sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity

Compare commits

base: sam_oneal:update-github-actions-workflows-970
Branches Tags
sam_oneal:main sam_oneal:debug-image sam_oneal:renovate/major-pulumi sam_oneal:renovate/security sam_oneal:update-pulumi/26579044728-128 sam_oneal:update-pulumi/26229658565-127 sam_oneal:renovate/major-security sam_oneal:update-pulumi/25497905451-125 sam_oneal:update-github-actions-workflows-1172 sam_oneal:update-pulumi/24511459645-122 sam_oneal:update-pulumi/24191344757-121 sam_oneal:update-pulumi/23901444046-120 sam_oneal:update-pulumi/23595431521-119 sam_oneal:update-pulumi/23295872936-118 sam_oneal:update-github-actions-workflows-704 sam_oneal:update-pulumi/23002983312-117 sam_oneal:update-pulumi/22718886647-116 sam_oneal:update-github-actions-workflows-1114 sam_oneal:update-pulumi/22442999542-115 sam_oneal:update-pulumi/22182641498-114 sam_oneal:update-github-actions-workflows-1092 sam_oneal:update-pulumi/21947465199-113 sam_oneal:iwahhbe/update-dotnet-codegen sam_oneal:update-pulumi/21712281897-112 sam_oneal:update-github-actions-workflows-642 sam_oneal:update-pulumi/21478933959-111 sam_oneal:update-pulumi/21249204200-110 sam_oneal:update-pulumi/21031979833-109 sam_oneal:update-pulumi/20817484855-108 sam_oneal:update-pulumi/20638879280-107 sam_oneal:update-pulumi/20505377620-106 sam_oneal:update-pulumi/20337605127-105 sam_oneal:update-github-actions-workflows-1025 sam_oneal:update-github-actions-workflows-1024 sam_oneal:update-github-actions-workflows-568 sam_oneal:update-github-actions-workflows-1023 sam_oneal:update-github-actions-workflows-1022 sam_oneal:update-github-actions-workflows-1021 sam_oneal:update-github-actions-workflows-1020 sam_oneal:update-github-actions-workflows-1019 sam_oneal:update-pulumi/20133762954-104 sam_oneal:update-github-actions-workflows-1016 sam_oneal:update-github-actions-workflows-1015 sam_oneal:update-github-actions-workflows-1014 sam_oneal:update-github-actions-workflows-1013 sam_oneal:update-github-actions-workflows-1012 sam_oneal:update-github-actions-workflows-1011 sam_oneal:update-pulumi/19929659171-103 sam_oneal:update-github-actions-workflows-1010 sam_oneal:update-github-actions-workflows-1009 sam_oneal:update-github-actions-workflows-1008 sam_oneal:update-github-actions-workflows-1007 sam_oneal:update-github-actions-workflows-1006 sam_oneal:update-github-actions-workflows-1005 sam_oneal:update-github-actions-workflows-1004 sam_oneal:update-github-actions-workflows-1003 sam_oneal:update-pulumi/19736920399-102 sam_oneal:update-github-actions-workflows-1002 sam_oneal:update-github-actions-workflows-1001 sam_oneal:update-github-actions-workflows-1000 sam_oneal:update-pulumi/19537526118-101 sam_oneal:update-pulumi/19332198478-100 sam_oneal:update-github-actions-workflows-985 sam_oneal:update-github-actions-workflows-984 sam_oneal:update-github-actions-workflows-983 sam_oneal:pose/fixes/golangci-lint-upgrade-to-v2 sam_oneal:update-github-actions-workflows-982 sam_oneal:update-github-actions-workflows-981 sam_oneal:update-pulumi/19136291852-99 sam_oneal:update-github-actions-workflows-980 sam_oneal:update-github-actions-workflows-979 sam_oneal:update-github-actions-workflows-978 sam_oneal:update-github-actions-workflows-977 sam_oneal:update-github-actions-workflows-976 sam_oneal:update-github-actions-workflows-975 sam_oneal:update-github-actions-workflows-974 sam_oneal:update-pulumi/18941265690-98 sam_oneal:update-github-actions-workflows-973 sam_oneal:update-github-actions-workflows-972 sam_oneal:update-github-actions-workflows-971 sam_oneal:update-github-actions-workflows-970 sam_oneal:update-github-actions-workflows-969 sam_oneal:update-github-actions-workflows-965 sam_oneal:update-pulumi/18748991289-97 sam_oneal:update-pulumi/18561908881-96 sam_oneal:update-pulumi/18376962578-95 sam_oneal:update-pulumi/18193512866-94 sam_oneal:update-github-actions-workflows-552 sam_oneal:update-github-actions-workflows-548 sam_oneal:update-github-actions-workflows-546 sam_oneal:update-pulumi/18008090346-93 sam_oneal:update-pulumi/17829264550-92 sam_oneal:update-pulumi/17645108435-91 sam_oneal:update-github-actions-workflows-920 sam_oneal:update-github-actions-workflows-913 sam_oneal:update-github-actions-workflows-912 sam_oneal:update-github-actions-workflows-911 sam_oneal:update-github-actions-workflows-910 sam_oneal:update-pulumi/17296416183-89 sam_oneal:update-pulumi/17127477815-88 sam_oneal:update-github-actions-workflows-889 sam_oneal:update-github-actions-workflows-493 sam_oneal:blampe/json-keys sam_oneal:update-pulumi/16497427062-83 sam_oneal:blampe/go-provider-bracket sam_oneal:update-github-actions-workflows-784 sam_oneal:update-pulumi/14642101166-70 sam_oneal:adopt-ci-mgmt sam_oneal:mise sam_oneal:blampe/gha-token sam_oneal:iwahbe/upgrade-go-provider sam_oneal:ci
sam_oneal:v0.0.19 sam_oneal:sdk/go/dockerbuild/v0.0.18 sam_oneal:v0.0.18 sam_oneal:sdk/go/dockerbuild/v0.0.17 sam_oneal:v0.0.17 sam_oneal:sdk/go/dockerbuild/v0.0.16 sam_oneal:v0.0.16 sam_oneal:sdk/go/dockerbuild/v0.0.15 sam_oneal:v0.0.15 sam_oneal:sdk/go/dockerbuild/v0.0.14 sam_oneal:v0.0.14 sam_oneal:sdk/go/dockerbuild/v0.0.13 sam_oneal:v0.0.13 sam_oneal:sdk/go/dockerbuild/v0.0.12 sam_oneal:v0.0.12 sam_oneal:sdk/go/dockerbuild/v0.0.11 sam_oneal:v0.0.11 sam_oneal:sdk/go/dockerbuild/v0.0.10 sam_oneal:v0.0.10 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.99 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.100 sam_oneal:v0.0.1-alpha.100 sam_oneal:v0.0.1-testwindows.signing sam_oneal:sdk/go/dockerbuild/v0.0.9 sam_oneal:v0.0.9 sam_oneal:sdk/go/dockerbuild/v0.0.8 sam_oneal:v0.0.8 sam_oneal:sdk/go/dockerbuild/v0.0.7 sam_oneal:v0.0.7 sam_oneal:sdk/go/dockerbuild/v0.0.6 sam_oneal:v0.0.6 sam_oneal:sdk/go/dockerbuild/v0.0.5 sam_oneal:v0.0.5 sam_oneal:sdk/go/dockerbuild/v0.0.4 sam_oneal:v0.0.4 sam_oneal:sdk/go/dockerbuild/v0.0.3 sam_oneal:sdk/v0.0.3 sam_oneal:v0.0.3 sam_oneal:v0.0.2 sam_oneal:sdk/v0.0.2 sam_oneal:sdk/v0.0.1 sam_oneal:v0.0.1 sam_oneal:v0.0.1-alpha.3 sam_oneal:v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.1 sam_oneal:v0.0.1-alpha.1
