.
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin
- name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Download SDK
if: ${{ matrix.language != 'yaml' }}
uses: ./.github/actions/download-sdk
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
language: ${{ matrix.language }}
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: UnTar SDK folder
if: ${{ matrix.language != 'yaml' }}
run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
github.workspace}}/sdk/${{ matrix.language}}
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
- name: Install Node dependencies
@@ -430,13 +465,13 @@ jobs:
requested-token-type: urn:pulumi:token-type:access_token:organization
export-environment-variables: false
- name: Export AWS Credentials
uses: pulumi/esc-action@6cf9520e68354d86f81c455e8d43eabd58f5c9f5 # v1.5.0
uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0
env:
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
with:
environment: logins/pulumi-ci
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
uses: google-github-actions/auth@b7593ed2efd1c1617e1b0254da33b86225adb2a5 # v2.1.12
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
@@ -444,7 +479,7 @@ jobs:
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
uses: google-github-actions/setup-gcloud@26f734c2779b00b7dda794207734c511110a4368 # v3.0.0
with:
install_components: gke-gcloud-auth-plugin
- name: Install gotestfmt
@@ -457,49 +492,36 @@ jobs:
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in SDK tests
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish:
runs-on: ubuntu-latest
needs: test
name: publish
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Clear GitHub Actions Ubuntu runner disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
with:
@@ -509,78 +531,92 @@ jobs:
haskell: true
swap-storage: true
large-packages: false
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
aws-secret-access-key: ${{ steps.esc-secrets.outputs.AWS_SECRET_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-external-id: upload-pulumi-release
role-to-assume: ${{ steps.esc-secrets.outputs.AWS_UPLOAD_ROLE_ARN }}
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
env:
GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
AZURE_SIGNING_CLIENT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET == '' && steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI == '' }}
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
AZURE_SIGNING_CLIENT_ID: ${{ secrets.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ secrets.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ secrets.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ secrets.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ secrets.AZURE_SIGNING_CLIENT_ID == '' && secrets.AZURE_SIGNING_CLIENT_SECRET == '' && secrets.AZURE_SIGNING_TENANT_ID == '' && secrets.AZURE_SIGNING_KEY_VAULT_URI == '' }}
with:
args: -p 3 -f .goreleaser.prerelease.yml --clean --skip=validate --timeout 60m0s
version: latest
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in publishing binaries
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish_sdk:
runs-on: ubuntu-latest
needs: publish
name: publish_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
path: ci-scripts
repository: pulumi/scripts
- run: echo "ci-scripts" >> .git/info/exclude
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Download python SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: python-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -588,7 +624,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
${{github.workspace}}/sdk/python
- name: Download dotnet SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: dotnet-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -596,7 +632,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
${{github.workspace}}/sdk/dotnet
- name: Download nodejs SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -608,46 +644,48 @@ jobs:
- name: Publish SDKs
run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
env:
NUGET_PUBLISH_KEY: ${{ steps.esc-secrets.outputs.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ steps.esc-secrets.outputs.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
PYPI_PUBLISH_ARTIFACTS: all
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ steps.esc-secrets.outputs.PYPI_API_TOKEN }}
SIGNING_KEY_ID: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ steps.esc-secrets.outputs.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ steps.esc-secrets.outputs.OSSRH_PASSWORD }}
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in publishing SDK
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Disarm go:embed directives to enable linters that compile source code
run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i
's/go:embed/ goembed/g'
- name: golangci-lint provider pkg
uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
with:
install-mode: none # Handled by mise.
working-directory: .
version: ${{ env.GOLANGCI_LINT_VERSION }}
args: -c ../.golangci.yml
working-directory: provider
name: lint
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository

25
.github/workflows/command-dispatch.yml vendored
View File

@@ -2,10 +2,13 @@
env:
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -14,30 +17,16 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
jobs:
command-dispatch-for-testing:
name: command-dispatch-for-testing
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: peter-evans/slash-command-dispatch@5c11dc7efead556e3bdabf664302212f79eb26fa # v5
persist-credentials: false
- uses: peter-evans/slash-command-dispatch@13bc09769d122a64f75aa5037256f6f2d78be8c4 # v4
with:
commands: |
run-acceptance-tests
@@ -46,7 +35,7 @@ jobs:
permission: write
reaction-token: ${{ secrets.GITHUB_TOKEN }}
repository: pulumi/pulumi-docker-build
token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
token: ${{ secrets.PULUMI_BOT_TOKEN }}
name: command-dispatch
on:
issue_comment:

2
.github/workflows/comment-on-stale-issues.yml vendored
View File

@@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
name: Stale issue job
steps:
- uses: aws-actions/stale-issue-cleanup@5650b49bcd757a078f6ca06c373d7807b773f9bc # v7.1.0
- uses: aws-actions/stale-issue-cleanup@5650b49bcd757a078f6ca06c373d7807b773f9bc #v7.1.0
with:
issue-types: issues # only look at issues (ignore pull-requests)

4
.github/workflows/community-moderation.yml vendored
View File

@@ -1,12 +1,14 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
warn_codegen:
name: warn_codegen
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- id: schema_changed

4
.github/workflows/export-repo-secrets.yml vendored
View File

@@ -8,12 +8,12 @@ jobs:
steps:
- name: Generate a GitHub token
id: generate-token
uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2
uses: actions/create-github-app-token@v1
with:
app-id: 1256780 # Export Secrets GitHub App
private-key: ${{ secrets.EXPORT_SECRETS_PRIVATE_KEY }}
- name: Export secrets to ESC
uses: pulumi/esc-export-secrets-action@9d6485759b6adff2538ae91f1b77cc96265c9dad # v1
uses: pulumi/esc-export-secrets-action@v1
with:
organization: pulumi
org-environment: imports/github-secrets

396
.github/workflows/prerelease.yml vendored
View File

@@ -16,10 +16,13 @@ env:
DOTNETVERSION: "8.0.x"
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -29,37 +32,33 @@ env:
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
IS_PRERELEASE: true
jobs:
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
cache: 'true'
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
@@ -80,7 +79,7 @@ jobs:
echo 'EOF';
} >> "$GITHUB_ENV"
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
@@ -110,7 +109,6 @@ jobs:
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
@@ -156,7 +154,7 @@ jobs:
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -165,30 +163,25 @@ jobs:
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
pulumi-gen-${{ env.PROVIDER}}
- name: Upload artifacts
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
uses: codecov/codecov-action@fdcc8476540edceab3de004e990f80d881c6cc00 # v5.5.0
env:
CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
build_sdks:
needs: prerequisites
runs-on: pulumi-ubuntu-8core
@@ -202,36 +195,63 @@ jobs:
- go
- java
name: build_sdks
permissions:
pull-requests: write # For Renovate SDK updates.
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin
- name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Generate SDK
run: make generate_${{ matrix.language }}
- name: Build SDK
@@ -247,7 +267,6 @@ jobs:
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
@@ -293,26 +312,26 @@ jobs:
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
- name: Upload artifacts
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
test:
runs-on: pulumi-ubuntu-8core
needs:
@@ -330,39 +349,74 @@ jobs:
name: test
permissions:
contents: read
id-token: write # For ESC secrets and Pulumi access token OIDC.
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin
- name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Download SDK
if: ${{ matrix.language != 'yaml' }}
uses: ./.github/actions/download-sdk
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
language: ${{ matrix.language }}
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: UnTar SDK folder
if: ${{ matrix.language != 'yaml' }}
run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
github.workspace}}/sdk/${{ matrix.language}}
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
- name: Install Node dependencies
@@ -383,13 +437,13 @@ jobs:
requested-token-type: urn:pulumi:token-type:access_token:organization
export-environment-variables: false
- name: Export AWS Credentials
uses: pulumi/esc-action@6cf9520e68354d86f81c455e8d43eabd58f5c9f5 # v1.5.0
uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0
env:
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
with:
environment: logins/pulumi-ci
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
uses: google-github-actions/auth@b7593ed2efd1c1617e1b0254da33b86225adb2a5 # v2.1.12
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
@@ -397,7 +451,7 @@ jobs:
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
uses: google-github-actions/setup-gcloud@26f734c2779b00b7dda794207734c511110a4368 # v3.0.0
with:
install_components: gke-gcloud-auth-plugin
- name: Install gotestfmt
@@ -410,49 +464,36 @@ jobs:
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in SDK tests
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish:
runs-on: ubuntu-latest
needs: test
name: publish
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Clear GitHub Actions Ubuntu runner disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
with:
@@ -462,78 +503,92 @@ jobs:
haskell: true
swap-storage: true
large-packages: false
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
aws-secret-access-key: ${{ steps.esc-secrets.outputs.AWS_SECRET_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-external-id: upload-pulumi-release
role-to-assume: ${{ steps.esc-secrets.outputs.AWS_UPLOAD_ROLE_ARN }}
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
env:
GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
AZURE_SIGNING_CLIENT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET == '' && steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI == '' }}
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
AZURE_SIGNING_CLIENT_ID: ${{ secrets.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ secrets.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ secrets.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ secrets.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ secrets.AZURE_SIGNING_CLIENT_ID == '' && secrets.AZURE_SIGNING_CLIENT_SECRET == '' && secrets.AZURE_SIGNING_TENANT_ID == '' && secrets.AZURE_SIGNING_KEY_VAULT_URI == '' }}
with:
args: -p 3 -f .goreleaser.prerelease.yml --clean --skip=validate --timeout 60m0s
version: latest
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in publishing binaries
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish_sdk:
runs-on: ubuntu-latest
needs: publish
name: publish_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
path: ci-scripts
repository: pulumi/scripts
- run: echo "ci-scripts" >> .git/info/exclude
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Download python SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: python-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -541,7 +596,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
${{github.workspace}}/sdk/python
- name: Download dotnet SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: dotnet-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -549,7 +604,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
${{github.workspace}}/sdk/dotnet
- name: Download nodejs SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -561,55 +616,60 @@ jobs:
- name: Publish SDKs
run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
env:
NUGET_PUBLISH_KEY: ${{ steps.esc-secrets.outputs.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ steps.esc-secrets.outputs.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
PYPI_PUBLISH_ARTIFACTS: all
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ steps.esc-secrets.outputs.PYPI_API_TOKEN }}
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in publishing SDK
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish_java_sdk:
runs-on: ubuntu-latest
continue-on-error: true
needs: publish
name: publish_java_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download java SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: java-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -617,36 +677,36 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C
${{github.workspace}}/sdk/java
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Publish Java SDK
run: gradle -p ./sdk/java publishToSonatype closeAndReleaseSonatypeStagingRepository
env:
PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }}
SIGNING_KEY_ID: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_PASSWORD: ${{ steps.esc-secrets.outputs.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ steps.esc-secrets.outputs.OSSRH_USERNAME }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
publish_go_sdk:
runs-on: ubuntu-latest
name: publish-go-sdk
needs: publish_sdk
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Download go SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: go-sdk.tar.gz
path: ${{ github.workspace}}/sdk/

30
.github/workflows/pull-request.yml vendored
View File

@@ -3,14 +3,40 @@
name: pull-request
on:
pull_request_target: {}
env:
PROVIDER: docker-build
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
TRAVIS_OS_NAME: linux
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
GOVERSION: "1.21.x"
NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x"
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT: pulumi-ci-gcp-provider
GOOGLE_PROJECT_NUMBER: "895284651812"
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
jobs:
comment-on-pr:
runs-on: ubuntu-latest
name: comment-on-pr
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- name: Comment PR

417
.github/workflows/release.yml vendored
View File

@@ -17,10 +17,13 @@ env:
DOTNETVERSION: "8.0.x"
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -29,40 +32,33 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
jobs:
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
permissions:
id-token: write # For ESC secrets.
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
cache: 'true'
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
@@ -83,7 +79,7 @@ jobs:
echo 'EOF';
} >> "$GITHUB_ENV"
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
@@ -113,7 +109,6 @@ jobs:
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
@@ -159,7 +154,7 @@ jobs:
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -168,30 +163,25 @@ jobs:
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
pulumi-gen-${{ env.PROVIDER}}
- name: Upload artifacts
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
uses: codecov/codecov-action@fdcc8476540edceab3de004e990f80d881c6cc00 # v5.5.0
env:
CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
build_sdks:
needs: prerequisites
runs-on: pulumi-ubuntu-8core
@@ -205,36 +195,63 @@ jobs:
- go
- java
name: build_sdks
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin
- name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Generate SDK
run: make generate_${{ matrix.language }}
- name: Build SDK
@@ -250,7 +267,6 @@ jobs:
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
@@ -296,26 +312,26 @@ jobs:
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
- name: Upload artifacts
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
test:
runs-on: pulumi-ubuntu-8core
needs:
@@ -333,39 +349,74 @@ jobs:
name: test
permissions:
contents: read
id-token: write # For ESC secrets.
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin
- name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Download SDK
if: ${{ matrix.language != 'yaml' }}
uses: ./.github/actions/download-sdk
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
language: ${{ matrix.language }}
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: UnTar SDK folder
if: ${{ matrix.language != 'yaml' }}
run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
github.workspace}}/sdk/${{ matrix.language}}
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
- name: Install Node dependencies
@@ -386,13 +437,13 @@ jobs:
requested-token-type: urn:pulumi:token-type:access_token:organization
export-environment-variables: false
- name: Export AWS Credentials
uses: pulumi/esc-action@6cf9520e68354d86f81c455e8d43eabd58f5c9f5 # v1.5.0
uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0
env:
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
with:
environment: logins/pulumi-ci
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
uses: google-github-actions/auth@b7593ed2efd1c1617e1b0254da33b86225adb2a5 # v2.1.12
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
@@ -400,7 +451,7 @@ jobs:
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
uses: google-github-actions/setup-gcloud@26f734c2779b00b7dda794207734c511110a4368 # v3.0.0
with:
install_components: gke-gcloud-auth-plugin
- name: Install gotestfmt
@@ -413,49 +464,36 @@ jobs:
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
env:
GTIHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in SDK tests
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish:
runs-on: ubuntu-latest
needs: test
name: publish
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Clear GitHub Actions Ubuntu runner disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
with:
@@ -465,78 +503,92 @@ jobs:
haskell: true
swap-storage: true
large-packages: false
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
aws-secret-access-key: ${{ steps.esc-secrets.outputs.AWS_SECRET_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-external-id: upload-pulumi-release
role-to-assume: ${{ steps.esc-secrets.outputs.AWS_UPLOAD_ROLE_ARN }}
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
env:
GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
AZURE_SIGNING_CLIENT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET == '' && steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI == '' }}
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
AZURE_SIGNING_CLIENT_ID: ${{ secrets.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ secrets.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ secrets.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ secrets.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ secrets.AZURE_SIGNING_CLIENT_ID == '' && secrets.AZURE_SIGNING_CLIENT_SECRET == '' && secrets.AZURE_SIGNING_TENANT_ID == '' && secrets.AZURE_SIGNING_KEY_VAULT_URI == '' }}
with:
args: -p 3 release --clean --timeout 60m0s
version: latest
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in publishing binaries
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish_sdk:
runs-on: ubuntu-latest
needs: publish
name: publish_sdks
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
path: ci-scripts
repository: pulumi/scripts
- run: echo "ci-scripts" >> .git/info/exclude
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Download python SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: python-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -544,7 +596,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
${{github.workspace}}/sdk/python
- name: Download dotnet SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: dotnet-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -552,7 +604,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
${{github.workspace}}/sdk/dotnet
- name: Download nodejs SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -564,55 +616,60 @@ jobs:
- name: Publish SDKs
run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
env:
NUGET_PUBLISH_KEY: ${{ steps.esc-secrets.outputs.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ steps.esc-secrets.outputs.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
PYPI_PUBLISH_ARTIFACTS: all
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ steps.esc-secrets.outputs.PYPI_API_TOKEN }}
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in publishing SDK
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
publish_java_sdk:
runs-on: ubuntu-latest
continue-on-error: true
needs: publish
name: publish_java_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download java SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: java-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -620,36 +677,36 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C
${{github.workspace}}/sdk/java
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Publish Java SDK
run: gradle -p ./sdk/java publishToSonatype closeAndReleaseSonatypeStagingRepository
env:
PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }}
SIGNING_KEY_ID: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_PASSWORD: ${{ steps.esc-secrets.outputs.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ steps.esc-secrets.outputs.OSSRH_USERNAME }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
publish_go_sdk:
runs-on: ubuntu-latest
name: publish-go-sdk
needs: publish_sdk
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Download go SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: go-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -669,23 +726,7 @@ jobs:
dispatch_docs_build:
runs-on: ubuntu-latest
needs: publish_go_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
@@ -694,5 +735,5 @@ jobs:
run: pulumictl create docs-build pulumi-${{ env.PROVIDER }}
"${GITHUB_REF#refs/tags/}"
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
name: dispatch_docs_build

23
.github/workflows/release_command.yml vendored
View File

@@ -11,18 +11,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
persist-credentials: false
- name: Should release PR
uses: pulumi/action-release-by-pr-label@main
with:
@@ -30,14 +21,14 @@ jobs:
repo: ${{ github.repository }}
pr: ${{ github.event.client_payload.pull_request.number }}
version: ${{ github.event.client_payload.slash_command.args.all }}
slack_channel: ${{ steps.esc-secrets.outputs.RELEASE_OPS_STAGING_SLACK_CHANNEL }}
slack_channel: ${{ secrets.RELEASE_OPS_STAGING_SLACK_CHANNEL }}
env:
RELEASE_BOT_ENDPOINT: ${{ steps.esc-secrets.outputs.RELEASE_BOT_ENDPOINT }}
RELEASE_BOT_KEY: ${{ steps.esc-secrets.outputs.RELEASE_BOT_KEY }}
RELEASE_BOT_ENDPOINT: ${{ secrets.RELEASE_BOT_ENDPOINT }}
RELEASE_BOT_KEY: ${{ secrets.RELEASE_BOT_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure()
name: Notify failure
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
@@ -46,7 +37,7 @@ jobs:
"release command failed: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
- if: success()
name: Notify success
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}

232
.github/workflows/run-acceptance-tests.yml vendored
View File

@@ -20,10 +20,13 @@ env:
DOTNETVERSION: "8.0.x"
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -32,66 +35,53 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }}
jobs:
comment-notification:
if: github.event_name == 'repository_dispatch'
runs-on: ubuntu-latest
name: comment-notification
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- name: Create URL to the run output
id: vars
run: echo
"run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
>> "$GITHUB_OUTPUT"
- name: Update with Result
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
token: ${{ secrets.PULUMI_BOT_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
body: "Please view the PR build: ${{ steps.vars.outputs.run-url }}"
if: github.event_name == 'repository_dispatch'
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
permissions:
id-token: write # For ESC secrets.
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
ref: ${{ env.PR_COMMIT_SHA }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
cache: 'true'
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
@@ -112,7 +102,7 @@ jobs:
echo 'EOF';
} >> "$GITHUB_ENV"
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
@@ -142,7 +132,6 @@ jobs:
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
@@ -188,7 +177,7 @@ jobs:
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -197,30 +186,25 @@ jobs:
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
pulumi-gen-${{ env.PROVIDER}}
- name: Upload artifacts
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
uses: codecov/codecov-action@fdcc8476540edceab3de004e990f80d881c6cc00 # v5.5.0
env:
CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
build_sdks:
@@ -236,38 +220,56 @@ jobs:
- go
- java
name: build_sdks
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
ref: ${{ env.PR_COMMIT_SHA }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
@@ -292,7 +294,6 @@ jobs:
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
@@ -337,27 +338,27 @@ jobs:
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
- name: Upload artifacts
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
retention-days: 30
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
test:
@@ -380,33 +381,54 @@ jobs:
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
ref: ${{ env.PR_COMMIT_SHA }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
@@ -418,7 +440,7 @@ jobs:
-exec chmod +x {} \;
- name: Download SDK
if: ${{ matrix.language != 'yaml' }}
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -446,13 +468,13 @@ jobs:
requested-token-type: urn:pulumi:token-type:access_token:organization
export-environment-variables: false
- name: Export AWS Credentials
uses: pulumi/esc-action@6cf9520e68354d86f81c455e8d43eabd58f5c9f5 # v1.5.0
uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0
env:
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
with:
environment: logins/pulumi-ci
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
uses: google-github-actions/auth@b7593ed2efd1c1617e1b0254da33b86225adb2a5 # v2.1.12
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
@@ -460,7 +482,7 @@ jobs:
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
uses: google-github-actions/setup-gcloud@26f734c2779b00b7dda794207734c511110a4368 # v3.0.0
with:
install_components: gke-gcloud-auth-plugin
- name: Install gotestfmt
@@ -473,40 +495,23 @@ jobs:
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in SDK tests
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
sentinel:
runs-on: ubuntu-latest
name: sentinel
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- name: Mark workflow as successful
uses: guibranco/github-status-action-v2@631f55ea0251f0fb284525ad86c30e9f7a8dd284 # v1.1.14
uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 # v1.1.13
with:
authToken: ${{ secrets.GITHUB_TOKEN }}
context: Sentinel
@@ -515,7 +520,6 @@ jobs:
sha: ${{ github.event.pull_request.head.sha || github.sha }}
permissions:
statuses: write
id-token: write # For ESC secrets.
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
needs:
@@ -526,23 +530,25 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Disarm go:embed directives to enable linters that compile source code
run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i
's/go:embed/ goembed/g'
- name: golangci-lint provider pkg
uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
with:
install-mode: none # Handled by mise.
working-directory: .
version: ${{ env.GOLANGCI_LINT_VERSION }}
args: -c ../.golangci.yml
working-directory: provider
name: lint
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository

57
.github/workflows/weekly-pulumi-update.yml vendored
View File

@@ -17,10 +17,13 @@ env:
DOTNETVERSION: "8.0.x"
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -29,30 +32,48 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
jobs:
weekly-pulumi-update:
runs-on: ubuntu-latest
permissions: write-all
steps:
- name: Checkout Repo
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- name: Setup Tools
uses: ./.github/actions/setup-tools
lfs: true
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@df5a93ad715135263c732ba288301bd044c383c0 # v6.3.0
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Node
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup Python
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
with:
gradle-version: "7.6"
- name: Update Pulumi/Pulumi
id: gomod
run: >-
@@ -111,5 +132,5 @@ jobs:
gh pr create -t "$msg" -b "$msg" --head "$(git branch --show-current)"
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
name: weekly-pulumi-update

2
.pulumi.version
View File

@@ -1 +1 @@
3.192.0
3.187.0

10
CHANGELOG.md
View File

@@ -1,15 +1,5 @@
## Unreleased
## Changed
- Arguments `CacheFromGitHubActions.URL` and `CacheFromGitHubActions.Token` have been removed. If the previous behaviour is desired, set the `ACTIONS_CACHE_URL` and `ACTIONS_RUNTIME_TOKEN` environment variables. (https://github.com/pulumi/pulumi-docker-build/issues/75)
## 0.0.14 (2025-09-30)
### Fixed
- A warning is no longer emitted for the reserved `__internal` key. (https://github.com/pulumi/pulumi-docker-build/issues/579)
## 0.0.13 (2025-08-27)
### Changed

45
Makefile
View File

@@ -17,9 +17,8 @@ WORKING_DIR := $(shell pwd)
EXAMPLES_DIR := ${WORKING_DIR}/examples/yaml
TESTPARALLELISM := 4
PULUMI := pulumi
GOGLANGCILINT := golangci-lint
GOTEST := go test
PULUMI := bin/pulumi
GOGLANGCILINT := bin/golangci-lint
# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable
# Local & branch builds will just used this fixed default version unless specified
@@ -47,10 +46,10 @@ provider_debug::
(cd provider && go build -o $(WORKING_DIR)/bin/${PROVIDER} -gcflags="all=-N -l" -ldflags "-X ${PROJECT}/${VERSION_PATH}=${VERSION_GENERIC}" $(PROJECT)/${PROVIDER_PATH}/cmd/$(PROVIDER))
test_provider:: # Required by CI
${GOTEST} -short -v -coverprofile="coverage.txt" -coverpkg=./provider/... -timeout 2h -parallel ${TESTPARALLELISM} ./provider/...
go test -short -v -coverprofile="coverage.txt" -coverpkg=./provider/... -timeout 2h -parallel ${TESTPARALLELISM} ./provider/...
test_examples: install_nodejs_sdk install_dotnet_sdk
${GOTEST} -short -v -cover -tags=all -timeout 2h -parallel ${TESTPARALLELISM} ./examples/...
go test -short -v -cover -tags=all -timeout 2h -parallel ${TESTPARALLELISM} ./examples/...
test_all:: test_provider test_examples
@@ -64,26 +63,38 @@ examples/yaml:
rm -rf ${WORKING_DIR}/examples/yaml/app
cp -r ${WORKING_DIR}/examples/app ${WORKING_DIR}/examples/yaml/app
examples/go: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/go: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,go)
@git checkout examples/go/go.mod
examples/nodejs: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/nodejs: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,nodejs)
@git checkout examples/nodejs/package.json
examples/python: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/python: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,python)
@git checkout examples/python/requirements.txt
examples/dotnet: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/dotnet: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,dotnet)
@git checkout examples/dotnet/provider-docker-build.csproj
examples/java: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/java: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,java)
@git checkout examples/java/pom.xml
${PULUMI}: go.sum
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi/pkg/v3/cmd/pulumi
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi/sdk/go/pulumi-language-go/v3
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi/sdk/nodejs/cmd/pulumi-language-nodejs/v3
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi/sdk/python/cmd/pulumi-language-python/v3
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi-java/pkg/cmd/pulumi-language-java
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi-yaml/cmd/pulumi-converter-yaml
${GOGLANGCILINT}: go.sum
GOBIN=${WORKING_DIR}/bin go install github.com/golangci/golangci-lint/cmd/golangci-lint@8b37f14
define pulumi_login
export PULUMI_CONFIG_PASSPHRASE=asdfqwerty1234; \
pulumi login --local;
@@ -91,7 +102,7 @@ endef
define example
rm -rf ${WORKING_DIR}/examples/$(1)
pulumi convert \
$(PULUMI) convert \
--cwd ${WORKING_DIR}/examples/yaml \
--logtostderr \
--generate-only \
@@ -129,7 +140,7 @@ build:: provider sdk/dotnet sdk/go sdk/nodejs sdk/python sdk/java ${SCHEMA_PATH}
only_build:: build
.PHONY: lint
lint:
lint: ${GOGLANGCILINT}
${GOGLANGCILINT} run --fix -c .golangci.yml
install:: install_nodejs_sdk install_dotnet_sdk
@@ -194,7 +205,7 @@ sdk: sdk/python sdk/nodejs sdk/java sdk/python sdk/go sdk/dotnet
.PHONY: sdk/*
sdk/python: TMPDIR := $(shell mktemp -d)
sdk/python: bin/${PROVIDER}
sdk/python: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/python
$(PULUMI) package gen-sdk ./bin/$(PROVIDER) --language python -o ${TMPDIR}
cp README.md ${TMPDIR}/python/
@@ -207,7 +218,7 @@ sdk/python: bin/${PROVIDER}
mv -f ${TMPDIR}/python ${WORKING_DIR}/sdk/.
sdk/nodejs: TMPDIR := $(shell mktemp -d)
sdk/nodejs: bin/${PROVIDER}
sdk/nodejs: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/nodejs
$(PULUMI) package gen-sdk ./bin/$(PROVIDER) --language nodejs -o ${TMPDIR}
cp README.md LICENSE ${TMPDIR}/nodejs
@@ -219,7 +230,7 @@ sdk/nodejs: bin/${PROVIDER}
sdk/go: TMPDIR := $(shell mktemp -d)
sdk/go: PATH := "$(WORKING_DIR)/bin:$(PATH)"
sdk/go: bin/${PROVIDER}
sdk/go: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/go
PATH=$(PATH) $(PULUMI) package gen-sdk ./bin/$(PROVIDER) --language go -o ${TMPDIR}
cp go.mod ${TMPDIR}/go/dockerbuild/go.mod
@@ -229,7 +240,7 @@ sdk/go: bin/${PROVIDER}
mv -f ${TMPDIR}/go ${WORKING_DIR}/sdk/go
sdk/dotnet: TMPDIR := $(shell mktemp -d)
sdk/dotnet: bin/${PROVIDER}
sdk/dotnet: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/dotnet
$(PULUMI) package gen-sdk ./bin/${PROVIDER} --language dotnet -o ${TMPDIR}
cd ${TMPDIR}/dotnet/ && \
@@ -239,7 +250,7 @@ sdk/dotnet: bin/${PROVIDER}
sdk/java: PACKAGE_VERSION := $(shell pulumictl convert-version --language generic -v "$(VERSION_GENERIC)")
sdk/java: TMPDIR := $(shell mktemp -d)
sdk/java: bin/${PROVIDER}
sdk/java: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/java
$(PULUMI) package gen-sdk --language java ./bin/${PROVIDER} -o ${TMPDIR}
cd ${TMPDIR}/java/ && gradle --console=plain build

428
docs/_index.md
View File

@@ -1,428 +0,0 @@
---
title: Docker Build
meta_desc: Provides an overview of the Docker Build Provider for Pulumi.
layout: package
---
The Docker Build provider leverages [buildx and BuildKit](https://docs.docker.com/build/architecture/) to build modern Docker images with Pulumi.
Not to be confused with the earlier
[Docker](../docker) provider, which is still
appropriate for managing resources unrelated to building images.
| Provider | Use cases |
| ---------------- | ----------------------------------------------------------------------- |
| `@pulumi/docker-build` | Anything related to building images with `docker build`. |
| `@pulumi/docker` | Everything else -- including running containers and creating networks. |
## Example
If your Pulumi program has a directory called `app` alongside it, containing a
file named "Dockerfile" (which can be as simple as `FROM alpine` for the
purpose of example), then the code below shows how to build a multi-platform
image, publish it to a remote AWS ECR registry, and use an [inline
cache](https://docs.docker.com/build/cache/backends/inline/) to speed up
subsequent builds.
{{< chooser language "typescript,python,csharp,go,yaml,java" / >}}
{{% choosable language typescript %}}
```typescript
import * as aws from "@pulumi/aws";
import * as docker_build from "@pulumi/docker-build";
// Create an ECR repository for pushing.
const ecrRepository = new aws.ecr.Repository("ecr-repository", {});
// Grab auth credentials for ECR.
const authToken = aws.ecr.getAuthorizationTokenOutput({
registryId: ecrRepository.registryId,
});
// Build and push an image to ECR with inline caching.
const myImage = new docker_build.Image("my-image", {
// Tag our image with our ECR repository's address.
tags: [pulumi.interpolate`${ecrRepository.repositoryUrl}:latest`],
context: {
location: "./app",
},
// Use the pushed image as a cache source.
cacheFrom: [{
registry: {
ref: pulumi.interpolate`${ecrRepository.repositoryUrl}:latest`,
},
}],
// Include an inline cache with our pushed image.
cacheTo: [{
inline: {},
}],
// Build a multi-platform image manifest for ARM and AMD.
platforms: [
"linux/amd64",
"linux/arm64",
],
// Push the final result to ECR.
push: true,
// Provide our ECR credentials.
registries: [{
address: ecrRepository.repositoryUrl,
password: authToken.password,
username: authToken.userName,
}],
});
// Export a ref for the pushed images so we can deploy it.
export const ref = myImage.ref;
```
{{% /choosable %}}
{{% choosable language python %}}
```python
import pulumi
import pulumi_aws as aws
import pulumi_docker_build as docker_build
# Create an ECR repository for pushing.
ecr_repository = aws.ecr.Repository("ecr-repository")
# Grab auth credentials for ECR.
auth_token = aws.ecr.get_authorization_token_output(registry_id=ecr_repository.registry_id)
# Build and push an image to ECR with inline caching.
my_image = docker_build.Image("my-image",
# Tag our image with our ECR repository's address.
tags=[ecr_repository.repository_url.apply(lambda repository_url: f"{repository_url}:latest")],
context=docker_build.BuildContextArgs(
location="./app",
),
# Use the pushed image as a cache source.
cache_from=[docker_build.CacheFromArgs(
registry=docker_build.CacheFromRegistryArgs(
ref=ecr_repository.repository_url.apply(lambda repository_url: f"{repository_url}:latest"),
),
)],
# Include an inline cache with our pushed image.
cache_to=[docker_build.CacheToArgs(
inline=docker_build.CacheToInlineArgs(),
)],
# Build a multi-platform image manifest for ARM and AMD.
platforms=[
docker_build.Platform.LINUX_AMD64,
docker_build.Platform.LINUX_ARM64,
],
# Push the final result to ECR.
push=True,
# Provide our ECR credentials.
registries=[docker_build.RegistryArgs(
address=ecr_repository.repository_url,
password=auth_token.password,
username=auth_token.user_name,
)],
)
# Export a ref for the pushed images so we can deploy it.
pulumi.export("ref", my_image.ref)
```
{{% /choosable %}}
{{% choosable language csharp %}}
```csharp
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
using DockerBuild = Pulumi.DockerBuild;
return await Deployment.RunAsync(() =>
{
// Create an ECR repository for pushing.
var ecrRepository = new Aws.Ecr.Repository("ecr-repository");
// Grab auth credentials for ECR.
var authToken = Aws.Ecr.GetAuthorizationToken.Invoke(new()
{
RegistryId = ecrRepository.RegistryId,
});
// Build and push an image to ECR with inline caching.
var myImage = new DockerBuild.Image("my-image", new()
{
// Tag our image with our ECR repository's address.
Tags = new[]
{
ecrRepository.RepositoryUrl.Apply(repositoryUrl => $"{repositoryUrl}:latest"),
},
Context = new DockerBuild.Inputs.BuildContextArgs
{
Location = "./app",
},
// Use the pushed image as a cache source.
CacheFrom = new[]
{
new DockerBuild.Inputs.CacheFromArgs
{
Registry = new DockerBuild.Inputs.CacheFromRegistryArgs
{
Ref = ecrRepository.RepositoryUrl.Apply(repositoryUrl => $"{repositoryUrl}:latest"),
},
},
},
// Include an inline cache with our pushed image.
CacheTo = new[]
{
new DockerBuild.Inputs.CacheToArgs
{
Inline = null,
},
},
// Build a multi-platform image manifest for ARM and AMD.
Platforms = new[]
{
DockerBuild.Platform.Linux_amd64,
DockerBuild.Platform.Linux_arm64,
},
// Push the final result to ECR.
Push = true,
// Provide our ECR credentials.
Registries = new[]
{
new DockerBuild.Inputs.RegistryArgs
{
Address = ecrRepository.RepositoryUrl,
Password = authToken.Apply(getAuthorizationTokenResult => getAuthorizationTokenResult.Password),
Username = authToken.Apply(getAuthorizationTokenResult => getAuthorizationTokenResult.UserName),
},
},
});
// Export a ref for the pushed images so we can deploy it.
return new Dictionary<string, object?>
{
["ref"] = myImage.Ref,
};
});
```
{{% /choosable %}}
{{% choosable language go %}}
```go
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr"
"github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Create an ECR repository for pushing.
ecrRepository, err := ecr.NewRepository(ctx, "ecr-repository", nil)
if err != nil {
return err
}
// Grab auth credentials for ECR.
authToken := ecr.GetAuthorizationTokenOutput(ctx, ecr.GetAuthorizationTokenOutputArgs{
RegistryId: ecrRepository.RegistryId,
}, nil)
// Build and push an image to ECR with inline caching.
myImage, err := dockerbuild.NewImage(ctx, "my-image", &dockerbuild.ImageArgs{
// Tag our image with our ECR repository's address.
Tags: pulumi.StringArray{
ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) {
return fmt.Sprintf("%v:latest", repositoryUrl), nil
}).(pulumi.StringOutput),
},
Context: &dockerbuild.BuildContextArgs{
Location: pulumi.String("./app"),
},
// Use the pushed image as a cache source.
CacheFrom: dockerbuild.CacheFromArray{
&dockerbuild.CacheFromArgs{
Registry: &dockerbuild.CacheFromRegistryArgs{
Ref: ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) {
return fmt.Sprintf("%v:latest", repositoryUrl), nil
}).(pulumi.StringOutput),
},
},
},
// Include an inline cache with our pushed image.
CacheTo: dockerbuild.CacheToArray{
&dockerbuild.CacheToArgs{
Inline: nil,
},
},
// Build a multi-platform image manifest for ARM and AMD.
Platforms: dockerbuild.PlatformArray{
dockerbuild.Platform_Linux_amd64,
dockerbuild.Platform_Linux_arm64,
},
// Push the final result to ECR.
Push: pulumi.Bool(true),
// Provide our ECR credentials.
Registries: dockerbuild.RegistryArray{
&dockerbuild.RegistryArgs{
Address: ecrRepository.RepositoryUrl,
Password: authToken.ApplyT(func(authToken ecr.GetAuthorizationTokenResult) (*string, error) {
return &authToken.Password, nil
}).(pulumi.StringPtrOutput),
Username: authToken.ApplyT(func(authToken ecr.GetAuthorizationTokenResult) (*string, error) {
return &authToken.UserName, nil
}).(pulumi.StringPtrOutput),
},
},
})
if err != nil {
return err
}
// Export a ref for the pushed images so we can deploy it.
ctx.Export("ref", myImage.Ref)
return nil
})
}
```
{{% /choosable %}}
{{% choosable language yaml %}}
```yaml
description: Push to AWS ECR with caching
name: ecr
outputs:
ref: ${my-image.ref}
resources:
# Create an ECR repository for pushing.
ecr-repository:
type: aws:ecr:Repository
# Build and push an image to ECR with inline caching.
my-image:
type: docker-build:Image
properties:
# Tag our image with our ECR repository's address.
tags:
- ${ecr-repository.repositoryUrl}:latest
context:
location: ./app
# Use the pushed image as a cache source.
cacheFrom:
- registry:
ref: ${ecr-repository.repositoryUrl}:latest
# Include an inline cache with our pushed image.
cacheTo:
- inline: {}
# Build a multi-platform image manifest for ARM and AMD.
platforms:
- linux/amd64
- linux/arm64
# Push the final result to ECR.
push: true
# Provide our ECR credentials.
registries:
- address: ${ecr-repository.repositoryUrl}
password: ${auth-token.password}
username: ${auth-token.userName}
runtime: yaml
variables:
auth-token:
# Grab auth credentials for ECR.
fn::aws:ecr:getAuthorizationToken:
registryId: ${ecr-repository.registryId}
```
{{% /choosable %}}
{{% choosable language java %}}
```java
package myapp;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ecr.Repository;
import com.pulumi.aws.ecr.EcrFunctions;
import com.pulumi.aws.ecr.inputs.GetAuthorizationTokenArgs;
import com.pulumi.dockerbuild.Image;
import com.pulumi.dockerbuild.ImageArgs;
import com.pulumi.dockerbuild.inputs.CacheFromArgs;
import com.pulumi.dockerbuild.inputs.CacheFromRegistryArgs;
import com.pulumi.dockerbuild.inputs.CacheToArgs;
import com.pulumi.dockerbuild.inputs.CacheToInlineArgs;
import com.pulumi.dockerbuild.inputs.BuildContextArgs;
import com.pulumi.dockerbuild.inputs.RegistryArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Create an ECR repository for pushing.
var ecrRepository = new Repository("ecrRepository");
// Grab auth credentials for ECR.
final var authToken = EcrFunctions.getAuthorizationToken(GetAuthorizationTokenArgs.builder()
.registryId(ecrRepository.registryId())
.build());
// Build and push an image to ECR with inline caching.
var myImage = new Image("myImage", ImageArgs.builder()
// Tag our image with our ECR repository's address.
.tags(ecrRepository.repositoryUrl().applyValue(repositoryUrl -> String.format("%s:latest", repositoryUrl)))
.context(BuildContextArgs.builder()
.location("./app")
.build())
// Use the pushed image as a cache source.
.cacheFrom(CacheFromArgs.builder()
.registry(CacheFromRegistryArgs.builder()
.ref(ecrRepository.repositoryUrl().applyValue(repositoryUrl -> String.format("%s:latest", repositoryUrl)))
.build())
.build())
// Include an inline cache with our pushed image.
.cacheTo(CacheToArgs.builder()
.inline()
.build())
// Build a multi-platform image manifest for ARM and AMD.
.platforms(
"linux/amd64",
"linux/arm64")
// Push the final result to ECR.
.push(true)
// Provide our ECR credentials.
.registries(RegistryArgs.builder()
.address(ecrRepository.repositoryUrl())
.password(authToken.applyValue(getAuthorizationTokenResult -> getAuthorizationTokenResult).applyValue(authToken -> authToken.applyValue(getAuthorizationTokenResult -> getAuthorizationTokenResult.password())))
.username(authToken.applyValue(getAuthorizationTokenResult -> getAuthorizationTokenResult).applyValue(authToken -> authToken.applyValue(getAuthorizationTokenResult -> getAuthorizationTokenResult.userName())))
.build())
.build());
ctx.export("ref", myImage.ref());
}
}
```
{{% /choosable %}}
{{< /chooser >}}