..
compare: sam_oneal:adopt-ci-mgmt
Branches Tags
sam_oneal:debug-image sam_oneal:renovate/major-pulumi sam_oneal:renovate/security sam_oneal:main sam_oneal:update-pulumi/26579044728-128 sam_oneal:update-pulumi/26229658565-127 sam_oneal:renovate/major-security sam_oneal:update-pulumi/25497905451-125 sam_oneal:update-github-actions-workflows-1172 sam_oneal:update-pulumi/24511459645-122 sam_oneal:update-pulumi/24191344757-121 sam_oneal:update-pulumi/23901444046-120 sam_oneal:update-pulumi/23595431521-119 sam_oneal:update-pulumi/23295872936-118 sam_oneal:update-github-actions-workflows-704 sam_oneal:update-pulumi/23002983312-117 sam_oneal:update-pulumi/22718886647-116 sam_oneal:update-github-actions-workflows-1114 sam_oneal:update-pulumi/22442999542-115 sam_oneal:update-pulumi/22182641498-114 sam_oneal:update-github-actions-workflows-1092 sam_oneal:update-pulumi/21947465199-113 sam_oneal:iwahhbe/update-dotnet-codegen sam_oneal:update-pulumi/21712281897-112 sam_oneal:update-github-actions-workflows-642 sam_oneal:update-pulumi/21478933959-111 sam_oneal:update-pulumi/21249204200-110 sam_oneal:update-pulumi/21031979833-109 sam_oneal:update-pulumi/20817484855-108 sam_oneal:update-pulumi/20638879280-107 sam_oneal:update-pulumi/20505377620-106 sam_oneal:update-pulumi/20337605127-105 sam_oneal:update-github-actions-workflows-1025 sam_oneal:update-github-actions-workflows-1024 sam_oneal:update-github-actions-workflows-568 sam_oneal:update-github-actions-workflows-1023 sam_oneal:update-github-actions-workflows-1022 sam_oneal:update-github-actions-workflows-1021 sam_oneal:update-github-actions-workflows-1020 sam_oneal:update-github-actions-workflows-1019 sam_oneal:update-pulumi/20133762954-104 sam_oneal:update-github-actions-workflows-1016 sam_oneal:update-github-actions-workflows-1015 sam_oneal:update-github-actions-workflows-1014 sam_oneal:update-github-actions-workflows-1013 sam_oneal:update-github-actions-workflows-1012 sam_oneal:update-github-actions-workflows-1011 sam_oneal:update-pulumi/19929659171-103 sam_oneal:update-github-actions-workflows-1010 sam_oneal:update-github-actions-workflows-1009 sam_oneal:update-github-actions-workflows-1008 sam_oneal:update-github-actions-workflows-1007 sam_oneal:update-github-actions-workflows-1006 sam_oneal:update-github-actions-workflows-1005 sam_oneal:update-github-actions-workflows-1004 sam_oneal:update-github-actions-workflows-1003 sam_oneal:update-pulumi/19736920399-102 sam_oneal:update-github-actions-workflows-1002 sam_oneal:update-github-actions-workflows-1001 sam_oneal:update-github-actions-workflows-1000 sam_oneal:update-pulumi/19537526118-101 sam_oneal:update-pulumi/19332198478-100 sam_oneal:update-github-actions-workflows-985 sam_oneal:update-github-actions-workflows-984 sam_oneal:update-github-actions-workflows-983 sam_oneal:pose/fixes/golangci-lint-upgrade-to-v2 sam_oneal:update-github-actions-workflows-982 sam_oneal:update-github-actions-workflows-981 sam_oneal:update-pulumi/19136291852-99 sam_oneal:update-github-actions-workflows-980 sam_oneal:update-github-actions-workflows-979 sam_oneal:update-github-actions-workflows-978 sam_oneal:update-github-actions-workflows-977 sam_oneal:update-github-actions-workflows-976 sam_oneal:update-github-actions-workflows-975 sam_oneal:update-github-actions-workflows-974 sam_oneal:update-pulumi/18941265690-98 sam_oneal:update-github-actions-workflows-973 sam_oneal:update-github-actions-workflows-972 sam_oneal:update-github-actions-workflows-971 sam_oneal:update-github-actions-workflows-970 sam_oneal:update-github-actions-workflows-969 sam_oneal:update-github-actions-workflows-965 sam_oneal:update-pulumi/18748991289-97 sam_oneal:update-pulumi/18561908881-96 sam_oneal:update-pulumi/18376962578-95 sam_oneal:update-pulumi/18193512866-94 sam_oneal:update-github-actions-workflows-552 sam_oneal:update-github-actions-workflows-548 sam_oneal:update-github-actions-workflows-546 sam_oneal:update-pulumi/18008090346-93 sam_oneal:update-pulumi/17829264550-92 sam_oneal:update-pulumi/17645108435-91 sam_oneal:update-github-actions-workflows-920 sam_oneal:update-github-actions-workflows-913 sam_oneal:update-github-actions-workflows-912 sam_oneal:update-github-actions-workflows-911 sam_oneal:update-github-actions-workflows-910 sam_oneal:update-pulumi/17296416183-89 sam_oneal:update-pulumi/17127477815-88 sam_oneal:update-github-actions-workflows-889 sam_oneal:update-github-actions-workflows-493 sam_oneal:blampe/json-keys sam_oneal:update-pulumi/16497427062-83 sam_oneal:blampe/go-provider-bracket sam_oneal:update-github-actions-workflows-784 sam_oneal:update-pulumi/14642101166-70 sam_oneal:adopt-ci-mgmt sam_oneal:mise sam_oneal:blampe/gha-token sam_oneal:iwahbe/upgrade-go-provider sam_oneal:ci
sam_oneal:v0.0.19 sam_oneal:sdk/go/dockerbuild/v0.0.18 sam_oneal:v0.0.18 sam_oneal:sdk/go/dockerbuild/v0.0.17 sam_oneal:v0.0.17 sam_oneal:sdk/go/dockerbuild/v0.0.16 sam_oneal:v0.0.16 sam_oneal:sdk/go/dockerbuild/v0.0.15 sam_oneal:v0.0.15 sam_oneal:sdk/go/dockerbuild/v0.0.14 sam_oneal:v0.0.14 sam_oneal:sdk/go/dockerbuild/v0.0.13 sam_oneal:v0.0.13 sam_oneal:sdk/go/dockerbuild/v0.0.12 sam_oneal:v0.0.12 sam_oneal:sdk/go/dockerbuild/v0.0.11 sam_oneal:v0.0.11 sam_oneal:sdk/go/dockerbuild/v0.0.10 sam_oneal:v0.0.10 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.99 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.100 sam_oneal:v0.0.1-alpha.100 sam_oneal:v0.0.1-testwindows.signing sam_oneal:sdk/go/dockerbuild/v0.0.9 sam_oneal:v0.0.9 sam_oneal:sdk/go/dockerbuild/v0.0.8 sam_oneal:v0.0.8 sam_oneal:sdk/go/dockerbuild/v0.0.7 sam_oneal:v0.0.7 sam_oneal:sdk/go/dockerbuild/v0.0.6 sam_oneal:v0.0.6 sam_oneal:sdk/go/dockerbuild/v0.0.5 sam_oneal:v0.0.5 sam_oneal:sdk/go/dockerbuild/v0.0.4 sam_oneal:v0.0.4 sam_oneal:sdk/go/dockerbuild/v0.0.3 sam_oneal:sdk/v0.0.3 sam_oneal:v0.0.3 sam_oneal:v0.0.2 sam_oneal:sdk/v0.0.2 sam_oneal:sdk/v0.0.1 sam_oneal:v0.0.1 sam_oneal:v0.0.1-alpha.3 sam_oneal:v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.1 sam_oneal:v0.0.1-alpha.1