33
docs/installation-configuration.md
View File

@@ -1,33 +0,0 @@
---
title: Docker-Build Installation & Configuration
meta_desc: Provides an overview on how to configure the Pulumi Docker-Build Provider.
layout: package
---
The Pulumi Docker-build provider builds modern Docker images with [buildx](https://docs.docker.com/reference/cli/docker/buildx/) and [BuildKit](https://docs.docker.com/build/buildkit/).
## Installation
The Docker-Build provider is available as a package in all Pulumi languages:
* JavaScript/TypeScript: [`@pulumi/docker-build`](https://www.npmjs.com/package/@pulumi/docker-build)
* Python: [`pulumi-docker-build`](https://pypi.org/project/pulumi-docker-build/)
* Go: [`github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild`](https://github.com/pulumi/pulumi-docker-build)
* .NET: [`Pulumi.DockerBuild`](https://www.nuget.org/packages/Pulumi.DockerBuild)
* Java: [`com.pulumi/docker-build`](https://central.sonatype.com/artifact/com.pulumi/docker-build)
## Configuring The Provider
### Host
The `DOCKER_HOST` environment variable can be used to specify a custom build daemon's location.
```bash
$ export DOCKER_HOST=tcp://127.0.0.1:2376/
```
This can also be specified in your stack's configuration:
```bash
$ pulumi config set docker-build:host tcp://127.0.0.1:2376/
```

24
examples/go/go.mod
View File

@@ -6,7 +6,7 @@ toolchain go1.24.5
require (
github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.12
github.com/pulumi/pulumi/sdk/v3 v3.192.0
github.com/pulumi/pulumi/sdk/v3 v3.187.0
)
require (
@@ -58,12 +58,11 @@ require (
github.com/opentracing/basictracer-go v1.1.0 // indirect
github.com/opentracing/opentracing-go v1.2.0 // indirect
github.com/pgavlin/fx v0.1.6 // indirect
github.com/pgavlin/fx/v2 v2.0.3 // indirect
github.com/pjbgf/sha1cd v0.3.2 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pkg/term v1.1.0 // indirect
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect
github.com/pulumi/esc v0.20.0 // indirect
github.com/pulumi/esc v0.14.3 // indirect
github.com/rivo/uniseg v0.4.7 // indirect
github.com/rogpeppe/go-internal v1.14.1 // indirect
github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect
@@ -79,17 +78,18 @@ require (
github.com/xanzy/ssh-agent v0.3.3 // indirect
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
github.com/zclconf/go-cty v1.16.2 // indirect
go.opentelemetry.io/otel v1.36.0 // indirect
go.opentelemetry.io/otel/sdk v1.36.0 // indirect
go.uber.org/atomic v1.11.0 // indirect
golang.org/x/crypto v0.45.0 // indirect
golang.org/x/exp v0.0.0-20250718183923-645b1fa84792 // indirect
golang.org/x/mod v0.29.0 // indirect
golang.org/x/net v0.47.0 // indirect
golang.org/x/sync v0.18.0 // indirect
golang.org/x/sys v0.38.0 // indirect
golang.org/x/term v0.37.0 // indirect
golang.org/x/text v0.31.0 // indirect
golang.org/x/tools v0.38.0 // indirect
golang.org/x/crypto v0.39.0 // indirect
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 // indirect
golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.40.0 // indirect
golang.org/x/sync v0.15.0 // indirect
golang.org/x/sys v0.33.0 // indirect
golang.org/x/term v0.32.0 // indirect
golang.org/x/text v0.26.0 // indirect
golang.org/x/tools v0.33.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250519155744-55703ea1f237 // indirect
google.golang.org/grpc v1.72.1 // indirect
google.golang.org/protobuf v1.36.6 // indirect

44
examples/go/go.sum
View File

@@ -159,12 +159,12 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435cARxCW6q9gc0S/Yxz7Mkd38pOb0=
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE=
github.com/pulumi/esc v0.20.0 h1:LZn4sjAsI76x10ZuZXXyh2ExGcP7AHmjOzCi/p3/fpQ=
github.com/pulumi/esc v0.20.0/go.mod h1:h1VjdedI0K84MhMzaR9ZKbEpU6SfZMOZF4ZrVgQyNLY=
github.com/pulumi/esc v0.14.3 h1:Zli+9LiSDT/W+Fsfr8tITxCo+5wn969tLrE4KLv44G8=
github.com/pulumi/esc v0.14.3/go.mod h1:XnSxlt5NkmuAj304l/gK4pRErFbtqq6XpfX1tYT9Jbc=
github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.12 h1:uzmw+0iic764m0Yvh4I/jRV1x3q49dVh5Ctq9RllsQ8=
github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.12/go.mod h1:6zFMe786NvFDO03BVJwdw1R/Yms4F6vAU49iBHo8zbQ=
github.com/pulumi/pulumi/sdk/v3 v3.192.0 h1:sfHuR3P02wSbV3xdSMEQ0+uC/HzlMz0YfKrVAXy1hSQ=
github.com/pulumi/pulumi/sdk/v3 v3.192.0/go.mod h1:aV0+c5xpSYccWKmOjTZS9liYCqh7+peu3cQgSXu7CJw=
github.com/pulumi/pulumi/sdk/v3 v3.187.0 h1:BflBBeD/qaoKN4Tov11g4aHzJ7pTXBSb8otgmteRer0=
github.com/pulumi/pulumi/sdk/v3 v3.187.0/go.mod h1:BnpKxUc6QlxqoCqobHNZsUuIuY27H6ZFUk0Cp+0JN5U=
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
@@ -228,29 +228,29 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
golang.org/x/exp v0.0.0-20250718183923-645b1fa84792 h1:R9PFI6EUdfVKgwKjZef7QIwGcBKu86OEFpJ9nUEP2l4=
golang.org/x/exp v0.0.0-20250718183923-645b1fa84792/go.mod h1:A+z0yzpGtvnG90cToK5n2tu8UJVP2XUATh+r+sfOOOc=
golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 h1:R84qjqJb5nVJMxqWYb3np9L5ZsaDtB+a39EqjV0JSUM=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0/go.mod h1:S9Xr4PYopiDyqSyp5NjCrhFrqg6A5zA2E/iPHPhqnS8=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -266,24 +266,24 @@ golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
golang.org/x/tools v0.33.0 h1:4qz2S3zmRxbGIhDIAgjxvFutSvH5EfnsYrRBj0UI0bc=
golang.org/x/tools v0.33.0/go.mod h1:CIJMaWEY88juyUfo7UbgPqbC8rU2OqfAV1h2Qp0oMYI=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

2
examples/nodejs/package.json
View File

@@ -5,6 +5,6 @@
},
"dependencies": {
"typescript": "^4.0.0",
"@pulumi/pulumi": "3.210.0"
"@pulumi/pulumi": "3.184.0"
}
}

5
examples/nodejs_test.go
View File

@@ -181,9 +181,8 @@ func TestConfig(t *testing.T) {
require.NoError(t, err)
test := integration.ProgramTestOptions{
Dir: path.Join(cwd, "tests", "config"),
Dependencies: []string{"@pulumi/docker-build"},
SkipEmptyPreviewUpdate: true,
Dir: path.Join(cwd, "tests", "config"),
Dependencies: []string{"@pulumi/docker-build"},
}
integration.ProgramTest(t, &test)

2
examples/tests/caching/package.json
View File

@@ -4,6 +4,6 @@
"@types/node": "^20.0.0"
},
"dependencies": {
"@pulumi/pulumi": "3.210.0"
"@pulumi/pulumi": "3.184.0"
}
}

90
examples/tests/caching/yarn.lock
View File

@@ -369,10 +369,10 @@
resolved "https://registry.yarnpkg.com/@protobufjs/utf8/-/utf8-1.1.0.tgz#a777360b5b39a1a2e5106f8e858f2fd2d060c570"
integrity sha512-Vvn3zZrhQZkkBE8LSuW3em98c0FwgO4nxzv6OdSxPKJIEKY2bGbHn+mhGIPerzI4twdxaP8/0+06HBpwf345Lw==
"@pulumi/pulumi@3.210.0":
version "3.210.0"
resolved "https://registry.yarnpkg.com/@pulumi/pulumi/-/pulumi-3.210.0.tgz#c5d59ebaded83f5baf571e0c5c1b6a766fc694ea"
integrity sha512-ZMe4oH8nFNi3Tig1U8mTEuqrjTyEz0aVkn+DvvjcBPvM7WzZSdB6xR9MiRK/ZUi0G5O+H7fx2gEEeq1vYcM5Jg==
"@pulumi/pulumi@3.184.0":
version "3.184.0"
resolved "https://registry.yarnpkg.com/@pulumi/pulumi/-/pulumi-3.184.0.tgz#650831728ed5c22ff1eda36349af860fadc5c9d1"
integrity sha512-hseyV9cDUcu6MgXnnuKibIx5DtZVjS0judMYQdy74vau8CCKIAoIJGoURaKIl0KCT8OuvaMCHS+iOG/8o8VSCg==
dependencies:
"@grpc/grpc-js" "^1.10.1"
"@logdna/tail-file" "^2.0.6"
@@ -389,18 +389,18 @@
"@types/tmp" "^0.2.6"
execa "^5.1.0"
fdir "^6.1.1"
google-protobuf "^3.21.4"
google-protobuf "^3.5.0"
got "^11.8.6"
ini "^2.0.0"
js-yaml "^3.14.2"
js-yaml "^3.14.0"
minimist "^1.2.6"
normalize-package-data "^6.0.0"
package-directory "^8.1.0"
picomatch "^3.0.1"
pkg-dir "^7.0.0"
require-from-string "^2.0.1"
semver "^7.5.2"
source-map-support "^0.5.6"
tmp "^0.2.4"
tmp "^0.2.1"
upath "^1.1.0"
"@sigstore/bundle@^2.3.2":
@@ -819,10 +819,13 @@ fdir@^6.1.1:
resolved "https://registry.yarnpkg.com/fdir/-/fdir-6.2.0.tgz#9120f438d566ef3e808ca37864d9dd18e1a4f9b5"
integrity sha512-9XaWcDl0riOX5j2kYfy0kKdg7skw3IY6kA4LFT8Tk2yF9UdrADUy8D6AJuBLtf7ISm/MksumwAHE3WVbMRyCLw==
find-up-simple@^1.0.0:
version "1.0.1"
resolved "https://registry.yarnpkg.com/find-up-simple/-/find-up-simple-1.0.1.tgz#18fb90ad49e45252c4d7fca56baade04fa3fca1e"
integrity sha512-afd4O7zpqHeRyg4PfDQsXmlDe2PfdHtJt6Akt8jOWaApLOZk5JXs6VMR29lz03pRe9mpykrRCYIYxaJYcfpncQ==
find-up@^6.3.0:
version "6.3.0"
resolved "https://registry.yarnpkg.com/find-up/-/find-up-6.3.0.tgz#2abab3d3280b2dc7ac10199ef324c4e002c8c790"
integrity sha512-v2ZsoEuVHYy8ZIlYqwPe/39Cy+cFDzp4dXPaxNvkEuouymu+2Jbz0PxpKarJHYJTmv2HWT3O382qY8l4jMWthw==
dependencies:
locate-path "^7.1.0"
path-exists "^5.0.0"
foreground-child@^3.1.0:
version "3.3.0"
@@ -880,7 +883,7 @@ glob@^10.2.2, glob@^10.3.10:
package-json-from-dist "^1.0.0"
path-scurry "^1.11.1"
google-protobuf@^3.21.4:
google-protobuf@^3.5.0:
version "3.21.4"
resolved "https://registry.yarnpkg.com/google-protobuf/-/google-protobuf-3.21.4.tgz#2f933e8b6e5e9f8edde66b7be0024b68f77da6c9"
integrity sha512-MnG7N936zcKTco4Jd2PX2U96Kf9PxygAPKBug+74LHzmHXmceN16MmRcdgZv+DGef/S9YvQAfRsNCn4cjf9yyQ==
@@ -1048,10 +1051,10 @@ jackspeak@^3.1.2:
optionalDependencies:
"@pkgjs/parseargs" "^0.11.0"
js-yaml@^3.14.2:
version "3.14.2"
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.2.tgz#77485ce1dd7f33c061fd1b16ecea23b55fcb04b0"
integrity sha512-PMSmkqxr106Xa156c2M265Z+FTrPl+oxd/rgOQy2tijQeK5TxQ43psO1ZCwhVOSdnn+RzkzlRz/eY4BgJBYVpg==
js-yaml@^3.14.0:
version "3.14.1"
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537"
integrity sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==
dependencies:
argparse "^1.0.7"
esprima "^4.0.0"
@@ -1098,6 +1101,13 @@ keyv@^4.0.0:
dependencies:
json-buffer "3.0.1"
locate-path@^7.1.0:
version "7.2.0"
resolved "https://registry.yarnpkg.com/locate-path/-/locate-path-7.2.0.tgz#69cb1779bd90b35ab1e771e1f2f89a202c2a8a8a"
integrity sha512-gvVijfZvn7R+2qyPX8mAuKcFGDf6Nc61GdvGafQsHL0sBIxfKzA+usWn4GFC/bk+QdwPUD4kWFJLhElipq+0VA==
dependencies:
p-locate "^6.0.0"
lodash.camelcase@^4.3.0:
version "4.3.0"
resolved "https://registry.yarnpkg.com/lodash.camelcase/-/lodash.camelcase-4.3.0.tgz#b28aa6288a2b9fc651035c7711f65ab6190331a6"
@@ -1375,6 +1385,20 @@ p-cancelable@^2.0.0:
resolved "https://registry.yarnpkg.com/p-cancelable/-/p-cancelable-2.1.1.tgz#aab7fbd416582fa32a3db49859c122487c5ed2cf"
integrity sha512-BZOr3nRQHOntUjTrH8+Lh54smKHoHyur8We1V8DSMVrl5A2malOOwuJRnKRDjSnkoeBh4at6BwEnb5I7Jl31wg==
p-limit@^4.0.0:
version "4.0.0"
resolved "https://registry.yarnpkg.com/p-limit/-/p-limit-4.0.0.tgz#914af6544ed32bfa54670b061cafcbd04984b644"
integrity sha512-5b0R4txpzjPWVw/cXXUResoD4hb6U/x9BH08L7nw+GN1sezDzPdxeRvpc9c433fZhBan/wusjbCsqwqm4EIBIQ==
dependencies:
yocto-queue "^1.0.0"
p-locate@^6.0.0:
version "6.0.0"
resolved "https://registry.yarnpkg.com/p-locate/-/p-locate-6.0.0.tgz#3da9a49d4934b901089dca3302fa65dc5a05c04f"
integrity sha512-wPrq66Llhl7/4AGC6I+cqxT07LhXvWL08LNXz1fENOw0Ap4sRZZ/gZpTTJ5jpurzzzfS2W/Ge9BY3LgLjCShcw==
dependencies:
p-limit "^4.0.0"
p-map@^4.0.0:
version "4.0.0"
resolved "https://registry.yarnpkg.com/p-map/-/p-map-4.0.0.tgz#bb2f95a5eda2ec168ec9274e06a747c3e2904d2b"
@@ -1382,13 +1406,6 @@ p-map@^4.0.0:
dependencies:
aggregate-error "^3.0.0"
package-directory@^8.1.0:
version "8.1.0"
resolved "https://registry.yarnpkg.com/package-directory/-/package-directory-8.1.0.tgz#75737f33380df04490de8cacb47d682116661401"
integrity sha512-qHKRW0pw3lYdZMQVkjDBqh8HlamH/LCww2PH7OWEp4Qrt3SFeYMNpnJrQzlSnGrDD5zGR51XqBh7FnNCdVNEHA==
dependencies:
find-up-simple "^1.0.0"
package-json-from-dist@^1.0.0:
version "1.0.0"
resolved "https://registry.yarnpkg.com/package-json-from-dist/-/package-json-from-dist-1.0.0.tgz#e501cd3094b278495eb4258d4c9f6d5ac3019f00"
@@ -1426,6 +1443,11 @@ parse-conflict-json@^3.0.0:
just-diff "^6.0.0"
just-diff-apply "^5.2.0"
path-exists@^5.0.0:
version "5.0.0"
resolved "https://registry.yarnpkg.com/path-exists/-/path-exists-5.0.0.tgz#a6aad9489200b21fab31e49cf09277e5116fb9e7"
integrity sha512-RjhtfwJOxzcFmNOi6ltcbcu4Iu+FL3zEj83dk4kAS+fVpTxXLO1b38RvJgT/0QwvV/L3aY9TAnyv0EOqW4GoMQ==
path-key@^3.0.0, path-key@^3.1.0:
version "3.1.1"
resolved "https://registry.yarnpkg.com/path-key/-/path-key-3.1.1.tgz#581f6ade658cbba65a0d3380de7753295054f375"
@@ -1449,6 +1471,13 @@ picomatch@^3.0.1:
resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-3.0.1.tgz#817033161def55ec9638567a2f3bbc876b3e7516"
integrity sha512-I3EurrIQMlRc9IaAZnqRR044Phh2DXY+55o7uJ0V+hYZAcQYSuFWsc9q5PvyDHUSCe1Qxn/iBz+78s86zWnGag==
pkg-dir@^7.0.0:
version "7.0.0"
resolved "https://registry.yarnpkg.com/pkg-dir/-/pkg-dir-7.0.0.tgz#8f0c08d6df4476756c5ff29b3282d0bab7517d11"
integrity sha512-Ie9z/WINcxxLp27BKOCHGde4ITq9UklYKDzVo1nhk5sqGEXU3FpkwP5GM2voTGJkGd9B3Otl+Q4uwSOeSUtOBA==
dependencies:
find-up "^6.3.0"
postcss-selector-parser@^6.0.10:
version "6.1.1"
resolved "https://registry.yarnpkg.com/postcss-selector-parser/-/postcss-selector-parser-6.1.1.tgz#5be94b277b8955904476a2400260002ce6c56e38"
@@ -1776,10 +1805,10 @@ tar@^6.1.11, tar@^6.2.1:
mkdirp "^1.0.3"
yallist "^4.0.0"
tmp@^0.2.4:
version "0.2.5"
resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.2.5.tgz#b06bcd23f0f3c8357b426891726d16015abfd8f8"
integrity sha512-voyz6MApa1rQGUxT3E+BK7/ROe8itEx7vD8/HEvt4xwXucvQ5G5oeEiHkmHZJuBO21RpOf+YYm9MOivj709jow==
tmp@^0.2.1:
version "0.2.3"
resolved "https://registry.yarnpkg.com/tmp/-/tmp-0.2.3.tgz#eb783cc22bc1e8bebd0671476d46ea4eb32a79ae"
integrity sha512-nZD7m9iCPC5g0pYmcaxogYKggSfLsdxl8of3Q/oIbqCqLLIO9IAF0GWjX1z9NZRHPiXv8Wex4yDCaZsgEw0Y8w==
treeverse@^3.0.0:
version "3.0.0"
@@ -1928,3 +1957,8 @@ yargs@^17.7.2:
string-width "^4.2.3"
y18n "^5.0.5"
yargs-parser "^21.1.1"
yocto-queue@^1.0.0:
version "1.1.1"
resolved "https://registry.yarnpkg.com/yocto-queue/-/yocto-queue-1.1.1.tgz#fef65ce3ac9f8a32ceac5a634f74e17e5b232110"
integrity sha512-b4JR1PFR10y1mKjhHY9LaGo6tmrgjit7hxVIeAmyMw3jegXR4dhYqLaQF5zMXZxY7tLpMyJeLjr1C4rLmkVe8g==

2
examples/tests/config/package.json
View File

@@ -4,6 +4,6 @@
"@types/node": "^20.0.0"
},
"dependencies": {
"@pulumi/pulumi": "3.210.0"
"@pulumi/pulumi": "3.184.0"
}
}

2
examples/upgrade-node/package.json
View File

@@ -5,6 +5,6 @@
},
"dependencies": {
"typescript": "^4.0.0",
"@pulumi/pulumi": "3.210.0"
"@pulumi/pulumi": "3.184.0"
}
}

39
go.mod
View File

@@ -16,14 +16,14 @@ require (
github.com/otiai10/copy v1.14.0
github.com/pulumi/providertest v0.3.1
github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3 v3.0.0-20250806132441-44ca9a522cef
github.com/pulumi/pulumi-go-provider v1.1.2
github.com/pulumi/pulumi-go-provider v1.1.1
github.com/pulumi/pulumi-java/pkg v1.16.0
github.com/pulumi/pulumi-yaml v1.21.2
github.com/pulumi/pulumi/pkg/v3 v3.192.0
github.com/pulumi/pulumi/pkg/v3 v3.187.0
github.com/pulumi/pulumi/sdk/go/pulumi-language-go/v3 v3.0.0-20250806165243-bee5e4fa4815
github.com/pulumi/pulumi/sdk/nodejs/cmd/pulumi-language-nodejs/v3 v3.0.0-20250806165243-bee5e4fa4815
github.com/pulumi/pulumi/sdk/python/cmd/pulumi-language-python/v3 v3.0.0-20250806165243-bee5e4fa4815
github.com/pulumi/pulumi/sdk/v3 v3.192.0
github.com/pulumi/pulumi/sdk/v3 v3.187.0
github.com/regclient/regclient v0.7.1
github.com/sirupsen/logrus v1.9.3
github.com/spf13/afero v1.14.0
@@ -34,8 +34,8 @@ require (
go.opentelemetry.io/otel/sdk v1.36.0
go.opentelemetry.io/otel/trace v1.36.0
go.uber.org/mock v0.5.2
golang.org/x/crypto v0.45.0
golang.org/x/exp v0.0.0-20250718183923-645b1fa84792
golang.org/x/crypto v0.39.0
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0
google.golang.org/protobuf v1.36.6
gopkg.in/yaml.v3 v3.0.1
)
@@ -140,7 +140,7 @@ require (
github.com/compose-spec/compose-go/v2 v2.4.8 // indirect
github.com/containerd/console v1.0.4 // indirect
github.com/containerd/containerd/api v1.8.0 // indirect
github.com/containerd/containerd/v2 v2.0.7 // indirect
github.com/containerd/containerd/v2 v2.0.3 // indirect
github.com/containerd/continuity v0.4.5 // indirect
github.com/containerd/errdefs v1.0.0 // indirect
github.com/containerd/errdefs/pkg v0.3.0 // indirect
@@ -198,7 +198,7 @@ require (
github.com/go-toolsmith/astp v1.1.0 // indirect
github.com/go-toolsmith/strparse v1.1.0 // indirect
github.com/go-toolsmith/typep v1.1.0 // indirect
github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
github.com/go-viper/mapstructure/v2 v2.0.0 // indirect
github.com/go-xmlfmt/xmlfmt v1.1.2 // indirect
github.com/gobwas/glob v0.2.3 // indirect
github.com/godbus/dbus/v5 v5.1.0 // indirect
@@ -342,7 +342,6 @@ require (
github.com/pgavlin/aho-corasick v0.5.1 // indirect
github.com/pgavlin/diff v0.0.0-20230503175810-113847418e2e // indirect
github.com/pgavlin/fx v0.1.6 // indirect
github.com/pgavlin/fx/v2 v2.0.3 // indirect
github.com/pgavlin/goldmark v1.1.33-0.20200616210433-b5eb04559386 // indirect
github.com/pgavlin/text v0.0.0-20240821195002-b51d0990e284 // indirect
github.com/pjbgf/sha1cd v0.3.2 // indirect
@@ -358,7 +357,7 @@ require (
github.com/prometheus/common v0.55.0 // indirect
github.com/prometheus/procfs v0.15.1 // indirect
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect
github.com/pulumi/esc v0.20.0 // indirect
github.com/pulumi/esc v0.17.0 // indirect
github.com/pulumi/inflector v0.2.1 // indirect
github.com/quasilyte/go-ruleguard v0.4.2 // indirect
github.com/quasilyte/go-ruleguard/dsl v0.3.22 // indirect
@@ -419,7 +418,7 @@ require (
github.com/tonistiigi/vt100 v0.0.0-20240514184818-90bafcd6abab // indirect
github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect
github.com/uber/jaeger-lib v2.4.1+incompatible // indirect
github.com/ulikunitz/xz v0.5.15 // indirect
github.com/ulikunitz/xz v0.5.12 // indirect
github.com/ultraware/funlen v0.1.0 // indirect
github.com/ultraware/whitespace v0.1.1 // indirect
github.com/uudashr/gocognit v1.1.2 // indirect
@@ -433,7 +432,7 @@ require (
github.com/yagipy/maintidx v1.0.0 // indirect
github.com/yeya24/promlinter v0.3.0 // indirect
github.com/ykadowak/zerologlint v0.1.5 // indirect
github.com/yuin/goldmark v1.7.13 // indirect
github.com/yuin/goldmark v1.5.2 // indirect
github.com/yuin/goldmark-emoji v1.0.1 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
github.com/zclconf/go-cty v1.16.3 // indirect
@@ -461,17 +460,15 @@ require (
gocloud.dev v0.37.0 // indirect
gocloud.dev/secrets/hashivault v0.37.0 // indirect
golang.org/x/exp/typeparams v0.0.0-20240314144324-c7f7c6466f7f // indirect
golang.org/x/mod v0.29.0 // indirect
golang.org/x/net v0.47.0 // indirect
golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.40.0 // indirect
golang.org/x/oauth2 v0.30.0 // indirect
golang.org/x/sync v0.18.0 // indirect
golang.org/x/sys v0.38.0 // indirect
golang.org/x/term v0.37.0 // indirect
golang.org/x/text v0.31.0 // indirect
golang.org/x/time v0.12.0 // indirect
golang.org/x/tools v0.38.0 // indirect
golang.org/x/tools/go/expect v0.1.1-deprecated // indirect
golang.org/x/tools/godoc v0.1.0-deprecated // indirect
golang.org/x/sync v0.15.0 // indirect
golang.org/x/sys v0.33.0 // indirect
golang.org/x/term v0.32.0 // indirect
golang.org/x/text v0.26.0 // indirect
golang.org/x/time v0.6.0 // indirect
golang.org/x/tools v0.33.0 // indirect
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
google.golang.org/api v0.169.0 // indirect
google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7 // indirect

77
go.sum
View File

@@ -245,8 +245,8 @@ github.com/containerd/console v1.0.4 h1:F2g4+oChYvBTsASRTz8NP6iIAi97J3TtSAsLbIFn
github.com/containerd/console v1.0.4/go.mod h1:YynlIjWYF8myEu6sdkwKIvGQq+cOckRm6So2avqoYAk=
github.com/containerd/containerd/api v1.8.0 h1:hVTNJKR8fMc/2Tiw60ZRijntNMd1U+JVMyTRdsD2bS0=
github.com/containerd/containerd/api v1.8.0/go.mod h1:dFv4lt6S20wTu/hMcP4350RL87qPWLVa/OHOwmmdnYc=
github.com/containerd/containerd/v2 v2.0.7 h1:55JsNhqP/L7VZOijyfq6Qn0O8Oeff0UizfRuP+2pc90=
github.com/containerd/containerd/v2 v2.0.7/go.mod h1:su8B0Z1NFQMEIztOIbHwy7xtznbCms/kFlfsxIcQrZ8=
github.com/containerd/containerd/v2 v2.0.3 h1:zBKgwgZsuu+LPCMzCLgA4sC4MiZzZ59ZT31XkmiISQM=
github.com/containerd/containerd/v2 v2.0.3/go.mod h1:5j9QUUaV/cy9ZeAx4S+8n9ffpf+iYnEj4jiExgcbuLY=
github.com/containerd/continuity v0.4.5 h1:ZRoN1sXq9u7V6QoHMcVWGhOwDFqZ4B9i5H6un1Wh0x4=
github.com/containerd/continuity v0.4.5/go.mod h1:/lNJvtJKUQStBzpVQ1+rasXO1LAWtUQssk28EZvJ3nE=
github.com/containerd/errdefs v1.0.0 h1:tg5yIfIlQIrxYtu9ajqY42W3lpS19XqdxRQeEwYG8PI=
@@ -424,8 +424,8 @@ github.com/go-toolsmith/strparse v1.1.0 h1:GAioeZUK9TGxnLS+qfdqNbA4z0SSm5zVNtCQi
github.com/go-toolsmith/strparse v1.1.0/go.mod h1:7ksGy58fsaQkGQlY8WVoBFNyEPMGuJin1rfoPS4lBSQ=
github.com/go-toolsmith/typep v1.1.0 h1:fIRYDyF+JywLfqzyhdiHzRop/GQDxxNhLGQ6gFUNHus=
github.com/go-toolsmith/typep v1.1.0/go.mod h1:fVIw+7zjdsMxDA3ITWnH1yOiw1rnTQKCsF/sk2H/qig=
github.com/go-viper/mapstructure/v2 v2.4.0 h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs=
github.com/go-viper/mapstructure/v2 v2.4.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
github.com/go-viper/mapstructure/v2 v2.0.0 h1:dhn8MZ1gZ0mzeodTG3jt5Vj/o87xZKuNAprG2mQfMfc=
github.com/go-viper/mapstructure/v2 v2.0.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
github.com/go-xmlfmt/xmlfmt v1.1.2 h1:Nea7b4icn8s57fTx1M5AI4qQT5HEM3rVUO8MuE6g80U=
github.com/go-xmlfmt/xmlfmt v1.1.2/go.mod h1:aUCEOzzezBEjDBbFBoSiya/gduyIiWYRP6CnSFIV8AM=
github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
@@ -888,30 +888,30 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435cARxCW6q9gc0S/Yxz7Mkd38pOb0=
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE=
github.com/pulumi/esc v0.20.0 h1:LZn4sjAsI76x10ZuZXXyh2ExGcP7AHmjOzCi/p3/fpQ=
github.com/pulumi/esc v0.20.0/go.mod h1:h1VjdedI0K84MhMzaR9ZKbEpU6SfZMOZF4ZrVgQyNLY=
github.com/pulumi/esc v0.17.0 h1:oaVOIyFTENlYDuqc3pW75lQT9jb2cd6ie/4/Twxn66w=
github.com/pulumi/esc v0.17.0/go.mod h1:XnSxlt5NkmuAj304l/gK4pRErFbtqq6XpfX1tYT9Jbc=
github.com/pulumi/inflector v0.2.1 h1:bqyiish3tq//vLeLiEstSFE5K7RNjy/ce47ed4QATu8=
github.com/pulumi/inflector v0.2.1/go.mod h1:HUFCjcPTz96YtTuUlwG3i3EZG4WlniBvR9bd+iJxCUY=
github.com/pulumi/providertest v0.3.1 h1:vlftr7TZlObh81mL88IhhF0/9ZbLrZZos4NAvR4HUUw=
github.com/pulumi/providertest v0.3.1/go.mod h1:fFHUP4/9DRyYnHWiRnwcynMtM/a7hHR/QcJfcuZKO3A=
github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3 v3.0.0-20250806132441-44ca9a522cef h1:cxRa9R9To6OYKacIG2Em6zcM7BDNr6joC43uiV1lSVY=
github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3 v3.0.0-20250806132441-44ca9a522cef/go.mod h1:VLcnE1lj92EfRi7CRMzdPkQ9OQvrlg2upJM1lBZzNmg=
github.com/pulumi/pulumi-go-provider v1.1.2 h1:NUQDXaftBDFTPMBPwxo8FhJUX0ymkv6a1XiXTnCDpvg=
github.com/pulumi/pulumi-go-provider v1.1.2/go.mod h1:3lNIuxT/BArFyiKrVfv+UT7gMMtplss7V69KuBZ4zIk=
github.com/pulumi/pulumi-go-provider v1.1.1 h1:4UT3LeNT9CdGhkq8OSWKJsmKTW9Tg+vsfOO/hsFVyb4=
github.com/pulumi/pulumi-go-provider v1.1.1/go.mod h1:3lNIuxT/BArFyiKrVfv+UT7gMMtplss7V69KuBZ4zIk=
github.com/pulumi/pulumi-java/pkg v1.16.0 h1:8KCiIXWv2uxfIks0SdgOezyXg4HZIoPfHID9eMg4nuM=
github.com/pulumi/pulumi-java/pkg v1.16.0/go.mod h1:VeMZ1s9LfXBypao4A1tRF3EB7fYnYZ1LwImyg6FBX0c=
github.com/pulumi/pulumi-yaml v1.21.2 h1:czqC5AazinfX6Bj0nqAAQ6x/Cr8/3oUz3HUjJg6tJ4o=
github.com/pulumi/pulumi-yaml v1.21.2/go.mod h1:KOqDnuJksfIq8belFVFN3IEI4r0NgW69M0QPSj54On4=
github.com/pulumi/pulumi/pkg/v3 v3.192.0 h1:gZRMPaNpW+VN3ng3h9r8De8wI0keWC9fIP0rcUDatMA=
github.com/pulumi/pulumi/pkg/v3 v3.192.0/go.mod h1:+Zp3EzjzGW4PlcW8oITZgeOfFzIVbLWvHtUVixvGQcs=
github.com/pulumi/pulumi/pkg/v3 v3.187.0 h1:VTbireKCxG/wKPX3slHNb3Zk3xKMr5CvcvjH8194H2I=
github.com/pulumi/pulumi/pkg/v3 v3.187.0/go.mod h1:3y5nyMg62dd+DBzYW/P4d+Ye9pJ/zhJd+aGzMzfUL1g=
github.com/pulumi/pulumi/sdk/go/pulumi-language-go/v3 v3.0.0-20250806165243-bee5e4fa4815 h1:tipGG4aEPejP424igQYxJ6TOtWVtZJa0z679oIv00ho=
github.com/pulumi/pulumi/sdk/go/pulumi-language-go/v3 v3.0.0-20250806165243-bee5e4fa4815/go.mod h1:V2MMs29cFeGBdZyFKxNqTGVfBgDLhIOGfrXOxheieuI=
github.com/pulumi/pulumi/sdk/nodejs/cmd/pulumi-language-nodejs/v3 v3.0.0-20250806165243-bee5e4fa4815 h1:+QJTFK7UcOFTYCg3XaSTrRZHWJ6Hqza8w9oADa4pPcM=
github.com/pulumi/pulumi/sdk/nodejs/cmd/pulumi-language-nodejs/v3 v3.0.0-20250806165243-bee5e4fa4815/go.mod h1:0kA9b5LsaXLEKQzo0o9UUsHtZkACthHYLyBVUDUVMxc=
github.com/pulumi/pulumi/sdk/python/cmd/pulumi-language-python/v3 v3.0.0-20250806165243-bee5e4fa4815 h1:bkvtySMos0ij3fWZWZaU5sVrvGvU0dZCusoxpgEtX6I=
github.com/pulumi/pulumi/sdk/python/cmd/pulumi-language-python/v3 v3.0.0-20250806165243-bee5e4fa4815/go.mod h1:SJtr0N/XFyelI7M7U0UbJXr15pgEdSmpN40cglTsRTA=
github.com/pulumi/pulumi/sdk/v3 v3.192.0 h1:sfHuR3P02wSbV3xdSMEQ0+uC/HzlMz0YfKrVAXy1hSQ=
github.com/pulumi/pulumi/sdk/v3 v3.192.0/go.mod h1:aV0+c5xpSYccWKmOjTZS9liYCqh7+peu3cQgSXu7CJw=
github.com/pulumi/pulumi/sdk/v3 v3.187.0 h1:BflBBeD/qaoKN4Tov11g4aHzJ7pTXBSb8otgmteRer0=
github.com/pulumi/pulumi/sdk/v3 v3.187.0/go.mod h1:BnpKxUc6QlxqoCqobHNZsUuIuY27H6ZFUk0Cp+0JN5U=
github.com/quasilyte/go-ruleguard v0.4.2 h1:htXcXDK6/rO12kiTHKfHuqR4kr3Y4M0J0rOL6CH/BYs=
github.com/quasilyte/go-ruleguard v0.4.2/go.mod h1:GJLgqsLeo4qgavUoL8JeGFNS7qcisx3awV/w9eWTmNI=
github.com/quasilyte/go-ruleguard/dsl v0.3.22 h1:wd8zkOhSNr+I+8Qeciml08ivDt1pSXe60+5DqOpCjPE=
@@ -1083,8 +1083,8 @@ github.com/uber/jaeger-client-go v2.30.0+incompatible h1:D6wyKGCecFaSRUpo8lCVbaO
github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg=
github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
github.com/ulikunitz/xz v0.5.15 h1:9DNdB5s+SgV3bQ2ApL10xRc35ck0DuIX/isZvIk+ubY=
github.com/ulikunitz/xz v0.5.15/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
github.com/ulikunitz/xz v0.5.12 h1:37Nm15o69RwBkXM0J6A5OlE67RZTfzUxTj8fB3dfcsc=
github.com/ulikunitz/xz v0.5.12/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oWt/14=
github.com/ultraware/funlen v0.1.0 h1:BuqclbkY6pO+cvxoq7OsktIXZpgBSkYTQtmwhAK81vI=
github.com/ultraware/funlen v0.1.0/go.mod h1:XJqmOQja6DpxarLj6Jj1U7JuoS8PvL4nEqDaQhy22p4=
github.com/ultraware/whitespace v0.1.1 h1:bTPOGejYFulW3PkcrqkeQwOd6NKOOXvmGD9bo/Gk8VQ=
@@ -1122,9 +1122,8 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
github.com/yuin/goldmark v1.5.2 h1:ALmeCk/px5FSm1MAcFBAsVKZjDuMVj8Tm7FFIlMJnqU=
github.com/yuin/goldmark v1.5.2/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
github.com/yuin/goldmark v1.7.13 h1:GPddIs617DnBLFFVJFgpo1aBfe/4xcvMc3SB5t/D0pA=
github.com/yuin/goldmark v1.7.13/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg=
github.com/yuin/goldmark-emoji v1.0.1 h1:ctuWEyzGBwiucEqxzwe0SOYDXPAucOrE9NQC18Wa1os=
github.com/yuin/goldmark-emoji v1.0.1/go.mod h1:2w1E6FEWLcDQkoTE+7HU6QF1F6SLlNGjRIBbIZQFqkQ=
github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
@@ -1205,11 +1204,11 @@ golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20250718183923-645b1fa84792 h1:R9PFI6EUdfVKgwKjZef7QIwGcBKu86OEFpJ9nUEP2l4=
golang.org/x/exp v0.0.0-20250718183923-645b1fa84792/go.mod h1:A+z0yzpGtvnG90cToK5n2tu8UJVP2XUATh+r+sfOOOc=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 h1:R84qjqJb5nVJMxqWYb3np9L5ZsaDtB+a39EqjV0JSUM=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0/go.mod h1:S9Xr4PYopiDyqSyp5NjCrhFrqg6A5zA2E/iPHPhqnS8=
golang.org/x/exp/typeparams v0.0.0-20220428152302-39d4317da171/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
golang.org/x/exp/typeparams v0.0.0-20230203172020-98cc5a0785f9/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
golang.org/x/exp/typeparams v0.0.0-20240314144324-c7f7c6466f7f h1:phY1HzDcf18Aq9A8KkmRtY9WvOFIxN8wgfvy6Zm1DV8=
@@ -1231,8 +1230,8 @@ golang.org/x/mod v0.7.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -1259,8 +1258,8 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
@@ -1276,8 +1275,8 @@ golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -1320,8 +1319,8 @@ golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -1332,8 +1331,8 @@ golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@@ -1345,10 +1344,10 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
golang.org/x/time v0.6.0 h1:eTDhh4ZXt5Qf0augr54TN6suAUudPcawVZeIAPU7D4U=
golang.org/x/time v0.6.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -1382,14 +1381,8 @@ golang.org/x/tools v0.5.0/go.mod h1:N+Kgy78s5I24c24dU8OfWNEotWjutIs8SnJvn5IDq+k=
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps=
golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
golang.org/x/tools/go/expect v0.1.1-deprecated h1:jpBZDwmgPhXsKZC6WhL20P4b/wmnpsEAGHaNy0n/rJM=
golang.org/x/tools/go/expect v0.1.1-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY=
golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated h1:1h2MnaIAIXISqTFKdENegdpAgUXz6NrPEsbIeWaBRvM=
golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated/go.mod h1:RVAQXBGNv1ib0J382/DPCRS/BPnsGebyM1Gj5VSDpG8=
golang.org/x/tools/godoc v0.1.0-deprecated h1:o+aZ1BOj6Hsx/GBdJO/s815sqftjSnrZZwyYTHODvtk=
golang.org/x/tools/godoc v0.1.0-deprecated/go.mod h1:qM63CriJ961IHWmnWa9CjZnBndniPt4a3CK0PVB9bIg=
golang.org/x/tools v0.33.0 h1:4qz2S3zmRxbGIhDIAgjxvFutSvH5EfnsYrRBj0UI0bc=
golang.org/x/tools v0.33.0/go.mod h1:CIJMaWEY88juyUfo7UbgPqbC8rU2OqfAV1h2Qp0oMYI=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