1 Commits
update-git ... adopt-ci-m

Author SHA1 Message Date
Matthew Jeffryes
0338f519eb [DO NOT MERGE] test yaml test job 2025-04-09 16:34:26 -07:00
148 changed files with 5452 additions and 5526 deletions
Expand all files Collapse all files

35
.ci-mgmt.yaml
View File

@@ -4,26 +4,23 @@ major-version: 0
providerDefaultBranch: main
providerVersion: github.com/pulumi/pulumi-docker-build/provider.Version
aws: true
modulePath: .
gcp: true
sdkModuleDir: sdk/go/dockerbuild
parallel: 3
esc:
enabled: true
envOverride:
AWS_REGION: us-west-2
PULUMI_API: "https://api.pulumi-staging.io"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT: pulumi-ci-gcp-provider
GOOGLE_PROJECT_NUMBER: 895284651812
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
AWS_REGION: us-west-2
PULUMI_API: "https://api.pulumi-staging.io"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT: pulumi-ci-gcp-provider
GOOGLE_PROJECT_NUMBER: 895284651812
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}

87
.config/mise.lock
View File

@@ -1,87 +0,0 @@
[[tools.dotnet]]
version = "8.0.414"
backend = "asdf:dotnet"
[[tools."github:pulumi/pulumictl"]]
version = "0.0.50"
backend = "github:pulumi/pulumictl"
[tools."github:pulumi/pulumictl".platforms.linux-x64]
checksum = "blake3:c128dd74993f779c613296fe7cd21c20cbd323f24e59cb76e007620660b60348"
name = "pulumictl-v0.0.50-linux-amd64.tar.gz"
size = 27744219
url = "https://github.com/pulumi/pulumictl/releases/download/v0.0.50/pulumictl-v0.0.50-linux-amd64.tar.gz"
url_api = ""
[[tools."github:pulumi/schema-tools"]]
version = "0.6.0"
backend = "github:pulumi/schema-tools"
[tools."github:pulumi/schema-tools".platforms.linux-x64]
checksum = "blake3:82dfe616fee18b4258f6e3d2dc3c4e9f14afd43a0a4cc33eff2d2a04088d6ca3"
name = "schema-tools-v0.6.0-linux-amd64.tar.gz"
size = 14282746
url = "https://github.com/pulumi/schema-tools/releases/download/v0.6.0/schema-tools-v0.6.0-linux-amd64.tar.gz"
url_api = ""
[[tools.go]]
version = "1.24.1"
backend = "core:go"
[tools.go.platforms.linux-x64]
checksum = "sha256:cb2396bae64183cdccf81a9a6df0aea3bce9511fc21469fb89a0c00470088073"
size = 78503123
url = "https://dl.google.com/go/go1.24.1.linux-amd64.tar.gz"
[[tools.golangci-lint]]
version = "1.64.8"
backend = "aqua:golangci/golangci-lint"
[tools.golangci-lint.platforms.linux-x64]
checksum = "sha256:b6270687afb143d019f387c791cd2a6f1cb383be9b3124d241ca11bd3ce2e54e"
size = 12364828
url = "https://github.com/golangci/golangci-lint/releases/download/v1.64.8/golangci-lint-1.64.8-linux-amd64.tar.gz"
[[tools.gradle]]
version = "7.6.6"
backend = "aqua:gradle/gradle"
[tools.gradle.platforms.linux-x64]
checksum = "blake3:5cad8fc455b720b68a0bd2907d435e2919581708243f84f27845fe8812a09323"
size = 128439774
url = "https://github.com/gradle/gradle-distributions/releases/download/v7.6.6/gradle-7.6.6-bin.zip"
[[tools.java]]
version = "corretto-11.0.28.6.1"
backend = "core:java"
[tools.java.platforms.linux-x64]
checksum = "sha256:70734c46e0bbeb7f45b721756ba0b2f1f1e1ef85a11e10d5a488f06b257dadd9"
size = 195648709
url = "https://corretto.aws/downloads/resources/11.0.28.6.1/amazon-corretto-11.0.28.6.1-linux-x64.tar.gz"
[[tools.node]]
version = "20.19.5"
backend = "core:node"
[tools.node.platforms.linux-x64]
checksum = "sha256:4eba5fbe1fb10753bc06e42f001a91c5cec16798b7764a3e9257adc59af47fe1"
size = 47041607
url = "https://nodejs.org/dist/v20.19.5/node-v20.19.5-linux-x64.tar.gz"
[[tools."npm:yarn"]]
version = "1.22.22"
backend = "npm:yarn"
[[tools.pulumi]]
version = "3.192.0"
backend = "aqua:pulumi/pulumi"
[tools.pulumi.platforms.linux-x64]
checksum = "sha512:6351213bee02ade5b76407d9b43cdb243fa461ca38231b03410de5aa1f697e55ab6467da2a9e37ebbff7be6cd3485d833e9ad8f29d4de6919bbdd471fb25e45a"
size = 92867578
url = "https://github.com/pulumi/pulumi/releases/download/v3.192.0/pulumi-v3.192.0-linux-x64.tar.gz"
[[tools.python]]
version = "3.11.8"
backend = "core:python"

7
.config/mise.test.toml
View File

@@ -1,7 +0,0 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
# Overrides tool versions for test workflows
[tools]
# always use pulumi latest for tests
pulumi = "latest"

29
.config/mise.toml
View File

@@ -1,29 +0,0 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
# You can create your own root-level mise.toml file to override/augment this. See https://mise.jdx.dev/configuration.html
[env]
_.source = "{{config_root}}/scripts/get-versions.sh"
PULUMI_HOME = "{{config_root}}/.pulumi"
[tools]
# Runtimes
# TODO: we may not need `get_env` once https://github.com/jdx/mise/discussions/6339 is fixed
go = "{{ get_env(name='GO_VERSION_MISE', default='latest') }}"
node = '20.19.5'
python = '3.11.8'
dotnet = '8.0.414'
# Corretto version used as Java SE/OpenJDK version no longer offered
java = 'corretto-11'
# Executable tools
pulumi = "{{ get_env(name='PULUMI_VERSION_MISE', default='latest') }}"
"github:pulumi/pulumictl" = 'latest'
"github:pulumi/schema-tools" = "latest"
gradle = '7.6'
golangci-lint = "1.64.8" # See note about about overrides if you need to customize this.
"npm:yarn" = "1.22.22"
[settings]
experimental = true # Required for Go binaries (e.g. pulumictl).
lockfile = true