19
mise.toml Normal file
View File

@@ -0,0 +1,19 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
[tools]
# Runtimes
go = '1.21'
node = '20'
python = '3.11.8'
dotnet = '8.0'
# Corretto version used as Java SE/OpenJDK version no longer offered
java = 'corretto-11'
# Executable tools
pulumi = 'latest'
"go:github.com/pulumi/pulumictl/cmd/pulumictl" = 'latest'
gradle = '7.6'
[settings]
experimental = true # Required for Go binaries (e.g. pulumictl).

44
provider/cmd/pulumi-resource-docker-build/schema.json
View File

@@ -155,12 +155,32 @@
]
},
"docker-build:index:CacheFromGitHubActions": {
"description": "Recommended for use with GitHub Actions workflows.\n\nAn action like `crazy-max/ghaction-github-runtime` is recommended to expose\nappropriate credentials to your GitHub workflow.",
"properties": {
"scope": {
"type": "string",
"description": "The scope to use for cache keys. Defaults to `buildkit`.\n\nThis should be set if building and caching multiple images in one\nworkflow, otherwise caches will overwrite each other.",
"default": "buildkit"
},
"token": {
"type": "string",
"description": "The GitHub Actions token to use. This is not a personal access tokens\nand is typically generated automatically as part of each job.\n\nDefaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like\n`crazy-max/ghaction-github-runtime` is recommended to expose this\nenvironment variable to your jobs.",
"default": "",
"defaultInfo": {
"environment": [
"ACTIONS_RUNTIME_TOKEN"
]
},
"secret": true
},
"url": {
"type": "string",
"description": "The cache server URL to use for artifacts.\n\nDefaults to `$ACTIONS_CACHE_URL`, although a separate action like\n`crazy-max/ghaction-github-runtime` is recommended to expose this\nenvironment variable to your jobs.",
"default": "",
"defaultInfo": {
"environment": [
"ACTIONS_CACHE_URL"
]
}
}
},
"type": "object"
@@ -350,7 +370,6 @@
]
},
"docker-build:index:CacheToGitHubActions": {
"description": "Recommended for use with GitHub Actions workflows.\n\nAn action like `crazy-max/ghaction-github-runtime` is recommended to expose\nappropriate credentials to your GitHub workflow.",
"properties": {
"ignoreError": {
"type": "boolean",
@@ -366,6 +385,27 @@
"type": "string",
"description": "The scope to use for cache keys. Defaults to `buildkit`.\n\nThis should be set if building and caching multiple images in one\nworkflow, otherwise caches will overwrite each other.",
"default": "buildkit"
},
"token": {
"type": "string",
"description": "The GitHub Actions token to use. This is not a personal access tokens\nand is typically generated automatically as part of each job.\n\nDefaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like\n`crazy-max/ghaction-github-runtime` is recommended to expose this\nenvironment variable to your jobs.",
"default": "",
"defaultInfo": {
"environment": [
"ACTIONS_RUNTIME_TOKEN"
]
},
"secret": true
},
"url": {
"type": "string",
"description": "The cache server URL to use for artifacts.\n\nDefaults to `$ACTIONS_CACHE_URL`, although a separate action like\n`crazy-max/ghaction-github-runtime` is recommended to expose this\nenvironment variable to your jobs.",
"default": "",
"defaultInfo": {
"environment": [
"ACTIONS_CACHE_URL"
]
}
}
},
"type": "object"

37
provider/internal/cache.go
View File

@@ -17,7 +17,6 @@ package internal
import (
"errors"
"fmt"
"os"
"strings"
controllerapi "github.com/docker/buildx/controller/pb"
@@ -149,20 +148,33 @@ func (c CacheWithOCI) String() string {
// CacheFromGitHubActions pulls cache manifests from the GitHub actions cache.
type CacheFromGitHubActions struct {
URL string `pulumi:"url,optional"`
Token string `pulumi:"token,optional" provider:"secret"`
Scope string `pulumi:"scope,optional"`
}
// Annotate sets docstrings on CacheFromGitHubActions.
func (c *CacheFromGitHubActions) Annotate(a infer.Annotator) {
a.Describe(&c, dedent(`
Recommended for use with GitHub Actions workflows.
An action like "crazy-max/ghaction-github-runtime" is recommended to expose
appropriate credentials to your GitHub workflow.
`))
a.SetDefault(&c.URL, "", "ACTIONS_CACHE_URL")
a.SetDefault(&c.Token, "", "ACTIONS_RUNTIME_TOKEN")
a.SetDefault(&c.Scope, "buildkit")
a.Describe(&c.URL, dedent(`
The cache server URL to use for artifacts.
Defaults to "$ACTIONS_CACHE_URL", although a separate action like
"crazy-max/ghaction-github-runtime" is recommended to expose this
environment variable to your jobs.
`))
a.Describe(&c.Token, dedent(`
The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to "$ACTIONS_RUNTIME_TOKEN", although a separate action like
"crazy-max/ghaction-github-runtime" is recommended to expose this
environment variable to your jobs.
`))
a.Describe(&c.Scope, dedent(`
The scope to use for cache keys. Defaults to "buildkit".
@@ -179,12 +191,11 @@ func (c *CacheFromGitHubActions) String() string {
if c.Scope != "" {
parts = append(parts, "scope="+c.Scope)
}
// Preserving backwards compatibility with the old behaviour.
if token := os.Getenv("ACTIONS_RUNTIME_TOKEN"); token != "" {
parts = append(parts, "token="+token)
if c.Token != "" {
parts = append(parts, "token="+c.Token)
}
if url := os.Getenv("ACTIONS_CACHE_URL"); url != "" {
parts = append(parts, "url="+url)
if c.URL != "" {
parts = append(parts, "url="+c.URL)
}
return strings.Join(parts, ",")
}

46
provider/internal/cache_test.go
View File

@@ -24,15 +24,14 @@ import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
//nolint:paralleltest // We don't call t.Parallel here to prevent environment corruption.
func TestCacheString(t *testing.T) {
t.Parallel()
gzip := Gzip
tests := []struct {
name string
arrange func(t *testing.T)
given fmt.Stringer
want string
name string
given fmt.Stringer
want string
}{
{
name: "s3",
@@ -56,37 +55,7 @@ func TestCacheString(t *testing.T) {
{
name: "gha",
given: CacheTo{GHA: &CacheToGitHubActions{}},
arrange: func(t *testing.T) {
t.Setenv("ACTIONS_CACHE_URL", "")
t.Setenv("ACTIONS_RUNTIME_TOKEN", "")
},
want: "type=gha",
},
{
name: "gha-default-envs",
arrange: func(t *testing.T) {
t.Setenv("ACTIONS_CACHE_URL", "https://example.com")
t.Setenv("ACTIONS_RUNTIME_TOKEN", "token")
},
given: CacheTo{GHA: &CacheToGitHubActions{
CacheFromGitHubActions: CacheFromGitHubActions{
Scope: "scope",
},
}},
want: "type=gha,scope=scope,token=token,url=https://example.com",
},
{
name: "gha-with-scope",
arrange: func(t *testing.T) {
t.Setenv("ACTIONS_CACHE_URL", "")
t.Setenv("ACTIONS_RUNTIME_TOKEN", "")
},
given: CacheTo{GHA: &CacheToGitHubActions{
CacheFromGitHubActions: CacheFromGitHubActions{
Scope: "scope",
},
}},
want: "type=gha,scope=scope",
want: "type=gha",
},
{
name: "from-local",
@@ -152,12 +121,9 @@ func TestCacheString(t *testing.T) {
},
}
//nolint:paralleltest // We don't call t.Parallel here to prevent environment corruption.
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if tt.arrange != nil {
tt.arrange(t)
}
t.Parallel()
actual := tt.given.String()
assert.Equal(t, tt.want, actual)

16
provider/internal/image_test.go
View File

@@ -917,10 +917,8 @@ func TestValidateImageArgs(t *testing.T) {
{
name: "gha environment",
envs: map[string]string{
"ACTIONS_CACHE_URL": "test-cache-url",
"ACTIONS_RUNTIME_TOKEN": "test-runtime-token",
"ACTIONS_RESULTS_URL": "test-results-url",
"ACTIONS_CACHE_SERVICE_V2": "true",
"ACTIONS_CACHE_URL": "test-cache-url",
"ACTIONS_RUNTIME_TOKEN": "test-runtime-token",
},
args: ImageArgs{
Context: &BuildContext{Context: Context{Location: "testdata/noop"}},
@@ -932,17 +930,15 @@ func TestValidateImageArgs(t *testing.T) {
wantCacheFrom: &pb.CacheOptionsEntry{
Type: "gha",
Attrs: map[string]string{
"token": "test-runtime-token",
"url": "test-cache-url",
"url_v2": "test-results-url",
"token": "test-runtime-token",
"url": "test-cache-url",
},
},
wantCacheTo: &pb.CacheOptionsEntry{
Type: "gha",
Attrs: map[string]string{
"token": "test-runtime-token",
"url": "test-cache-url",
"url_v2": "test-results-url",
"token": "test-runtime-token",
"url": "test-cache-url",
},
},
},

55
scripts/get-versions.sh
View File

@@ -1,55 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
# This script can be simplified to use go when https://github.com/jdx/mise/discussions/6374 is fixed
# e.g. go list -m -f '{{.GoVersion}}'
module_path="github.com/pulumi/pulumi/pkg/v3"
go_mod_path="."
gomod="go.mod"
if [[ "$go_mod_path" != "" && "$go_mod_path" != "." ]]; then
gomod="$go_mod_path/$gomod"
fi
if [[ ! -f "$gomod" ]]; then
echo "missing $gomod" >&2
exit 1
fi
raw_version=$(awk -v module="$module_path" '
$1 == module || $2 == module {
for (i = 1; i <= NF; i++) {
if ($i ~ /^v[0-9]/) {
sub(/^v/, "", $i)
print $i
exit
}
}
}
' "$gomod")
if [[ -z "${raw_version:-}" ]]; then
echo "failed to determine Pulumi version from $gomod" >&2
exit 1
fi
echo "PULUMI_VERSION_MISE=$raw_version"
export PULUMI_VERSION_MISE=$raw_version
# Prefer the toolchain directive if present, otherwise fall back to the `go` version line
go_toolchain=$(awk '/^toolchain[[:space:]]+go[0-9]/{ print $2; exit }' "$gomod")
if [[ -n "${go_toolchain:-}" ]]; then
go_version=${go_toolchain#go}
else
go_version=$(awk '/^go[[:space:]]+[0-9]/{ print $2; exit }' "$gomod")
fi
if [[ -z "${go_version:-}" ]]; then
echo "failed to determine Go version from $gomod" >&2
exit 1
fi
echo "GO_VERSION_MISE=$go_version"
export GO_VERSION_MISE=$go_version

39
sdk/dotnet/Inputs/CacheFromGitHubActionsArgs.cs generated
View File

@@ -10,12 +10,6 @@ using Pulumi.Serialization;
namespace Pulumi.DockerBuild.Inputs
{
/// <summary>
/// Recommended for use with GitHub Actions workflows.
///
/// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
/// appropriate credentials to your GitHub workflow.
/// </summary>
public sealed class CacheFromGitHubActionsArgs : global::Pulumi.ResourceArgs
{
/// <summary>
@@ -27,9 +21,42 @@ namespace Pulumi.DockerBuild.Inputs
[Input("scope")]
public Input<string>? Scope { get; set; }
[Input("token")]
private Input<string>? _token;
/// <summary>
/// The GitHub Actions token to use. This is not a personal access tokens
/// and is typically generated automatically as part of each job.
///
/// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public Input<string>? Token
{
get => _token;
set
{
var emptySecret = Output.CreateSecret(0);
_token = Output.Tuple<Input<string>?, int>(value, emptySecret).Apply(t => t.Item1);
}
}
/// <summary>
/// The cache server URL to use for artifacts.
///
/// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
[Input("url")]
public Input<string>? Url { get; set; }
public CacheFromGitHubActionsArgs()
{
Scope = "buildkit";
Token = Utilities.GetEnv("ACTIONS_RUNTIME_TOKEN") ?? "";
Url = Utilities.GetEnv("ACTIONS_CACHE_URL") ?? "";
}
public static new CacheFromGitHubActionsArgs Empty => new CacheFromGitHubActionsArgs();
}

39
sdk/dotnet/Inputs/CacheToGitHubActionsArgs.cs generated
View File

@@ -10,12 +10,6 @@ using Pulumi.Serialization;
namespace Pulumi.DockerBuild.Inputs
{
/// <summary>
/// Recommended for use with GitHub Actions workflows.
///
/// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
/// appropriate credentials to your GitHub workflow.
/// </summary>
public sealed class CacheToGitHubActionsArgs : global::Pulumi.ResourceArgs
{
/// <summary>
@@ -39,11 +33,44 @@ namespace Pulumi.DockerBuild.Inputs
[Input("scope")]
public Input<string>? Scope { get; set; }
[Input("token")]
private Input<string>? _token;
/// <summary>
/// The GitHub Actions token to use. This is not a personal access tokens
/// and is typically generated automatically as part of each job.
///
/// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public Input<string>? Token
{
get => _token;
set
{
var emptySecret = Output.CreateSecret(0);
_token = Output.Tuple<Input<string>?, int>(value, emptySecret).Apply(t => t.Item1);
}
}
/// <summary>
/// The cache server URL to use for artifacts.
///
/// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
[Input("url")]
public Input<string>? Url { get; set; }
public CacheToGitHubActionsArgs()
{
IgnoreError = false;
Mode = Pulumi.DockerBuild.CacheMode.Min;
Scope = "buildkit";
Token = Utilities.GetEnv("ACTIONS_RUNTIME_TOKEN") ?? "";
Url = Utilities.GetEnv("ACTIONS_CACHE_URL") ?? "";
}
public static new CacheToGitHubActionsArgs Empty => new CacheToGitHubActionsArgs();
}

32
sdk/dotnet/Outputs/CacheFromGitHubActions.cs generated
View File

@@ -10,12 +10,6 @@ using Pulumi.Serialization;
namespace Pulumi.DockerBuild.Outputs
{
/// <summary>
/// Recommended for use with GitHub Actions workflows.
///
/// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
/// appropriate credentials to your GitHub workflow.
/// </summary>
[OutputType]
public sealed class CacheFromGitHubActions
{
@@ -26,11 +20,35 @@ namespace Pulumi.DockerBuild.Outputs
/// workflow, otherwise caches will overwrite each other.
/// </summary>
public readonly string? Scope;
/// <summary>
/// The GitHub Actions token to use. This is not a personal access tokens
/// and is typically generated automatically as part of each job.
///
/// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public readonly string? Token;
/// <summary>
/// The cache server URL to use for artifacts.
///
/// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public readonly string? Url;
[OutputConstructor]
private CacheFromGitHubActions(string? scope)
private CacheFromGitHubActions(
string? scope,
string? token,
string? url)
{
Scope = scope;
Token = token;
Url = url;
}
}
}

31
sdk/dotnet/Outputs/CacheToGitHubActions.cs generated
View File

@@ -10,12 +10,6 @@ using Pulumi.Serialization;
namespace Pulumi.DockerBuild.Outputs
{
/// <summary>
/// Recommended for use with GitHub Actions workflows.
///
/// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
/// appropriate credentials to your GitHub workflow.
/// </summary>
[OutputType]
public sealed class CacheToGitHubActions
{
@@ -34,6 +28,23 @@ namespace Pulumi.DockerBuild.Outputs
/// workflow, otherwise caches will overwrite each other.
/// </summary>
public readonly string? Scope;
/// <summary>
/// The GitHub Actions token to use. This is not a personal access tokens
/// and is typically generated automatically as part of each job.
///
/// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public readonly string? Token;
/// <summary>
/// The cache server URL to use for artifacts.
///
/// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public readonly string? Url;
[OutputConstructor]
private CacheToGitHubActions(
@@ -41,11 +52,17 @@ namespace Pulumi.DockerBuild.Outputs
Pulumi.DockerBuild.CacheMode? mode,
string? scope)
string? scope,
string? token,
string? url)
{
IgnoreError = ignoreError;
Mode = mode;
Scope = scope;
Token = token;
Url = url;
}
}
}

24
sdk/go/dockerbuild/go.mod generated
View File

@@ -4,7 +4,7 @@ go 1.24.1
require (
github.com/blang/semver v3.5.1+incompatible
github.com/pulumi/pulumi/sdk/v3 v3.192.0
github.com/pulumi/pulumi/sdk/v3 v3.187.0
)
require (
@@ -58,13 +58,12 @@ require (
github.com/opentracing/basictracer-go v1.1.0 // indirect
github.com/opentracing/opentracing-go v1.2.0 // indirect
github.com/pgavlin/fx v0.1.6 // indirect
github.com/pgavlin/fx/v2 v2.0.3 // indirect
github.com/pjbgf/sha1cd v0.3.2 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pkg/term v1.1.0 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect
github.com/pulumi/esc v0.20.0 // indirect
github.com/pulumi/esc v0.17.0 // indirect
github.com/rivo/uniseg v0.4.7 // indirect
github.com/rogpeppe/go-internal v1.14.1 // indirect
github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect
@@ -81,17 +80,18 @@ require (
github.com/xanzy/ssh-agent v0.3.3 // indirect
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
github.com/zclconf/go-cty v1.16.3 // indirect
go.opentelemetry.io/otel v1.36.0 // indirect
go.opentelemetry.io/otel/sdk v1.36.0 // indirect
go.uber.org/atomic v1.11.0 // indirect
golang.org/x/crypto v0.45.0 // indirect
golang.org/x/exp v0.0.0-20250718183923-645b1fa84792 // indirect
golang.org/x/mod v0.29.0 // indirect
golang.org/x/net v0.47.0 // indirect
golang.org/x/sync v0.18.0 // indirect
golang.org/x/sys v0.38.0 // indirect
golang.org/x/term v0.37.0 // indirect
golang.org/x/text v0.31.0 // indirect
golang.org/x/tools v0.38.0 // indirect
golang.org/x/crypto v0.39.0 // indirect
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 // indirect
golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.40.0 // indirect
golang.org/x/sync v0.15.0 // indirect
golang.org/x/sys v0.33.0 // indirect
golang.org/x/term v0.32.0 // indirect
golang.org/x/text v0.26.0 // indirect
golang.org/x/tools v0.33.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250519155744-55703ea1f237 // indirect
google.golang.org/grpc v1.72.1 // indirect
google.golang.org/protobuf v1.36.6 // indirect

44
sdk/go/dockerbuild/go.sum generated
View File

@@ -162,10 +162,10 @@ github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRI
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435cARxCW6q9gc0S/Yxz7Mkd38pOb0=
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE=
github.com/pulumi/esc v0.20.0 h1:LZn4sjAsI76x10ZuZXXyh2ExGcP7AHmjOzCi/p3/fpQ=
github.com/pulumi/esc v0.20.0/go.mod h1:h1VjdedI0K84MhMzaR9ZKbEpU6SfZMOZF4ZrVgQyNLY=
github.com/pulumi/pulumi/sdk/v3 v3.192.0 h1:sfHuR3P02wSbV3xdSMEQ0+uC/HzlMz0YfKrVAXy1hSQ=
github.com/pulumi/pulumi/sdk/v3 v3.192.0/go.mod h1:aV0+c5xpSYccWKmOjTZS9liYCqh7+peu3cQgSXu7CJw=
github.com/pulumi/esc v0.17.0 h1:oaVOIyFTENlYDuqc3pW75lQT9jb2cd6ie/4/Twxn66w=
github.com/pulumi/esc v0.17.0/go.mod h1:XnSxlt5NkmuAj304l/gK4pRErFbtqq6XpfX1tYT9Jbc=
github.com/pulumi/pulumi/sdk/v3 v3.187.0 h1:BflBBeD/qaoKN4Tov11g4aHzJ7pTXBSb8otgmteRer0=
github.com/pulumi/pulumi/sdk/v3 v3.187.0/go.mod h1:BnpKxUc6QlxqoCqobHNZsUuIuY27H6ZFUk0Cp+0JN5U=
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
@@ -230,29 +230,29 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
golang.org/x/exp v0.0.0-20250718183923-645b1fa84792 h1:R9PFI6EUdfVKgwKjZef7QIwGcBKu86OEFpJ9nUEP2l4=
golang.org/x/exp v0.0.0-20250718183923-645b1fa84792/go.mod h1:A+z0yzpGtvnG90cToK5n2tu8UJVP2XUATh+r+sfOOOc=
golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 h1:R84qjqJb5nVJMxqWYb3np9L5ZsaDtB+a39EqjV0JSUM=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0/go.mod h1:S9Xr4PYopiDyqSyp5NjCrhFrqg6A5zA2E/iPHPhqnS8=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -268,24 +268,24 @@ golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
golang.org/x/tools v0.33.0 h1:4qz2S3zmRxbGIhDIAgjxvFutSvH5EfnsYrRBj0UI0bc=
golang.org/x/tools v0.33.0/go.mod h1:CIJMaWEY88juyUfo7UbgPqbC8rU2OqfAV1h2Qp0oMYI=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

216
sdk/go/dockerbuild/pulumiTypes.go generated
View File

@@ -834,16 +834,25 @@ func (o CacheFromAzureBlobPtrOutput) SecretAccessKey() pulumi.StringPtrOutput {
}).(pulumi.StringPtrOutput)
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheFromGitHubActions struct {
// The scope to use for cache keys. Defaults to `buildkit`.
//
// This should be set if building and caching multiple images in one
// workflow, otherwise caches will overwrite each other.
Scope *string `pulumi:"scope"`
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Token *string `pulumi:"token"`
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Url *string `pulumi:"url"`
}
// Defaults sets the appropriate defaults for CacheFromGitHubActions
@@ -856,6 +865,18 @@ func (val *CacheFromGitHubActions) Defaults() *CacheFromGitHubActions {
scope_ := "buildkit"
tmp.Scope = &scope_
}
if tmp.Token == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_RUNTIME_TOKEN"); d != nil {
token_ := d.(string)
tmp.Token = &token_
}
}
if tmp.Url == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_CACHE_URL"); d != nil {
url_ := d.(string)
tmp.Url = &url_
}
}
return &tmp
}
@@ -870,16 +891,25 @@ type CacheFromGitHubActionsInput interface {
ToCacheFromGitHubActionsOutputWithContext(context.Context) CacheFromGitHubActionsOutput
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheFromGitHubActionsArgs struct {
// The scope to use for cache keys. Defaults to `buildkit`.
//
// This should be set if building and caching multiple images in one
// workflow, otherwise caches will overwrite each other.
Scope pulumi.StringPtrInput `pulumi:"scope"`
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Token pulumi.StringPtrInput `pulumi:"token"`
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Url pulumi.StringPtrInput `pulumi:"url"`
}
// Defaults sets the appropriate defaults for CacheFromGitHubActionsArgs
@@ -891,6 +921,16 @@ func (val *CacheFromGitHubActionsArgs) Defaults() *CacheFromGitHubActionsArgs {
if tmp.Scope == nil {
tmp.Scope = pulumi.StringPtr("buildkit")
}
if tmp.Token == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_RUNTIME_TOKEN"); d != nil {
tmp.Token = pulumi.StringPtr(d.(string))
}
}
if tmp.Url == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_CACHE_URL"); d != nil {
tmp.Url = pulumi.StringPtr(d.(string))
}
}
return &tmp
}
func (CacheFromGitHubActionsArgs) ElementType() reflect.Type {
@@ -958,10 +998,6 @@ func (i *cacheFromGitHubActionsPtrType) ToOutput(ctx context.Context) pulumix.Ou
}
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheFromGitHubActionsOutput struct{ *pulumi.OutputState }
func (CacheFromGitHubActionsOutput) ElementType() reflect.Type {
@@ -1000,6 +1036,25 @@ func (o CacheFromGitHubActionsOutput) Scope() pulumi.StringPtrOutput {
return o.ApplyT(func(v CacheFromGitHubActions) *string { return v.Scope }).(pulumi.StringPtrOutput)
}
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheFromGitHubActionsOutput) Token() pulumi.StringPtrOutput {
return o.ApplyT(func(v CacheFromGitHubActions) *string { return v.Token }).(pulumi.StringPtrOutput)
}
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheFromGitHubActionsOutput) Url() pulumi.StringPtrOutput {
return o.ApplyT(func(v CacheFromGitHubActions) *string { return v.Url }).(pulumi.StringPtrOutput)
}
type CacheFromGitHubActionsPtrOutput struct{ *pulumi.OutputState }
func (CacheFromGitHubActionsPtrOutput) ElementType() reflect.Type {
@@ -1043,6 +1098,35 @@ func (o CacheFromGitHubActionsPtrOutput) Scope() pulumi.StringPtrOutput {
}).(pulumi.StringPtrOutput)
}
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheFromGitHubActionsPtrOutput) Token() pulumi.StringPtrOutput {
return o.ApplyT(func(v *CacheFromGitHubActions) *string {
if v == nil {
return nil
}
return v.Token
}).(pulumi.StringPtrOutput)
}
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheFromGitHubActionsPtrOutput) Url() pulumi.StringPtrOutput {
return o.ApplyT(func(v *CacheFromGitHubActions) *string {
if v == nil {
return nil
}
return v.Url
}).(pulumi.StringPtrOutput)
}
type CacheFromLocal struct {
// Digest of manifest to import.
Digest *string `pulumi:"digest"`
@@ -2277,10 +2361,6 @@ func (o CacheToAzureBlobPtrOutput) SecretAccessKey() pulumi.StringPtrOutput {
}).(pulumi.StringPtrOutput)
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheToGitHubActions struct {
// Ignore errors caused by failed cache exports.
IgnoreError *bool `pulumi:"ignoreError"`
@@ -2291,6 +2371,19 @@ type CacheToGitHubActions struct {
// This should be set if building and caching multiple images in one
// workflow, otherwise caches will overwrite each other.
Scope *string `pulumi:"scope"`
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Token *string `pulumi:"token"`
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Url *string `pulumi:"url"`
}
// Defaults sets the appropriate defaults for CacheToGitHubActions
@@ -2311,6 +2404,18 @@ func (val *CacheToGitHubActions) Defaults() *CacheToGitHubActions {
scope_ := "buildkit"
tmp.Scope = &scope_
}
if tmp.Token == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_RUNTIME_TOKEN"); d != nil {
token_ := d.(string)
tmp.Token = &token_
}
}
if tmp.Url == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_CACHE_URL"); d != nil {
url_ := d.(string)
tmp.Url = &url_
}
}
return &tmp
}
@@ -2325,10 +2430,6 @@ type CacheToGitHubActionsInput interface {
ToCacheToGitHubActionsOutputWithContext(context.Context) CacheToGitHubActionsOutput
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheToGitHubActionsArgs struct {
// Ignore errors caused by failed cache exports.
IgnoreError pulumi.BoolPtrInput `pulumi:"ignoreError"`
@@ -2339,6 +2440,19 @@ type CacheToGitHubActionsArgs struct {
// This should be set if building and caching multiple images in one
// workflow, otherwise caches will overwrite each other.
Scope pulumi.StringPtrInput `pulumi:"scope"`
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Token pulumi.StringPtrInput `pulumi:"token"`
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Url pulumi.StringPtrInput `pulumi:"url"`
}
// Defaults sets the appropriate defaults for CacheToGitHubActionsArgs
@@ -2356,6 +2470,16 @@ func (val *CacheToGitHubActionsArgs) Defaults() *CacheToGitHubActionsArgs {
if tmp.Scope == nil {
tmp.Scope = pulumi.StringPtr("buildkit")
}
if tmp.Token == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_RUNTIME_TOKEN"); d != nil {
tmp.Token = pulumi.StringPtr(d.(string))
}
}
if tmp.Url == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_CACHE_URL"); d != nil {
tmp.Url = pulumi.StringPtr(d.(string))
}
}
return &tmp
}
func (CacheToGitHubActionsArgs) ElementType() reflect.Type {
@@ -2423,10 +2547,6 @@ func (i *cacheToGitHubActionsPtrType) ToOutput(ctx context.Context) pulumix.Outp
}
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheToGitHubActionsOutput struct{ *pulumi.OutputState }
func (CacheToGitHubActionsOutput) ElementType() reflect.Type {
@@ -2475,6 +2595,25 @@ func (o CacheToGitHubActionsOutput) Scope() pulumi.StringPtrOutput {
return o.ApplyT(func(v CacheToGitHubActions) *string { return v.Scope }).(pulumi.StringPtrOutput)
}
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheToGitHubActionsOutput) Token() pulumi.StringPtrOutput {
return o.ApplyT(func(v CacheToGitHubActions) *string { return v.Token }).(pulumi.StringPtrOutput)
}
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheToGitHubActionsOutput) Url() pulumi.StringPtrOutput {
return o.ApplyT(func(v CacheToGitHubActions) *string { return v.Url }).(pulumi.StringPtrOutput)
}
type CacheToGitHubActionsPtrOutput struct{ *pulumi.OutputState }
func (CacheToGitHubActionsPtrOutput) ElementType() reflect.Type {
@@ -2538,6 +2677,35 @@ func (o CacheToGitHubActionsPtrOutput) Scope() pulumi.StringPtrOutput {
}).(pulumi.StringPtrOutput)
}
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheToGitHubActionsPtrOutput) Token() pulumi.StringPtrOutput {
return o.ApplyT(func(v *CacheToGitHubActions) *string {
if v == nil {
return nil
}
return v.Token
}).(pulumi.StringPtrOutput)
}
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheToGitHubActionsPtrOutput) Url() pulumi.StringPtrOutput {
return o.ApplyT(func(v *CacheToGitHubActions) *string {
if v == nil {
return nil
}
return v.Url
}).(pulumi.StringPtrOutput)
}
// Include an inline cache with the exported image.
type CacheToInline struct {
}

158
sdk/go/dockerbuild/x/pulumiTypes.go generated
View File

@@ -393,16 +393,25 @@ func (o CacheFromAzureBlobOutput) SecretAccessKey() pulumix.Output[*string] {
return pulumix.Apply[CacheFromAzureBlob](o, func(v CacheFromAzureBlob) *string { return v.SecretAccessKey })
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheFromGitHubActions struct {
// The scope to use for cache keys. Defaults to `buildkit`.
//
// This should be set if building and caching multiple images in one
// workflow, otherwise caches will overwrite each other.
Scope *string `pulumi:"scope"`
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Token *string `pulumi:"token"`
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Url *string `pulumi:"url"`
}
// Defaults sets the appropriate defaults for CacheFromGitHubActions
@@ -415,19 +424,40 @@ func (val *CacheFromGitHubActions) Defaults() *CacheFromGitHubActions {
scope_ := "buildkit"
tmp.Scope = &scope_
}
if tmp.Token == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_RUNTIME_TOKEN"); d != nil {
token_ := d.(string)
tmp.Token = &token_
}
}
if tmp.Url == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_CACHE_URL"); d != nil {
url_ := d.(string)
tmp.Url = &url_
}
}
return &tmp
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheFromGitHubActionsArgs struct {
// The scope to use for cache keys. Defaults to `buildkit`.
//
// This should be set if building and caching multiple images in one
// workflow, otherwise caches will overwrite each other.
Scope pulumix.Input[*string] `pulumi:"scope"`
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Token pulumix.Input[*string] `pulumi:"token"`
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Url pulumix.Input[*string] `pulumi:"url"`
}
// Defaults sets the appropriate defaults for CacheFromGitHubActionsArgs
@@ -439,6 +469,16 @@ func (val *CacheFromGitHubActionsArgs) Defaults() *CacheFromGitHubActionsArgs {
if tmp.Scope == nil {
tmp.Scope = pulumix.Ptr("buildkit")
}
if tmp.Token == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_RUNTIME_TOKEN"); d != nil {
tmp.Token = pulumix.Ptr(d.(string))
}
}
if tmp.Url == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_CACHE_URL"); d != nil {
tmp.Url = pulumix.Ptr(d.(string))
}
}
return &tmp
}
func (CacheFromGitHubActionsArgs) ElementType() reflect.Type {
@@ -457,10 +497,6 @@ func (i *CacheFromGitHubActionsArgs) ToOutput(ctx context.Context) pulumix.Outpu
return pulumix.Val(i)
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheFromGitHubActionsOutput struct{ *pulumi.OutputState }
func (CacheFromGitHubActionsOutput) ElementType() reflect.Type {
@@ -489,6 +525,25 @@ func (o CacheFromGitHubActionsOutput) Scope() pulumix.Output[*string] {
return pulumix.Apply[CacheFromGitHubActions](o, func(v CacheFromGitHubActions) *string { return v.Scope })
}
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheFromGitHubActionsOutput) Token() pulumix.Output[*string] {
return pulumix.Apply[CacheFromGitHubActions](o, func(v CacheFromGitHubActions) *string { return v.Token })
}
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheFromGitHubActionsOutput) Url() pulumix.Output[*string] {
return pulumix.Apply[CacheFromGitHubActions](o, func(v CacheFromGitHubActions) *string { return v.Url })
}
type CacheFromLocal struct {
// Digest of manifest to import.
Digest *string `pulumi:"digest"`
@@ -1079,10 +1134,6 @@ func (o CacheToAzureBlobOutput) SecretAccessKey() pulumix.Output[*string] {
return pulumix.Apply[CacheToAzureBlob](o, func(v CacheToAzureBlob) *string { return v.SecretAccessKey })
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheToGitHubActions struct {
// Ignore errors caused by failed cache exports.
IgnoreError *bool `pulumi:"ignoreError"`
@@ -1093,6 +1144,19 @@ type CacheToGitHubActions struct {
// This should be set if building and caching multiple images in one
// workflow, otherwise caches will overwrite each other.
Scope *string `pulumi:"scope"`
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Token *string `pulumi:"token"`
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Url *string `pulumi:"url"`
}
// Defaults sets the appropriate defaults for CacheToGitHubActions
@@ -1113,13 +1177,21 @@ func (val *CacheToGitHubActions) Defaults() *CacheToGitHubActions {
scope_ := "buildkit"
tmp.Scope = &scope_
}
if tmp.Token == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_RUNTIME_TOKEN"); d != nil {
token_ := d.(string)
tmp.Token = &token_
}
}
if tmp.Url == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_CACHE_URL"); d != nil {
url_ := d.(string)
tmp.Url = &url_
}
}
return &tmp
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheToGitHubActionsArgs struct {
// Ignore errors caused by failed cache exports.
IgnoreError pulumix.Input[*bool] `pulumi:"ignoreError"`
@@ -1130,6 +1202,19 @@ type CacheToGitHubActionsArgs struct {
// This should be set if building and caching multiple images in one
// workflow, otherwise caches will overwrite each other.
Scope pulumix.Input[*string] `pulumi:"scope"`
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Token pulumix.Input[*string] `pulumi:"token"`
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
Url pulumix.Input[*string] `pulumi:"url"`
}
// Defaults sets the appropriate defaults for CacheToGitHubActionsArgs
@@ -1147,6 +1232,16 @@ func (val *CacheToGitHubActionsArgs) Defaults() *CacheToGitHubActionsArgs {
if tmp.Scope == nil {
tmp.Scope = pulumix.Ptr("buildkit")
}
if tmp.Token == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_RUNTIME_TOKEN"); d != nil {
tmp.Token = pulumix.Ptr(d.(string))
}
}
if tmp.Url == nil {
if d := internal.GetEnvOrDefault("", nil, "ACTIONS_CACHE_URL"); d != nil {
tmp.Url = pulumix.Ptr(d.(string))
}
}
return &tmp
}
func (CacheToGitHubActionsArgs) ElementType() reflect.Type {
@@ -1165,10 +1260,6 @@ func (i *CacheToGitHubActionsArgs) ToOutput(ctx context.Context) pulumix.Output[
return pulumix.Val(i)
}
// Recommended for use with GitHub Actions workflows.
//
// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
// appropriate credentials to your GitHub workflow.
type CacheToGitHubActionsOutput struct{ *pulumi.OutputState }
func (CacheToGitHubActionsOutput) ElementType() reflect.Type {
@@ -1207,6 +1298,25 @@ func (o CacheToGitHubActionsOutput) Scope() pulumix.Output[*string] {
return pulumix.Apply[CacheToGitHubActions](o, func(v CacheToGitHubActions) *string { return v.Scope })
}
// The GitHub Actions token to use. This is not a personal access tokens
// and is typically generated automatically as part of each job.
//
// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheToGitHubActionsOutput) Token() pulumix.Output[*string] {
return pulumix.Apply[CacheToGitHubActions](o, func(v CacheToGitHubActions) *string { return v.Token })
}
// The cache server URL to use for artifacts.
//
// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
// `crazy-max/ghaction-github-runtime` is recommended to expose this
// environment variable to your jobs.
func (o CacheToGitHubActionsOutput) Url() pulumix.Output[*string] {
return pulumix.Apply[CacheToGitHubActions](o, func(v CacheToGitHubActions) *string { return v.Url })
}
// Include an inline cache with the exported image.
type CacheToInline struct {
}