69
.github/ISSUE_TEMPLATE/bug.yaml vendored
View File

@@ -1,69 +0,0 @@
name: Bug Report
description: Report something that's not working correctly
labels: ["kind/bug", "needs-triage"]
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to fill out this bug report!
You can also ask questions on our [Community Slack](https://slack.pulumi.com/).
- type: textarea
id: what-happened
attributes:
label: Describe what happened
description: Please summarize what happened, including what Pulumi commands you ran, as well as
an inline snippet of any relevant error or console output.
validations:
required: true
- type: textarea
id: sample-program
attributes:
label: Sample program
description: |
<details><summary>Provide a reproducible sample program</summary>
If this is a bug you encountered while running a Pulumi command, please provide us with a minimal,
self-contained Pulumi program that reproduces this behavior so that we can investigate on our end.
Without a functional reproduction, we will not be able to prioritize this bug.
**Note:** If the program output is more than a few lines, please send us a Gist or a link to a file.
</details>
validations:
required: true
- type: textarea
id: log-output
attributes:
label: Log output
description: |
<details><summary>How to Submit Logs</summary>
If this is something that is dependent on your environment, please also provide us with the output of
`pulumi up --logtostderr --logflow -v=10` from the root of your project.
We may also ask you to supply us with debug output following [these steps](https://www.pulumi.com/docs/using-pulumi/pulumi-packages/debugging-provider-packages/).
**Note:** If the log output is more than a few lines, please send us a Gist or a link to a file.
</details>
- type: textarea
id: resources
attributes:
label: Affected Resource(s)
description: Please list the affected Pulumi Resource(s) or Function(s).
validations:
required: false
- type: textarea
id: versions
attributes:
label: Output of `pulumi about`
description: Provide the output of `pulumi about` from the root of your project.
validations:
required: true
- type: textarea
id: ctx
attributes:
label: Additional context
description: Anything else you would like to add?
validations:
required: false
- type: textarea
id: voting
attributes:
label: Contributing
value: |
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

35
.github/ISSUE_TEMPLATE/epic.md vendored
View File

@@ -1,35 +0,0 @@
---
name: Epic
about: Tracks a shippable unit of work
title: '[Epic] {your-title-here}'
labels: kind/epic
projects: ['pulumi/32']
assignees: ''
type: Epic
---
## Overview
<!-- Start with a one- to three-sentence summary that should be understandable by any Pulumian or community member, even those without any context on the work. -->
## Key KPIs
<!-- What KPIs should this Epic will move; what could we measure to observe that this project was successful? -->
## Key Stakeholders
- Product and Engineering: <!-- Teams and individuals involved in the design and implementation -->
- Documentation: <!-- Representative from the docs team -->
- Marketing/Partnerships: <!-- Representative from the Marketing team -->
- Customers: <!-- [Tracking Issue](add-link-and-uncomment) -->
## Key Deliverables
<!-- List any discrete chunks of work or milestones that are planned in the epic (eg. subcomponent A, dogfood release, beta, etc.) -->
### References 📔
<!-- Any project that is more than one iteration should have a Project Board using this [template](https://github.com/orgs/pulumi/projects/131). -->
- [ ] Project View <!-- [Link](add-link-and-uncomment) -->
- [ ] PR/FAQ <!-- [Link](add-link-and-uncomment) -->
- [ ] Design Doc <!-- [Link](add-link-and-uncomment) -->
- [ ] UX Designs <!-- [Link](add-link-and-uncomment) -->
- [ ] Decision Log <!-- [Link](add-link-and-uncomment) -->
<!-- Work items should be added to the project board linked above -->

12
.github/actions/esc-action/action.yaml vendored
View File

@@ -1,12 +0,0 @@
name: "Load secrets"
description: |
This is a temporary action which assists with our migration to ESC. Instead
of surrounding every step that references secrets with an "if ESC" block, we
instead modify those steps to consume their secrets from this step's outputs.
Then, later, we can replace this action with esc-action to actually load
secrets from ESC.
inputs: {}
outputs: {}
runs:
using: "node20"
main: "index.js"

14
.github/actions/esc-action/index.js vendored
View File

@@ -1,14 +0,0 @@
const fs = require("fs");
const file = process.env["GITHUB_OUTPUT"];
var stream = fs.createWriteStream(file, { flags: "a" });
for (const [name, value] of Object.entries(process.env)) {
try {
stream.write(`${name}<<EEEOOOFFF\n${value}\nEEEOOOFFF\n`); // << syntax accommodates multiline strings.
} catch (err) {
console.log(`error: failed to set output for ${name}: ${err.message}`);
}
}
stream.end();