119
sdk/java/src/main/java/com/pulumi/dockerbuild/inputs/CacheFromGitHubActionsArgs.java generated
View File

@@ -12,13 +12,6 @@ import java.util.Optional;
import javax.annotation.Nullable;
/**
* Recommended for use with GitHub Actions workflows.
*
* An action like `crazy-max/ghaction-github-runtime` is recommended to expose
* appropriate credentials to your GitHub workflow.
*
*/
public final class CacheFromGitHubActionsArgs extends com.pulumi.resources.ResourceArgs {
public static final CacheFromGitHubActionsArgs Empty = new CacheFromGitHubActionsArgs();
@@ -44,10 +37,60 @@ public final class CacheFromGitHubActionsArgs extends com.pulumi.resources.Resou
return Optional.ofNullable(this.scope);
}
/**
* The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
@Import(name="token")
private @Nullable Output<String> token;
/**
* @return The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
public Optional<Output<String>> token() {
return Optional.ofNullable(this.token);
}
/**
* The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
@Import(name="url")
private @Nullable Output<String> url;
/**
* @return The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
public Optional<Output<String>> url() {
return Optional.ofNullable(this.url);
}
private CacheFromGitHubActionsArgs() {}
private CacheFromGitHubActionsArgs(CacheFromGitHubActionsArgs $) {
this.scope = $.scope;
this.token = $.token;
this.url = $.url;
}
public static Builder builder() {
@@ -95,8 +138,70 @@ public final class CacheFromGitHubActionsArgs extends com.pulumi.resources.Resou
return scope(Output.of(scope));
}
/**
* @param token The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
* @return builder
*
*/
public Builder token(@Nullable Output<String> token) {
$.token = token;
return this;
}
/**
* @param token The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
* @return builder
*
*/
public Builder token(String token) {
return token(Output.of(token));
}
/**
* @param url The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
* @return builder
*
*/
public Builder url(@Nullable Output<String> url) {
$.url = url;
return this;
}
/**
* @param url The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
* @return builder
*
*/
public Builder url(String url) {
return url(Output.of(url));
}
public CacheFromGitHubActionsArgs build() {
$.scope = Codegen.stringProp("scope").output().arg($.scope).def("buildkit").getNullable();
$.token = Codegen.stringProp("token").secret().arg($.token).env("ACTIONS_RUNTIME_TOKEN").def("").getNullable();
$.url = Codegen.stringProp("url").output().arg($.url).env("ACTIONS_CACHE_URL").def("").getNullable();
return $;
}
}

119
sdk/java/src/main/java/com/pulumi/dockerbuild/inputs/CacheToGitHubActionsArgs.java generated
View File

@@ -14,13 +14,6 @@ import java.util.Optional;
import javax.annotation.Nullable;
/**
* Recommended for use with GitHub Actions workflows.
*
* An action like `crazy-max/ghaction-github-runtime` is recommended to expose
* appropriate credentials to your GitHub workflow.
*
*/
public final class CacheToGitHubActionsArgs extends com.pulumi.resources.ResourceArgs {
public static final CacheToGitHubActionsArgs Empty = new CacheToGitHubActionsArgs();
@@ -76,12 +69,62 @@ public final class CacheToGitHubActionsArgs extends com.pulumi.resources.Resourc
return Optional.ofNullable(this.scope);
}
/**
* The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
@Import(name="token")
private @Nullable Output<String> token;
/**
* @return The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
public Optional<Output<String>> token() {
return Optional.ofNullable(this.token);
}
/**
* The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
@Import(name="url")
private @Nullable Output<String> url;
/**
* @return The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
public Optional<Output<String>> url() {
return Optional.ofNullable(this.url);
}
private CacheToGitHubActionsArgs() {}
private CacheToGitHubActionsArgs(CacheToGitHubActionsArgs $) {
this.ignoreError = $.ignoreError;
this.mode = $.mode;
this.scope = $.scope;
this.token = $.token;
this.url = $.url;
}
public static Builder builder() {
@@ -171,10 +214,72 @@ public final class CacheToGitHubActionsArgs extends com.pulumi.resources.Resourc
return scope(Output.of(scope));
}
/**
* @param token The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
* @return builder
*
*/
public Builder token(@Nullable Output<String> token) {
$.token = token;
return this;
}
/**
* @param token The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
* @return builder
*
*/
public Builder token(String token) {
return token(Output.of(token));
}
/**
* @param url The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
* @return builder
*
*/
public Builder url(@Nullable Output<String> url) {
$.url = url;
return this;
}
/**
* @param url The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
* @return builder
*
*/
public Builder url(String url) {
return url(Output.of(url));
}
public CacheToGitHubActionsArgs build() {
$.ignoreError = Codegen.booleanProp("ignoreError").output().arg($.ignoreError).def(false).getNullable();
$.mode = Codegen.objectProp("mode", CacheMode.class).output().arg($.mode).def(CacheMode.Min).getNullable();
$.scope = Codegen.stringProp("scope").output().arg($.scope).def("buildkit").getNullable();
$.token = Codegen.stringProp("token").secret().arg($.token).env("ACTIONS_RUNTIME_TOKEN").def("").getNullable();
$.url = Codegen.stringProp("url").output().arg($.url).env("ACTIONS_CACHE_URL").def("").getNullable();
return $;
}
}

60
sdk/java/src/main/java/com/pulumi/dockerbuild/outputs/CacheFromGitHubActions.java generated
View File

@@ -19,6 +19,25 @@ public final class CacheFromGitHubActions {
*
*/
private @Nullable String scope;
/**
* @return The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
private @Nullable String token;
/**
* @return The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
private @Nullable String url;
private CacheFromGitHubActions() {}
/**
@@ -31,6 +50,29 @@ public final class CacheFromGitHubActions {
public Optional<String> scope() {
return Optional.ofNullable(this.scope);
}
/**
* @return The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
public Optional<String> token() {
return Optional.ofNullable(this.token);
}
/**
* @return The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
public Optional<String> url() {
return Optional.ofNullable(this.url);
}
public static Builder builder() {
return new Builder();
@@ -42,10 +84,14 @@ public final class CacheFromGitHubActions {
@CustomType.Builder
public static final class Builder {
private @Nullable String scope;
private @Nullable String token;
private @Nullable String url;
public Builder() {}
public Builder(CacheFromGitHubActions defaults) {
Objects.requireNonNull(defaults);
this.scope = defaults.scope;
this.token = defaults.token;
this.url = defaults.url;
}
@CustomType.Setter
@@ -54,9 +100,23 @@ public final class CacheFromGitHubActions {
this.scope = scope;
return this;
}
@CustomType.Setter
public Builder token(@Nullable String token) {
this.token = token;
return this;
}
@CustomType.Setter
public Builder url(@Nullable String url) {
this.url = url;
return this;
}
public CacheFromGitHubActions build() {
final var _resultValue = new CacheFromGitHubActions();
_resultValue.scope = scope;
_resultValue.token = token;
_resultValue.url = url;
return _resultValue;
}
}

60
sdk/java/src/main/java/com/pulumi/dockerbuild/outputs/CacheToGitHubActions.java generated
View File

@@ -31,6 +31,25 @@ public final class CacheToGitHubActions {
*
*/
private @Nullable String scope;
/**
* @return The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
private @Nullable String token;
/**
* @return The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
private @Nullable String url;
private CacheToGitHubActions() {}
/**
@@ -57,6 +76,29 @@ public final class CacheToGitHubActions {
public Optional<String> scope() {
return Optional.ofNullable(this.scope);
}
/**
* @return The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
public Optional<String> token() {
return Optional.ofNullable(this.token);
}
/**
* @return The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*
*/
public Optional<String> url() {
return Optional.ofNullable(this.url);
}
public static Builder builder() {
return new Builder();
@@ -70,12 +112,16 @@ public final class CacheToGitHubActions {
private @Nullable Boolean ignoreError;
private @Nullable CacheMode mode;
private @Nullable String scope;
private @Nullable String token;
private @Nullable String url;
public Builder() {}
public Builder(CacheToGitHubActions defaults) {
Objects.requireNonNull(defaults);
this.ignoreError = defaults.ignoreError;
this.mode = defaults.mode;
this.scope = defaults.scope;
this.token = defaults.token;
this.url = defaults.url;
}
@CustomType.Setter
@@ -96,11 +142,25 @@ public final class CacheToGitHubActions {
this.scope = scope;
return this;
}
@CustomType.Setter
public Builder token(@Nullable String token) {
this.token = token;
return this;
}
@CustomType.Setter
public Builder url(@Nullable String url) {
this.url = url;
return this;
}
public CacheToGitHubActions build() {
final var _resultValue = new CacheToGitHubActions();
_resultValue.ignoreError = ignoreError;
_resultValue.mode = mode;
_resultValue.scope = scope;
_resultValue.token = token;
_resultValue.url = url;
return _resultValue;
}
}

96
sdk/nodejs/image.ts generated
View File

@@ -501,7 +501,7 @@ export class Image extends pulumi.CustomResource {
*
* Equivalent to Docker's `--add-host` flag.
*/
declare public readonly addHosts: pulumi.Output<string[] | undefined>;
public readonly addHosts!: pulumi.Output<string[] | undefined>;
/**
* `ARG` names and values to set during the build.
*
@@ -513,7 +513,7 @@ export class Image extends pulumi.CustomResource {
*
* Equivalent to Docker's `--build-arg` flag.
*/
declare public readonly buildArgs: pulumi.Output<{[key: string]: string} | undefined>;
public readonly buildArgs!: pulumi.Output<{[key: string]: string} | undefined>;
/**
* Setting this to `false` will always skip image builds during previews,
* and setting it to `true` will always build images during previews.
@@ -527,35 +527,35 @@ export class Image extends pulumi.CustomResource {
* Defaults to `true` as a safeguard against broken images merging as part
* of CI pipelines.
*/
declare public readonly buildOnPreview: pulumi.Output<boolean | undefined>;
public readonly buildOnPreview!: pulumi.Output<boolean | undefined>;
/**
* Builder configuration.
*/
declare public readonly builder: pulumi.Output<outputs.BuilderConfig | undefined>;
public readonly builder!: pulumi.Output<outputs.BuilderConfig | undefined>;
/**
* Cache export configuration.
*
* Equivalent to Docker's `--cache-from` flag.
*/
declare public readonly cacheFrom: pulumi.Output<outputs.CacheFrom[] | undefined>;
public readonly cacheFrom!: pulumi.Output<outputs.CacheFrom[] | undefined>;
/**
* Cache import configuration.
*
* Equivalent to Docker's `--cache-to` flag.
*/
declare public readonly cacheTo: pulumi.Output<outputs.CacheTo[] | undefined>;
public readonly cacheTo!: pulumi.Output<outputs.CacheTo[] | undefined>;
/**
* Build context settings. Defaults to the current directory.
*
* Equivalent to Docker's `PATH | URL | -` positional argument.
*/
declare public readonly context: pulumi.Output<outputs.BuildContext | undefined>;
public readonly context!: pulumi.Output<outputs.BuildContext | undefined>;
/**
* A preliminary hash of the image's build context.
*
* Pulumi uses this to determine if an image _may_ need to be re-built.
*/
declare public /*out*/ readonly contextHash: pulumi.Output<string>;
public /*out*/ readonly contextHash!: pulumi.Output<string>;
/**
* A SHA256 digest of the image if it was exported to a registry or
* elsewhere.
@@ -565,13 +565,13 @@ export class Image extends pulumi.CustomResource {
* Registry images can be referenced precisely as `<tag>@<digest>`. The
* `ref` output provides one such reference as a convenience.
*/
declare public /*out*/ readonly digest: pulumi.Output<string>;
public /*out*/ readonly digest!: pulumi.Output<string>;
/**
* Dockerfile settings.
*
* Equivalent to Docker's `--file` flag.
*/
declare public readonly dockerfile: pulumi.Output<outputs.Dockerfile | undefined>;
public readonly dockerfile!: pulumi.Output<outputs.Dockerfile | undefined>;
/**
* Use `exec` mode to build this image.
*
@@ -594,7 +594,7 @@ export class Image extends pulumi.CustomResource {
* are temporarily written to disk in order to provide them to the
* `docker-buildx` binary.
*/
declare public readonly exec: pulumi.Output<boolean | undefined>;
public readonly exec!: pulumi.Output<boolean | undefined>;
/**
* Controls where images are persisted after building.
*
@@ -606,13 +606,13 @@ export class Image extends pulumi.CustomResource {
*
* Equivalent to Docker's `--output` flag.
*/
declare public readonly exports: pulumi.Output<outputs.Export[] | undefined>;
public readonly exports!: pulumi.Output<outputs.Export[] | undefined>;
/**
* Attach arbitrary key/value metadata to the image.
*
* Equivalent to Docker's `--label` flag.
*/
declare public readonly labels: pulumi.Output<{[key: string]: string} | undefined>;
public readonly labels!: pulumi.Output<{[key: string]: string} | undefined>;
/**
* When `true` the build will automatically include a `docker` export.
*
@@ -620,7 +620,7 @@ export class Image extends pulumi.CustomResource {
*
* Equivalent to Docker's `--load` flag.
*/
declare public readonly load: pulumi.Output<boolean | undefined>;
public readonly load!: pulumi.Output<boolean | undefined>;
/**
* Set the network mode for `RUN` instructions. Defaults to `default`.
*
@@ -628,25 +628,25 @@ export class Image extends pulumi.CustomResource {
*
* Equivalent to Docker's `--network` flag.
*/
declare public readonly network: pulumi.Output<enums.NetworkMode | undefined>;
public readonly network!: pulumi.Output<enums.NetworkMode | undefined>;
/**
* Do not import cache manifests when building the image.
*
* Equivalent to Docker's `--no-cache` flag.
*/
declare public readonly noCache: pulumi.Output<boolean | undefined>;
public readonly noCache!: pulumi.Output<boolean | undefined>;
/**
* Set target platform(s) for the build. Defaults to the host's platform.
*
* Equivalent to Docker's `--platform` flag.
*/
declare public readonly platforms: pulumi.Output<enums.Platform[] | undefined>;
public readonly platforms!: pulumi.Output<enums.Platform[] | undefined>;
/**
* Always pull referenced images.
*
* Equivalent to Docker's `--pull` flag.
*/
declare public readonly pull: pulumi.Output<boolean | undefined>;
public readonly pull!: pulumi.Output<boolean | undefined>;
/**
* When `true` the build will automatically include a `registry` export.
*
@@ -654,7 +654,7 @@ export class Image extends pulumi.CustomResource {
*
* Equivalent to Docker's `--push` flag.
*/
declare public readonly push: pulumi.Output<boolean>;
public readonly push!: pulumi.Output<boolean>;
/**
* If the image was pushed to any registries then this will contain a
* single fully-qualified tag including the build's digest.
@@ -671,7 +671,7 @@ export class Image extends pulumi.CustomResource {
* For more control over tags consumed by downstream resources you should
* use the `digest` output.
*/
declare public /*out*/ readonly ref: pulumi.Output<string>;
public /*out*/ readonly ref!: pulumi.Output<string>;
/**
* Registry credentials. Required if reading or exporting to private
* repositories.
@@ -681,7 +681,7 @@ export class Image extends pulumi.CustomResource {
*
* Similar to `docker login`.
*/
declare public readonly registries: pulumi.Output<outputs.Registry[] | undefined>;
public readonly registries!: pulumi.Output<outputs.Registry[] | undefined>;
/**
* A mapping of secret names to their corresponding values.
*
@@ -693,13 +693,13 @@ export class Image extends pulumi.CustomResource {
*
* Similar to Docker's `--secret` flag.
*/
declare public readonly secrets: pulumi.Output<{[key: string]: string} | undefined>;
public readonly secrets!: pulumi.Output<{[key: string]: string} | undefined>;
/**
* SSH agent socket or keys to expose to the build.
*
* Equivalent to Docker's `--ssh` flag.
*/
declare public readonly ssh: pulumi.Output<outputs.SSH[] | undefined>;
public readonly ssh!: pulumi.Output<outputs.SSH[] | undefined>;
/**
* Name and optionally a tag (format: `name:tag`).
*
@@ -708,7 +708,7 @@ export class Image extends pulumi.CustomResource {
*
* Equivalent to Docker's `--tag` flag.
*/
declare public readonly tags: pulumi.Output<string[] | undefined>;
public readonly tags!: pulumi.Output<string[] | undefined>;
/**
* Set the target build stage(s) to build.
*
@@ -716,7 +716,7 @@ export class Image extends pulumi.CustomResource {
*
* Equivalent to Docker's `--target` flag.
*/
declare public readonly target: pulumi.Output<string | undefined>;
public readonly target!: pulumi.Output<string | undefined>;
/**
* Create a Image resource with the given unique name, arguments, and options.
@@ -729,31 +729,31 @@ export class Image extends pulumi.CustomResource {
let resourceInputs: pulumi.Inputs = {};
opts = opts || {};
if (!opts.id) {
if (args?.push === undefined && !opts.urn) {
if ((!args || args.push === undefined) && !opts.urn) {
throw new Error("Missing required property 'push'");
}
resourceInputs["addHosts"] = args?.addHosts;
resourceInputs["buildArgs"] = args?.buildArgs;
resourceInputs["buildOnPreview"] = (args?.buildOnPreview) ?? true;
resourceInputs["builder"] = args?.builder;
resourceInputs["cacheFrom"] = args?.cacheFrom;
resourceInputs["cacheTo"] = args?.cacheTo;
resourceInputs["context"] = args?.context;
resourceInputs["dockerfile"] = args?.dockerfile;
resourceInputs["exec"] = args?.exec;
resourceInputs["exports"] = args?.exports;
resourceInputs["labels"] = args?.labels;
resourceInputs["load"] = args?.load;
resourceInputs["network"] = (args?.network) ?? "default";
resourceInputs["noCache"] = args?.noCache;
resourceInputs["platforms"] = args?.platforms;
resourceInputs["pull"] = args?.pull;
resourceInputs["push"] = args?.push;
resourceInputs["registries"] = args?.registries;
resourceInputs["secrets"] = args?.secrets;
resourceInputs["ssh"] = args?.ssh;
resourceInputs["tags"] = args?.tags;
resourceInputs["target"] = args?.target;
resourceInputs["addHosts"] = args ? args.addHosts : undefined;
resourceInputs["buildArgs"] = args ? args.buildArgs : undefined;
resourceInputs["buildOnPreview"] = (args ? args.buildOnPreview : undefined) ?? true;
resourceInputs["builder"] = args ? args.builder : undefined;
resourceInputs["cacheFrom"] = args ? args.cacheFrom : undefined;
resourceInputs["cacheTo"] = args ? args.cacheTo : undefined;
resourceInputs["context"] = args ? args.context : undefined;
resourceInputs["dockerfile"] = args ? args.dockerfile : undefined;
resourceInputs["exec"] = args ? args.exec : undefined;
resourceInputs["exports"] = args ? args.exports : undefined;
resourceInputs["labels"] = args ? args.labels : undefined;
resourceInputs["load"] = args ? args.load : undefined;
resourceInputs["network"] = (args ? args.network : undefined) ?? "default";
resourceInputs["noCache"] = args ? args.noCache : undefined;
resourceInputs["platforms"] = args ? args.platforms : undefined;
resourceInputs["pull"] = args ? args.pull : undefined;
resourceInputs["push"] = args ? args.push : undefined;
resourceInputs["registries"] = args ? args.registries : undefined;
resourceInputs["secrets"] = args ? args.secrets : undefined;
resourceInputs["ssh"] = args ? args.ssh : undefined;
resourceInputs["tags"] = args ? args.tags : undefined;
resourceInputs["target"] = args ? args.target : undefined;
resourceInputs["contextHash"] = undefined /*out*/;
resourceInputs["digest"] = undefined /*out*/;
resourceInputs["ref"] = undefined /*out*/;