344
.github/workflows/build.yml vendored
View File

@@ -1,6 +1,6 @@
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
name: main # For consistency with bridged providers.
name: build
on:
push:
branches:
@@ -15,18 +15,43 @@ on:
- "**"
workflow_dispatch: {}
env:
AZURE_SIGNING_CLIENT_ID: ${{ secrets.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ secrets.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ secrets.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ secrets.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ secrets.AZURE_SIGNING_CLIENT_ID == '' &&
secrets.AZURE_SIGNING_CLIENT_SECRET == '' && secrets.AZURE_SIGNING_TENANT_ID
== '' && secrets.AZURE_SIGNING_KEY_VAULT_URI == '' }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PROVIDER: docker-build
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
TRAVIS_OS_NAME: linux
GOVERSION: "1.21.x"
NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x"
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
GOVERSION: 1.21.x
NODEVERSION: 20.x
PYTHONVERSION: "3.11"
DOTNETVERSION: 8.0.x
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -35,49 +60,34 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
jobs:
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
permissions:
id-token: write # For ESC secrets.
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/schema-tools
- name: Build codegen binaries
@@ -87,15 +97,13 @@ jobs:
- if: github.event_name == 'pull_request'
name: Check Schema is Valid
run: >-
{
echo 'SCHEMA_CHANGES<<EOF';
echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json;
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV
echo 'EOF';
} >> "$GITHUB_ENV"
echo 'EOF' >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
@@ -120,13 +128,11 @@ jobs:
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
@@ -155,23 +161,16 @@ jobs:
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -186,15 +185,10 @@ jobs:
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
env:
CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -202,8 +196,6 @@ jobs:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
build_sdks:
needs: prerequisites
runs-on: pulumi-ubuntu-8core
@@ -217,66 +209,52 @@ jobs:
- go
- java
name: build_sdks
permissions:
pull-requests: write # For Renovate SDK updates.
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
- name: Download provider + tfgen binaries
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
@@ -296,13 +274,11 @@ jobs:
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
@@ -331,23 +307,16 @@ jobs:
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -366,43 +335,6 @@ jobs:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
tag_release_if_labeled_needs_release:
name: Tag release if labeled as needs-release
needs: publish
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- name: check if this commit needs release
if: ${{ env.RELEASE_BOT_ENDPOINT != '' }}
uses: pulumi/action-release-by-pr-label@main
with:
command: "release-if-needed"
repo: ${{ github.repository }}
commit: ${{ github.sha }}
slack_channel: C02MGR8JVST
env:
RELEASE_BOT_ENDPOINT: ${{ steps.esc-secrets.outputs.RELEASE_BOT_ENDPOINT }}
RELEASE_BOT_KEY: ${{ steps.esc-secrets.outputs.RELEASE_BOT_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
test:
runs-on: pulumi-ubuntu-8core
needs:
@@ -420,64 +352,53 @@ jobs:
name: test
permissions:
contents: read
id-token: write # For ESC secrets and Pulumi access token OIDC.
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
- name: Download provider + tfgen binaries
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
@@ -489,7 +410,7 @@ jobs:
-exec chmod +x {} \;
- name: Download SDK
if: ${{ matrix.language != 'yaml' }}
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -498,7 +419,7 @@ jobs:
run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
github.workspace}}/sdk/${{ matrix.language}}
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- name: Install Node dependencies
run: yarn global add typescript
- run: dotnet nuget add source ${{ github.workspace }}/nuget
@@ -517,13 +438,13 @@ jobs:
requested-token-type: urn:pulumi:token-type:access_token:organization
export-environment-variables: false
- name: Export AWS Credentials
uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0
uses: pulumi/esc-action@41fd832f44f4820124b5350b5f84a00f741f234e # v1.3.0
env:
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
with:
environment: logins/pulumi-ci
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
uses: google-github-actions/auth@71f986410dfbc7added4569d411d040a91dc6935 # v2.1.8
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
@@ -531,7 +452,7 @@ jobs:
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
uses: google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a # v2.1.4
with:
install_components: gke-gcloud-auth-plugin
- name: Install gotestfmt
@@ -544,8 +465,6 @@ jobs:
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -553,38 +472,22 @@ jobs:
author_name: Failure in SDK tests
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish:
runs-on: ubuntu-latest
needs: test
name: publish
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
@@ -598,31 +501,25 @@ jobs:
swap-storage: true
large-packages: false
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
aws-secret-access-key: ${{ steps.esc-secrets.outputs.AWS_SECRET_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-external-id: upload-pulumi-release
role-to-assume: ${{ steps.esc-secrets.outputs.AWS_UPLOAD_ROLE_ARN }}
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
env:
GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
AZURE_SIGNING_CLIENT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET == '' && steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI == '' }}
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
with:
args: -p 3 -f .goreleaser.prerelease.yml --clean --skip=validate --timeout 60m0s
version: latest
@@ -633,68 +530,52 @@ jobs:
author_name: Failure in publishing binaries
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish_sdk:
runs-on: ubuntu-latest
needs: publish
name: publish_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: ci-scripts
repository: pulumi/scripts
- run: echo "ci-scripts" >> .git/info/exclude
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Download python SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: python-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -702,7 +583,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
${{github.workspace}}/sdk/python
- name: Download dotnet SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: dotnet-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -710,7 +591,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
${{github.workspace}}/sdk/dotnet
- name: Download nodejs SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -722,16 +603,8 @@ jobs:
- name: Publish SDKs
run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
env:
NUGET_PUBLISH_KEY: ${{ steps.esc-secrets.outputs.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ steps.esc-secrets.outputs.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
PYPI_PUBLISH_ARTIFACTS: all
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ steps.esc-secrets.outputs.PYPI_API_TOKEN }}
SIGNING_KEY_ID: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ steps.esc-secrets.outputs.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ steps.esc-secrets.outputs.OSSRH_PASSWORD }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -739,19 +612,17 @@ jobs:
author_name: Failure in publishing SDK
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
@@ -762,7 +633,8 @@ jobs:
uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
with:
version: ${{ env.GOLANGCI_LINT_VERSION }}
working-directory: .
args: -c ../.golangci.yml
working-directory: provider
name: lint
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository

71
.github/workflows/command-dispatch.yml vendored
View File

@@ -1,11 +1,42 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
name: command-dispatch
on:
issue_comment:
types:
- created
- edited
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PROVIDER: docker-build
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
TRAVIS_OS_NAME: linux
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
GOVERSION: 1.21.x
NODEVERSION: 20.x
PYTHONVERSION: "3.11"
DOTNETVERSION: 8.0.x
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -14,41 +45,21 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
jobs:
command-dispatch-for-testing:
name: command-dispatch-for-testing
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write # For ESC secrets.
name: command-dispatch-for-testing
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: peter-evans/slash-command-dispatch@13bc09769d122a64f75aa5037256f6f2d78be8c4 # v4
lfs: true
- uses: peter-evans/slash-command-dispatch@13bc09769d122a64f75aa5037256f6f2d78be8c4 # v4.0.0
with:
commands: |
run-acceptance-tests
release
issue-type: pull-request
permission: write
token: ${{ secrets.PULUMI_BOT_TOKEN }}
reaction-token: ${{ secrets.GITHUB_TOKEN }}
commands: run-acceptance-tests
permission: write
issue-type: pull-request
repository: pulumi/pulumi-docker-build
token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
name: command-dispatch
on:
issue_comment:
types:
- created
- edited
if: ${{ github.event.issue.pull_request }}

42
.github/workflows/comment-on-stale-issues.yml vendored
View File

@@ -1,42 +0,0 @@
name: "Comment on stale issues"
on:
schedule:
- cron: "46 4 * * *" # run once per day
jobs:
cleanup:
runs-on: ubuntu-latest
name: Stale issue job
steps:
- uses: aws-actions/stale-issue-cleanup@5650b49bcd757a078f6ca06c373d7807b773f9bc # v7.1.0
with:
issue-types: issues # only look at issues (ignore pull-requests)
# Setting messages to an empty string causes the automation to skip that category
ancient-issue-message: "Unfortunately, it looks like this issue hasn't seen any updates in a while. If you're still experiencing this issue, could you leave a quick comment to let us know so we can prioritize it?"
ancient-pr-message: ""
stale-issue-message: ""
stale-pr-message: ""
# These labels are required
stale-issue-label: awaiting-feedback # somewhat confusingly, this is also used for when labeling "ancient" issues
exempt-issue-labels: kind/enhancement,kind/task,kind/epic,kind/engineering, awaiting-upstream # only run on kind/bug for now, ignore awaiting-upstream too.
stale-pr-label: no-pr-activity # unused because we aren't processing PRs
exempt-pr-labels: awaiting-approval # unused because we aren't processing PRs
response-requested-label: response-requested # unused because we don't set a "stale-issue-message" above
# Issue timing
days-before-close: 10000 # this action lacks the option not to close, so just set this indefinitly far in the future
days-before-ancient: 180 # 6 months
# If you don't want to mark a issue as being ancient based on a
# threshold of "upvotes", you can set this here. An "upvote" is
# the total number of +1, heart, hooray, and rocket reactions
# on an issue.
minimum-upvotes-to-exempt: 2
repo-token: ${{ secrets.GITHUB_TOKEN }}
loglevel: DEBUG
# Set dry-run to true to not perform label or close actions.
dry-run: true

43
.github/workflows/community-moderation.yml vendored
View File

@@ -1,43 +0,0 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
jobs:
warn_codegen:
name: warn_codegen
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- id: schema_changed
name: Check for diff in schema
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
with:
filters: "changed: 'provider/cmd/**/schema.json'"
- id: sdk_changed
if: steps.schema_changed.outputs.changed == 'false'
name: Check for diff in sdk/**
uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
with:
filters: "changed: 'sdk/**'"
- if: steps.sdk_changed.outputs.changed == 'true' &&
github.event.pull_request.head.repo.full_name != github.repository
name: Send codegen warning as comment on PR
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
message: >
Hello and thank you for your pull request! :heart: :sparkles:
It looks like you're directly modifying files in the language SDKs, many of which are autogenerated.
Be sure any files you're editing do not begin with a code generation warning.
For generated files, you will need to make changes in `resources.go` instead, and [generate the code](https://github.com/pulumi/${{ github.event.repository.name }}/blob/master/CONTRIBUTING.md#committing-generated-code).
name: warn-codegen
on:
pull_request_target:
branches:
- main
types:
- opened

25
.github/workflows/export-repo-secrets.yml vendored
View File

@@ -1,25 +0,0 @@
permissions: write-all # Equivalent to default permissions plus id-token: write
name: Export secrets to ESC
on: [workflow_dispatch]
jobs:
export-to-esc:
runs-on: ubuntu-latest
name: export GitHub secrets to ESC
steps:
- name: Generate a GitHub token
id: generate-token
uses: actions/create-github-app-token@v1
with:
app-id: 1256780 # Export Secrets GitHub App
private-key: ${{ secrets.EXPORT_SECRETS_PRIVATE_KEY }}
- name: Export secrets to ESC
uses: pulumi/esc-export-secrets-action@9d6485759b6adff2538ae91f1b77cc96265c9dad # v1
with:
organization: pulumi
org-environment: imports/github-secrets
exclude-secrets: EXPORT_SECRETS_PRIVATE_KEY
github-token: ${{ steps.generate-token.outputs.token }}
oidc-auth: true
oidc-requested-token-type: urn:pulumi:token-type:access_token:organization
env:
GITHUB_SECRETS: ${{ toJSON(secrets) }}

667
.github/workflows/prerelease.yml vendored
View File

@@ -6,18 +6,43 @@ on:
tags:
- v*.*.*-**
env:
AZURE_SIGNING_CLIENT_ID: ${{ secrets.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ secrets.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ secrets.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ secrets.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ secrets.AZURE_SIGNING_CLIENT_ID == '' &&
secrets.AZURE_SIGNING_CLIENT_SECRET == '' && secrets.AZURE_SIGNING_TENANT_ID
== '' && secrets.AZURE_SIGNING_KEY_VAULT_URI == '' }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PROVIDER: docker-build
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
TRAVIS_OS_NAME: linux
GOVERSION: "1.21.x"
NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x"
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
GOVERSION: 1.21.x
NODEVERSION: 20.x
PYTHONVERSION: "3.11"
DOTNETVERSION: 8.0.x
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -27,46 +52,34 @@ env:
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
IS_PRERELEASE: true
jobs:
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/schema-tools
- name: Build codegen binaries
@@ -76,15 +89,13 @@ jobs:
- if: github.event_name == 'pull_request'
name: Check Schema is Valid
run: >-
{
echo 'SCHEMA_CHANGES<<EOF';
echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json;
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV
echo 'EOF';
} >> "$GITHUB_ENV"
echo 'EOF' >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
@@ -109,188 +120,10 @@ jobs:
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar provider binaries
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
pulumi-gen-${{ env.PROVIDER}}
- name: Upload artifacts
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
env:
CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
build_sdks:
needs: prerequisites
runs-on: pulumi-ubuntu-8core
strategy:
fail-fast: ${{ ! contains(github.actor, 'renovate') }}
matrix:
language:
- nodejs
- python
- dotnet
- go
- java
name: build_sdks
permissions:
pull-requests: write # For Renovate SDK updates.
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin
- name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Generate SDK
run: make generate_${{ matrix.language }}
- name: Build SDK
run: make build_${{ matrix.language }}
- name: Check worktree clean
id: worktreeClean
uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
@@ -320,14 +153,7 @@ jobs:
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
@@ -336,7 +162,153 @@ jobs:
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar provider binaries
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
pulumi-gen-${{ env.PROVIDER}}
- name: Upload artifacts
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
with:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
build_sdks:
needs: prerequisites
runs-on: pulumi-ubuntu-8core
strategy:
fail-fast: ${{ ! contains(github.actor, 'renovate') }}
matrix:
language:
- nodejs
- python
- dotnet
- go
- java
name: build_sdks
steps:
- name: Checkout Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
- name: Install Go
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download provider + tfgen binaries
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: UnTar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin
- name: Restore Binary Permissions
run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Generate SDK
run: make generate_${{ matrix.language }}
- name: Build SDK
run: make build_${{ matrix.language }}
- name: Check worktree clean
id: worktreeClean
uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -354,8 +326,6 @@ jobs:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
test:
runs-on: pulumi-ubuntu-8core
needs:
@@ -373,64 +343,53 @@ jobs:
name: test
permissions:
contents: read
id-token: write # For ESC secrets and Pulumi access token OIDC.
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
- name: Download provider + tfgen binaries
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
@@ -442,7 +401,7 @@ jobs:
-exec chmod +x {} \;
- name: Download SDK
if: ${{ matrix.language != 'yaml' }}
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -451,7 +410,7 @@ jobs:
run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
github.workspace}}/sdk/${{ matrix.language}}
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- name: Install Node dependencies
run: yarn global add typescript
- run: dotnet nuget add source ${{ github.workspace }}/nuget
@@ -470,13 +429,13 @@ jobs:
requested-token-type: urn:pulumi:token-type:access_token:organization
export-environment-variables: false
- name: Export AWS Credentials
uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0
uses: pulumi/esc-action@41fd832f44f4820124b5350b5f84a00f741f234e # v1.3.0
env:
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
with:
environment: logins/pulumi-ci
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
uses: google-github-actions/auth@71f986410dfbc7added4569d411d040a91dc6935 # v2.1.8
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
@@ -484,7 +443,7 @@ jobs:
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
uses: google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a # v2.1.4
with:
install_components: gke-gcloud-auth-plugin
- name: Install gotestfmt
@@ -497,8 +456,6 @@ jobs:
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -506,38 +463,22 @@ jobs:
author_name: Failure in SDK tests
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish:
runs-on: ubuntu-latest
needs: test
name: publish
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
@@ -551,31 +492,25 @@ jobs:
swap-storage: true
large-packages: false
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
aws-secret-access-key: ${{ steps.esc-secrets.outputs.AWS_SECRET_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-external-id: upload-pulumi-release
role-to-assume: ${{ steps.esc-secrets.outputs.AWS_UPLOAD_ROLE_ARN }}
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
env:
GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
AZURE_SIGNING_CLIENT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET == '' && steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI == '' }}
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
with:
args: -p 3 -f .goreleaser.prerelease.yml --clean --skip=validate --timeout 60m0s
version: latest
@@ -586,68 +521,52 @@ jobs:
author_name: Failure in publishing binaries
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish_sdk:
runs-on: ubuntu-latest
needs: publish
name: publish_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: ci-scripts
repository: pulumi/scripts
- run: echo "ci-scripts" >> .git/info/exclude
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Download python SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: python-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -655,7 +574,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
${{github.workspace}}/sdk/python
- name: Download dotnet SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: dotnet-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -663,7 +582,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
${{github.workspace}}/sdk/dotnet
- name: Download nodejs SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -675,11 +594,8 @@ jobs:
- name: Publish SDKs
run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
env:
NUGET_PUBLISH_KEY: ${{ steps.esc-secrets.outputs.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ steps.esc-secrets.outputs.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
PYPI_PUBLISH_ARTIFACTS: all
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ steps.esc-secrets.outputs.PYPI_API_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -687,86 +603,14 @@ jobs:
author_name: Failure in publishing SDK
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish_java_sdk:
runs-on: ubuntu-latest
continue-on-error: true
needs: publish
name: publish_java_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
with:
gradle-version: "7.6"
- name: Download java SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: java-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress java SDK
run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C
${{github.workspace}}/sdk/java
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
with:
gradle-version: "7.6"
- name: Publish Java SDK
run: gradle -p ./sdk/java publishToSonatype closeAndReleaseSonatypeStagingRepository
env:
PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }}
SIGNING_KEY_ID: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_PASSWORD: ${{ steps.esc-secrets.outputs.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ steps.esc-secrets.outputs.OSSRH_USERNAME }}
publish_go_sdk:
runs-on: ubuntu-latest
name: publish-go-sdk
needs: publish_sdk
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- id: version
@@ -774,10 +618,59 @@ jobs:
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
- name: Install Go
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Java
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download java SDK
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: java-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress java SDK
run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C
${{github.workspace}}/sdk/java
- name: Publish Java SDK
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }}
with:
arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository
build-root-directory: ./sdk/java
gradle-version: 7.4.1
publish_go_sdk:
runs-on: ubuntu-latest
name: publish-go-sdk
needs: publish_sdk
steps:
- name: Checkout Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
- name: Download go SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: go-sdk.tar.gz
path: ${{ github.workspace}}/sdk/