22
sdk/nodejs/index_.ts generated
View File

@@ -113,27 +113,27 @@ export class Index extends pulumi.CustomResource {
*
* Defaults to `true`.
*/
declare public readonly push: pulumi.Output<boolean | undefined>;
public readonly push!: pulumi.Output<boolean | undefined>;
/**
* The pushed tag with digest.
*
* Identical to the tag if the index was not pushed.
*/
declare public /*out*/ readonly ref: pulumi.Output<string>;
public /*out*/ readonly ref!: pulumi.Output<string>;
/**
* Authentication for the registry where the tagged index will be pushed.
*
* Credentials can also be included with the provider's configuration.
*/
declare public readonly registry: pulumi.Output<outputs.Registry | undefined>;
public readonly registry!: pulumi.Output<outputs.Registry | undefined>;
/**
* Existing images to include in the index.
*/
declare public readonly sources: pulumi.Output<string[]>;
public readonly sources!: pulumi.Output<string[]>;
/**
* The tag to apply to the index.
*/
declare public readonly tag: pulumi.Output<string>;
public readonly tag!: pulumi.Output<string>;
/**
* Create a Index resource with the given unique name, arguments, and options.
@@ -146,16 +146,16 @@ export class Index extends pulumi.CustomResource {
let resourceInputs: pulumi.Inputs = {};
opts = opts || {};
if (!opts.id) {
if (args?.sources === undefined && !opts.urn) {
if ((!args || args.sources === undefined) && !opts.urn) {
throw new Error("Missing required property 'sources'");
}
if (args?.tag === undefined && !opts.urn) {
if ((!args || args.tag === undefined) && !opts.urn) {
throw new Error("Missing required property 'tag'");
}
resourceInputs["push"] = (args?.push) ?? true;
resourceInputs["registry"] = args?.registry;
resourceInputs["sources"] = args?.sources;
resourceInputs["tag"] = args?.tag;
resourceInputs["push"] = (args ? args.push : undefined) ?? true;
resourceInputs["registry"] = args ? args.registry : undefined;
resourceInputs["sources"] = args ? args.sources : undefined;
resourceInputs["tag"] = args ? args.tag : undefined;
resourceInputs["ref"] = undefined /*out*/;
} else {
resourceInputs["push"] = undefined /*out*/;

6
sdk/nodejs/provider.ts generated
View File

@@ -25,7 +25,7 @@ export class Provider extends pulumi.ProviderResource {
/**
* The build daemon's address.
*/
declare public readonly host: pulumi.Output<string | undefined>;
public readonly host!: pulumi.Output<string | undefined>;
/**
* Create a Provider resource with the given unique name, arguments, and options.
@@ -38,8 +38,8 @@ export class Provider extends pulumi.ProviderResource {
let resourceInputs: pulumi.Inputs = {};
opts = opts || {};
{
resourceInputs["host"] = (args?.host) ?? (utilities.getEnv("DOCKER_HOST") || "");
resourceInputs["registries"] = pulumi.output(args?.registries).apply(JSON.stringify);
resourceInputs["host"] = (args ? args.host : undefined) ?? (utilities.getEnv("DOCKER_HOST") || "");
resourceInputs["registries"] = pulumi.output(args ? args.registries : undefined).apply(JSON.stringify);
}
opts = pulumi.mergeOptions(utilities.resourceOptsDefaults(), opts);
super(Provider.__pulumiType, name, resourceInputs, opts);

2
sdk/nodejs/tsconfig.json generated
View File

@@ -1,7 +1,7 @@
{
"compilerOptions": {
"outDir": "bin",
"target": "ES2020",
"target": "es2016",
"module": "commonjs",
"moduleResolution": "node",
"declaration": true,

50
sdk/nodejs/types/input.ts generated
View File

@@ -104,12 +104,6 @@ export interface CacheFromAzureBlobArgs {
secretAccessKey?: pulumi.Input<string>;
}
/**
* Recommended for use with GitHub Actions workflows.
*
* An action like `crazy-max/ghaction-github-runtime` is recommended to expose
* appropriate credentials to your GitHub workflow.
*/
export interface CacheFromGitHubActionsArgs {
/**
* The scope to use for cache keys. Defaults to `buildkit`.
@@ -118,6 +112,23 @@ export interface CacheFromGitHubActionsArgs {
* workflow, otherwise caches will overwrite each other.
*/
scope?: pulumi.Input<string>;
/**
* The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*/
token?: pulumi.Input<string>;
/**
* The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*/
url?: pulumi.Input<string>;
}
/**
* cacheFromGitHubActionsArgsProvideDefaults sets the appropriate defaults for CacheFromGitHubActionsArgs
@@ -126,6 +137,8 @@ export function cacheFromGitHubActionsArgsProvideDefaults(val: CacheFromGitHubAc
return {
...val,
scope: (val.scope) ?? "buildkit",
token: (val.token) ?? (utilities.getEnv("ACTIONS_RUNTIME_TOKEN") || ""),
url: (val.url) ?? (utilities.getEnv("ACTIONS_CACHE_URL") || ""),
};
}
@@ -290,12 +303,6 @@ export function cacheToAzureBlobArgsProvideDefaults(val: CacheToAzureBlobArgs):
};
}
/**
* Recommended for use with GitHub Actions workflows.
*
* An action like `crazy-max/ghaction-github-runtime` is recommended to expose
* appropriate credentials to your GitHub workflow.
*/
export interface CacheToGitHubActionsArgs {
/**
* Ignore errors caused by failed cache exports.
@@ -312,6 +319,23 @@ export interface CacheToGitHubActionsArgs {
* workflow, otherwise caches will overwrite each other.
*/
scope?: pulumi.Input<string>;
/**
* The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*/
token?: pulumi.Input<string>;
/**
* The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*/
url?: pulumi.Input<string>;
}
/**
* cacheToGitHubActionsArgsProvideDefaults sets the appropriate defaults for CacheToGitHubActionsArgs
@@ -322,6 +346,8 @@ export function cacheToGitHubActionsArgsProvideDefaults(val: CacheToGitHubAction
ignoreError: (val.ignoreError) ?? false,
mode: (val.mode) ?? "min",
scope: (val.scope) ?? "buildkit",
token: (val.token) ?? (utilities.getEnv("ACTIONS_RUNTIME_TOKEN") || ""),
url: (val.url) ?? (utilities.getEnv("ACTIONS_CACHE_URL") || ""),
};
}

50
sdk/nodejs/types/output.ts generated
View File

@@ -104,12 +104,6 @@ export interface CacheFromAzureBlob {
secretAccessKey?: string;
}
/**
* Recommended for use with GitHub Actions workflows.
*
* An action like `crazy-max/ghaction-github-runtime` is recommended to expose
* appropriate credentials to your GitHub workflow.
*/
export interface CacheFromGitHubActions {
/**
* The scope to use for cache keys. Defaults to `buildkit`.
@@ -118,6 +112,23 @@ export interface CacheFromGitHubActions {
* workflow, otherwise caches will overwrite each other.
*/
scope?: string;
/**
* The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*/
token?: string;
/**
* The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*/
url?: string;
}
/**
* cacheFromGitHubActionsProvideDefaults sets the appropriate defaults for CacheFromGitHubActions
@@ -126,6 +137,8 @@ export function cacheFromGitHubActionsProvideDefaults(val: CacheFromGitHubAction
return {
...val,
scope: (val.scope) ?? "buildkit",
token: (val.token) ?? (utilities.getEnv("ACTIONS_RUNTIME_TOKEN") || ""),
url: (val.url) ?? (utilities.getEnv("ACTIONS_CACHE_URL") || ""),
};
}
@@ -290,12 +303,6 @@ export function cacheToAzureBlobProvideDefaults(val: CacheToAzureBlob): CacheToA
};
}
/**
* Recommended for use with GitHub Actions workflows.
*
* An action like `crazy-max/ghaction-github-runtime` is recommended to expose
* appropriate credentials to your GitHub workflow.
*/
export interface CacheToGitHubActions {
/**
* Ignore errors caused by failed cache exports.
@@ -312,6 +319,23 @@ export interface CacheToGitHubActions {
* workflow, otherwise caches will overwrite each other.
*/
scope?: string;
/**
* The GitHub Actions token to use. This is not a personal access tokens
* and is typically generated automatically as part of each job.
*
* Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*/
token?: string;
/**
* The cache server URL to use for artifacts.
*
* Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
* `crazy-max/ghaction-github-runtime` is recommended to expose this
* environment variable to your jobs.
*/
url?: string;
}
/**
* cacheToGitHubActionsProvideDefaults sets the appropriate defaults for CacheToGitHubActions
@@ -322,6 +346,8 @@ export function cacheToGitHubActionsProvideDefaults(val: CacheToGitHubActions):
ignoreError: (val.ignoreError) ?? false,
mode: (val.mode) ?? "min",
scope: (val.scope) ?? "buildkit",
token: (val.token) ?? (utilities.getEnv("ACTIONS_RUNTIME_TOKEN") || ""),
url: (val.url) ?? (utilities.getEnv("ACTIONS_CACHE_URL") || ""),
};
}

166
sdk/python/pulumi_docker_build/_inputs.py generated
View File

@@ -281,12 +281,6 @@ class CacheFromAzureBlobArgs:
if not MYPY:
class CacheFromGitHubActionsArgsDict(TypedDict):
"""
Recommended for use with GitHub Actions workflows.
An action like `crazy-max/ghaction-github-runtime` is recommended to expose
appropriate credentials to your GitHub workflow.
"""
scope: NotRequired[pulumi.Input[_builtins.str]]
"""
The scope to use for cache keys. Defaults to `buildkit`.
@@ -294,27 +288,61 @@ if not MYPY:
This should be set if building and caching multiple images in one
workflow, otherwise caches will overwrite each other.
"""
token: NotRequired[pulumi.Input[_builtins.str]]
"""
The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
url: NotRequired[pulumi.Input[_builtins.str]]
"""
The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
elif False:
CacheFromGitHubActionsArgsDict: TypeAlias = Mapping[str, Any]
@pulumi.input_type
class CacheFromGitHubActionsArgs:
def __init__(__self__, *,
scope: Optional[pulumi.Input[_builtins.str]] = None):
scope: Optional[pulumi.Input[_builtins.str]] = None,
token: Optional[pulumi.Input[_builtins.str]] = None,
url: Optional[pulumi.Input[_builtins.str]] = None):
"""
Recommended for use with GitHub Actions workflows.
An action like `crazy-max/ghaction-github-runtime` is recommended to expose
appropriate credentials to your GitHub workflow.
:param pulumi.Input[_builtins.str] scope: The scope to use for cache keys. Defaults to `buildkit`.
This should be set if building and caching multiple images in one
workflow, otherwise caches will overwrite each other.
:param pulumi.Input[_builtins.str] token: The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
:param pulumi.Input[_builtins.str] url: The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
if scope is None:
scope = 'buildkit'
if scope is not None:
pulumi.set(__self__, "scope", scope)
if token is None:
token = (_utilities.get_env('ACTIONS_RUNTIME_TOKEN') or '')
if token is not None:
pulumi.set(__self__, "token", token)
if url is None:
url = (_utilities.get_env('ACTIONS_CACHE_URL') or '')
if url is not None:
pulumi.set(__self__, "url", url)
@_builtins.property
@pulumi.getter
@@ -331,6 +359,39 @@ class CacheFromGitHubActionsArgs:
def scope(self, value: Optional[pulumi.Input[_builtins.str]]):
pulumi.set(self, "scope", value)
@_builtins.property
@pulumi.getter
def token(self) -> Optional[pulumi.Input[_builtins.str]]:
"""
The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
return pulumi.get(self, "token")
@token.setter
def token(self, value: Optional[pulumi.Input[_builtins.str]]):
pulumi.set(self, "token", value)
@_builtins.property
@pulumi.getter
def url(self) -> Optional[pulumi.Input[_builtins.str]]:
"""
The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
return pulumi.get(self, "url")
@url.setter
def url(self, value: Optional[pulumi.Input[_builtins.str]]):
pulumi.set(self, "url", value)
if not MYPY:
class CacheFromLocalArgsDict(TypedDict):
@@ -916,12 +977,6 @@ class CacheToAzureBlobArgs:
if not MYPY:
class CacheToGitHubActionsArgsDict(TypedDict):
"""
Recommended for use with GitHub Actions workflows.
An action like `crazy-max/ghaction-github-runtime` is recommended to expose
appropriate credentials to your GitHub workflow.
"""
ignore_error: NotRequired[pulumi.Input[_builtins.bool]]
"""
Ignore errors caused by failed cache exports.
@@ -937,6 +992,23 @@ if not MYPY:
This should be set if building and caching multiple images in one
workflow, otherwise caches will overwrite each other.
"""
token: NotRequired[pulumi.Input[_builtins.str]]
"""
The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
url: NotRequired[pulumi.Input[_builtins.str]]
"""
The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
elif False:
CacheToGitHubActionsArgsDict: TypeAlias = Mapping[str, Any]
@@ -945,18 +1017,27 @@ class CacheToGitHubActionsArgs:
def __init__(__self__, *,
ignore_error: Optional[pulumi.Input[_builtins.bool]] = None,
mode: Optional[pulumi.Input['CacheMode']] = None,
scope: Optional[pulumi.Input[_builtins.str]] = None):
scope: Optional[pulumi.Input[_builtins.str]] = None,
token: Optional[pulumi.Input[_builtins.str]] = None,
url: Optional[pulumi.Input[_builtins.str]] = None):
"""
Recommended for use with GitHub Actions workflows.
An action like `crazy-max/ghaction-github-runtime` is recommended to expose
appropriate credentials to your GitHub workflow.
:param pulumi.Input[_builtins.bool] ignore_error: Ignore errors caused by failed cache exports.
:param pulumi.Input['CacheMode'] mode: The cache mode to use. Defaults to `min`.
:param pulumi.Input[_builtins.str] scope: The scope to use for cache keys. Defaults to `buildkit`.
This should be set if building and caching multiple images in one
workflow, otherwise caches will overwrite each other.
:param pulumi.Input[_builtins.str] token: The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
:param pulumi.Input[_builtins.str] url: The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
if ignore_error is None:
ignore_error = False
@@ -970,6 +1051,14 @@ class CacheToGitHubActionsArgs:
scope = 'buildkit'
if scope is not None:
pulumi.set(__self__, "scope", scope)
if token is None:
token = (_utilities.get_env('ACTIONS_RUNTIME_TOKEN') or '')
if token is not None:
pulumi.set(__self__, "token", token)
if url is None:
url = (_utilities.get_env('ACTIONS_CACHE_URL') or '')
if url is not None:
pulumi.set(__self__, "url", url)
@_builtins.property
@pulumi.getter(name="ignoreError")
@@ -1010,6 +1099,39 @@ class CacheToGitHubActionsArgs:
def scope(self, value: Optional[pulumi.Input[_builtins.str]]):
pulumi.set(self, "scope", value)
@_builtins.property
@pulumi.getter
def token(self) -> Optional[pulumi.Input[_builtins.str]]:
"""
The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
return pulumi.get(self, "token")
@token.setter
def token(self, value: Optional[pulumi.Input[_builtins.str]]):
pulumi.set(self, "token", value)
@_builtins.property
@pulumi.getter
def url(self) -> Optional[pulumi.Input[_builtins.str]]:
"""
The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
return pulumi.get(self, "url")
@url.setter
def url(self, value: Optional[pulumi.Input[_builtins.str]]):
pulumi.set(self, "url", value)
if not MYPY:
class CacheToInlineArgsDict(TypedDict):

116
sdk/python/pulumi_docker_build/outputs.py generated
View File

@@ -293,28 +293,39 @@ class CacheFromAzureBlob(dict):
@pulumi.output_type
class CacheFromGitHubActions(dict):
"""
Recommended for use with GitHub Actions workflows.
An action like `crazy-max/ghaction-github-runtime` is recommended to expose
appropriate credentials to your GitHub workflow.
"""
def __init__(__self__, *,
scope: Optional[_builtins.str] = None):
scope: Optional[_builtins.str] = None,
token: Optional[_builtins.str] = None,
url: Optional[_builtins.str] = None):
"""
Recommended for use with GitHub Actions workflows.
An action like `crazy-max/ghaction-github-runtime` is recommended to expose
appropriate credentials to your GitHub workflow.
:param _builtins.str scope: The scope to use for cache keys. Defaults to `buildkit`.
This should be set if building and caching multiple images in one
workflow, otherwise caches will overwrite each other.
:param _builtins.str token: The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
:param _builtins.str url: The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
if scope is None:
scope = 'buildkit'
if scope is not None:
pulumi.set(__self__, "scope", scope)
if token is None:
token = (_utilities.get_env('ACTIONS_RUNTIME_TOKEN') or '')
if token is not None:
pulumi.set(__self__, "token", token)
if url is None:
url = (_utilities.get_env('ACTIONS_CACHE_URL') or '')
if url is not None:
pulumi.set(__self__, "url", url)
@_builtins.property
@pulumi.getter
@@ -327,6 +338,31 @@ class CacheFromGitHubActions(dict):
"""
return pulumi.get(self, "scope")
@_builtins.property
@pulumi.getter
def token(self) -> Optional[_builtins.str]:
"""
The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
return pulumi.get(self, "token")
@_builtins.property
@pulumi.getter
def url(self) -> Optional[_builtins.str]:
"""
The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
return pulumi.get(self, "url")
@pulumi.output_type
class CacheFromLocal(dict):
@@ -748,12 +784,6 @@ class CacheToAzureBlob(dict):
@pulumi.output_type
class CacheToGitHubActions(dict):
"""
Recommended for use with GitHub Actions workflows.
An action like `crazy-max/ghaction-github-runtime` is recommended to expose
appropriate credentials to your GitHub workflow.
"""
@staticmethod
def __key_warning(key: str):
suggest = None
@@ -774,18 +804,27 @@ class CacheToGitHubActions(dict):
def __init__(__self__, *,
ignore_error: Optional[_builtins.bool] = None,
mode: Optional['CacheMode'] = None,
scope: Optional[_builtins.str] = None):
scope: Optional[_builtins.str] = None,
token: Optional[_builtins.str] = None,
url: Optional[_builtins.str] = None):
"""
Recommended for use with GitHub Actions workflows.
An action like `crazy-max/ghaction-github-runtime` is recommended to expose
appropriate credentials to your GitHub workflow.
:param _builtins.bool ignore_error: Ignore errors caused by failed cache exports.
:param 'CacheMode' mode: The cache mode to use. Defaults to `min`.
:param _builtins.str scope: The scope to use for cache keys. Defaults to `buildkit`.
This should be set if building and caching multiple images in one
workflow, otherwise caches will overwrite each other.
:param _builtins.str token: The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
:param _builtins.str url: The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
if ignore_error is None:
ignore_error = False
@@ -799,6 +838,14 @@ class CacheToGitHubActions(dict):
scope = 'buildkit'
if scope is not None:
pulumi.set(__self__, "scope", scope)
if token is None:
token = (_utilities.get_env('ACTIONS_RUNTIME_TOKEN') or '')
if token is not None:
pulumi.set(__self__, "token", token)
if url is None:
url = (_utilities.get_env('ACTIONS_CACHE_URL') or '')
if url is not None:
pulumi.set(__self__, "url", url)
@_builtins.property
@pulumi.getter(name="ignoreError")
@@ -827,6 +874,31 @@ class CacheToGitHubActions(dict):
"""
return pulumi.get(self, "scope")
@_builtins.property
@pulumi.getter
def token(self) -> Optional[_builtins.str]:
"""
The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
return pulumi.get(self, "token")
@_builtins.property
@pulumi.getter
def url(self) -> Optional[_builtins.str]:
"""
The cache server URL to use for artifacts.
Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
`crazy-max/ghaction-github-runtime` is recommended to expose this
environment variable to your jobs.
"""
return pulumi.get(self, "url")
@pulumi.output_type
class CacheToInline(dict):