42
.github/workflows/pull-request.yml vendored
View File

@@ -3,14 +3,52 @@
name: pull-request
on:
pull_request_target: {}
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PROVIDER: docker-build
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
TRAVIS_OS_NAME: linux
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
GOVERSION: 1.21.x
NODEVERSION: 20.x
PYTHONVERSION: "3.11"
DOTNETVERSION: 8.0.x
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT: pulumi-ci-gcp-provider
GOOGLE_PROJECT_NUMBER: "895284651812"
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
jobs:
comment-on-pr:
runs-on: ubuntu-latest
name: comment-on-pr
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- name: Comment PR

442
.github/workflows/release.yml vendored
View File

@@ -7,18 +7,43 @@ on:
- v*.*.*
- "!v*.*.*-**"
env:
AZURE_SIGNING_CLIENT_ID: ${{ secrets.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ secrets.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ secrets.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ secrets.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ secrets.AZURE_SIGNING_CLIENT_ID == '' &&
secrets.AZURE_SIGNING_CLIENT_SECRET == '' && secrets.AZURE_SIGNING_TENANT_ID
== '' && secrets.AZURE_SIGNING_KEY_VAULT_URI == '' }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PROVIDER: docker-build
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
TRAVIS_OS_NAME: linux
GOVERSION: "1.21.x"
NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x"
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
GOVERSION: 1.21.x
NODEVERSION: 20.x
PYTHONVERSION: "3.11"
DOTNETVERSION: 8.0.x
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -27,49 +52,34 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
jobs:
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
permissions:
id-token: write # For ESC secrets.
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/schema-tools
- name: Build codegen binaries
@@ -79,15 +89,13 @@ jobs:
- if: github.event_name == 'pull_request'
name: Check Schema is Valid
run: >-
{
echo 'SCHEMA_CHANGES<<EOF';
echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json;
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV
echo 'EOF';
} >> "$GITHUB_ENV"
echo 'EOF' >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
@@ -112,13 +120,11 @@ jobs:
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
@@ -147,23 +153,16 @@ jobs:
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -178,15 +177,10 @@ jobs:
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
env:
CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -194,8 +188,6 @@ jobs:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
build_sdks:
needs: prerequisites
runs-on: pulumi-ubuntu-8core
@@ -209,66 +201,52 @@ jobs:
- go
- java
name: build_sdks
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
- name: Download provider + tfgen binaries
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
@@ -288,13 +266,11 @@ jobs:
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
@@ -323,23 +299,16 @@ jobs:
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -357,8 +326,6 @@ jobs:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
test:
runs-on: pulumi-ubuntu-8core
needs:
@@ -376,64 +343,53 @@ jobs:
name: test
permissions:
contents: read
id-token: write # For ESC secrets.
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
- name: Download provider + tfgen binaries
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
@@ -445,7 +401,7 @@ jobs:
-exec chmod +x {} \;
- name: Download SDK
if: ${{ matrix.language != 'yaml' }}
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -454,7 +410,7 @@ jobs:
run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
github.workspace}}/sdk/${{ matrix.language}}
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- name: Install Node dependencies
run: yarn global add typescript
- run: dotnet nuget add source ${{ github.workspace }}/nuget
@@ -473,13 +429,13 @@ jobs:
requested-token-type: urn:pulumi:token-type:access_token:organization
export-environment-variables: false
- name: Export AWS Credentials
uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0
uses: pulumi/esc-action@41fd832f44f4820124b5350b5f84a00f741f234e # v1.3.0
env:
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
with:
environment: logins/pulumi-ci
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
uses: google-github-actions/auth@71f986410dfbc7added4569d411d040a91dc6935 # v2.1.8
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
@@ -487,7 +443,7 @@ jobs:
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
uses: google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a # v2.1.4
with:
install_components: gke-gcloud-auth-plugin
- name: Install gotestfmt
@@ -500,8 +456,6 @@ jobs:
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
env:
GTIHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -509,38 +463,22 @@ jobs:
author_name: Failure in SDK tests
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish:
runs-on: ubuntu-latest
needs: test
name: publish
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
@@ -554,31 +492,25 @@ jobs:
swap-storage: true
large-packages: false
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4.1.0
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
aws-secret-access-key: ${{ steps.esc-secrets.outputs.AWS_SECRET_ACCESS_KEY }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-external-id: upload-pulumi-release
role-to-assume: ${{ steps.esc-secrets.outputs.AWS_UPLOAD_ROLE_ARN }}
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
env:
GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
AZURE_SIGNING_CLIENT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_KEY_VAULT_URI: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI }}
SKIP_SIGNING: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET == '' && steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI == '' }}
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
with:
args: -p 3 release --clean --timeout 60m0s
version: latest
@@ -589,68 +521,52 @@ jobs:
author_name: Failure in publishing binaries
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish_sdk:
runs-on: ubuntu-latest
needs: publish
name: publish_sdks
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: ci-scripts
repository: pulumi/scripts
- run: echo "ci-scripts" >> .git/info/exclude
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Download python SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: python-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -658,7 +574,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
${{github.workspace}}/sdk/python
- name: Download dotnet SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: dotnet-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -666,7 +582,7 @@ jobs:
run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
${{github.workspace}}/sdk/dotnet
- name: Download nodejs SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -678,11 +594,8 @@ jobs:
- name: Publish SDKs
run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
env:
NUGET_PUBLISH_KEY: ${{ steps.esc-secrets.outputs.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ steps.esc-secrets.outputs.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
PYPI_PUBLISH_ARTIFACTS: all
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ steps.esc-secrets.outputs.PYPI_API_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -690,86 +603,14 @@ jobs:
author_name: Failure in publishing SDK
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish_java_sdk:
runs-on: ubuntu-latest
continue-on-error: true
needs: publish
name: publish_java_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
with:
gradle-version: "7.6"
- name: Download java SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
with:
name: java-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress java SDK
run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C
${{github.workspace}}/sdk/java
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
with:
gradle-version: "7.6"
- name: Publish Java SDK
run: gradle -p ./sdk/java publishToSonatype closeAndReleaseSonatypeStagingRepository
env:
PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }}
SIGNING_KEY_ID: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_PASSWORD: ${{ steps.esc-secrets.outputs.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ steps.esc-secrets.outputs.OSSRH_USERNAME }}
publish_go_sdk:
runs-on: ubuntu-latest
name: publish-go-sdk
needs: publish_sdk
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- id: version
@@ -777,10 +618,59 @@ jobs:
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
- name: Install Go
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Java
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download java SDK
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: java-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress java SDK
run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C
${{github.workspace}}/sdk/java
- name: Publish Java SDK
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }}
with:
arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository
build-root-directory: ./sdk/java
gradle-version: 7.4.1
publish_go_sdk:
runs-on: ubuntu-latest
name: publish-go-sdk
needs: publish_sdk
steps:
- name: Checkout Repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
- name: Download go SDK
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: go-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -800,30 +690,14 @@ jobs:
dispatch_docs_build:
runs-on: ubuntu-latest
needs: publish_go_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Dispatch Event
run: pulumictl create docs-build pulumi-${{ env.PROVIDER }}
"${GITHUB_REF#refs/tags/}"
${GITHUB_REF#refs/tags/}
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
name: dispatch_docs_build

54
.github/workflows/release_command.yml vendored
View File

@@ -1,54 +0,0 @@
# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt
name: release-command
on:
repository_dispatch:
types:
- release-command
jobs:
should_release:
name: Should release PR
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- name: Should release PR
uses: pulumi/action-release-by-pr-label@main
with:
command: "should-release"
repo: ${{ github.repository }}
pr: ${{ github.event.client_payload.pull_request.number }}
version: ${{ github.event.client_payload.slash_command.args.all }}
slack_channel: ${{ steps.esc-secrets.outputs.RELEASE_OPS_STAGING_SLACK_CHANNEL }}
env:
RELEASE_BOT_ENDPOINT: ${{ steps.esc-secrets.outputs.RELEASE_BOT_ENDPOINT }}
RELEASE_BOT_KEY: ${{ steps.esc-secrets.outputs.RELEASE_BOT_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure()
name: Notify failure
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
body: |
"release command failed: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"
- if: success()
name: Notify success
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
comment-id: ${{ github.event.client_payload.github.payload.comment.id }}
reaction-type: hooray

262
.github/workflows/run-acceptance-tests.yml vendored
View File

@@ -10,18 +10,36 @@ on:
- CHANGELOG.md
workflow_dispatch: {}
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PROVIDER: docker-build
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
TRAVIS_OS_NAME: linux
GOVERSION: "1.21.x"
NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x"
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
GOVERSION: 1.21.x
NODEVERSION: 20.x
PYTHONVERSION: "3.11"
DOTNETVERSION: 8.0.x
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -33,71 +51,51 @@ env:
PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }}
jobs:
comment-notification:
if: github.event_name == 'repository_dispatch'
runs-on: ubuntu-latest
name: comment-notification
steps:
- name: Create URL to the run output
id: vars
run: echo
run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
>> "$GITHUB_OUTPUT"
- name: Update with Result
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
with:
token: ${{ secrets.PULUMI_BOT_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
body: "Please view the PR build: ${{ steps.vars.outputs.run-url }}"
if: github.event_name == 'repository_dispatch'
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- name: Create URL to the run output
id: vars
run: echo
"run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"
>> "$GITHUB_OUTPUT"
- name: Update with Result
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
body: "Please view the PR build: ${{ steps.vars.outputs.run-url }}"
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
permissions:
id-token: write # For ESC secrets.
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/schema-tools
- name: Build codegen binaries
@@ -107,15 +105,13 @@ jobs:
- if: github.event_name == 'pull_request'
name: Check Schema is Valid
run: >-
{
echo 'SCHEMA_CHANGES<<EOF';
echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json;
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV
echo 'EOF';
} >> "$GITHUB_ENV"
echo 'EOF' >> $GITHUB_ENV
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
@@ -140,13 +136,11 @@ jobs:
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
@@ -175,23 +169,16 @@ jobs:
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -206,15 +193,10 @@ jobs:
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
env:
ARM_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.ARM_CLIENT_SECRET }}
DIGITALOCEAN_TOKEN: ${{ steps.esc-secrets.outputs.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ steps.esc-secrets.outputs.DOCKER_HUB_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
env:
CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -222,8 +204,6 @@ jobs:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
build_sdks:
@@ -239,68 +219,54 @@ jobs:
- go
- java
name: build_sdks
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
ref: ${{ env.PR_COMMIT_SHA }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
- name: Download provider + tfgen binaries
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
@@ -320,13 +286,11 @@ jobs:
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
@@ -355,22 +319,16 @@ jobs:
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
@@ -389,8 +347,6 @@ jobs:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
test:
@@ -413,63 +369,52 @@ jobs:
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
ref: ${{ env.PR_COMMIT_SHA }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0
with:
gradle-version: "7.6"
- name: Download provider
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
- name: Download provider + tfgen binaries
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
@@ -481,7 +426,7 @@ jobs:
-exec chmod +x {} \;
- name: Download SDK
if: ${{ matrix.language != 'yaml' }}
uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # v4.2.1
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
@@ -490,7 +435,7 @@ jobs:
run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
github.workspace}}/sdk/${{ matrix.language}}
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- name: Install Node dependencies
run: yarn global add typescript
- run: dotnet nuget add source ${{ github.workspace }}/nuget
@@ -509,13 +454,13 @@ jobs:
requested-token-type: urn:pulumi:token-type:access_token:organization
export-environment-variables: false
- name: Export AWS Credentials
uses: pulumi/esc-action@efb0bc8946938f0dfbfa00e829196ec95f0d0ea7 # v1.4.0
uses: pulumi/esc-action@41fd832f44f4820124b5350b5f84a00f741f234e # v1.3.0
env:
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
with:
environment: logins/pulumi-ci
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
uses: google-github-actions/auth@71f986410dfbc7added4569d411d040a91dc6935 # v2.1.8
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
@@ -523,7 +468,7 @@ jobs:
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
uses: google-github-actions/setup-gcloud@77e7a554d41e2ee56fc945c52dfd3f33d12def9a # v2.1.4
with:
install_components: gke-gcloud-auth-plugin
- name: Install gotestfmt
@@ -536,8 +481,6 @@ jobs:
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.0
@@ -545,29 +488,12 @@ jobs:
author_name: Failure in SDK tests
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
sentinel:
runs-on: ubuntu-latest
name: sentinel
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- name: Mark workflow as successful
uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 # v1.1.13
with:
@@ -578,7 +504,6 @@ jobs:
sha: ${{ github.event.pull_request.head.sha || github.sha }}
permissions:
statuses: write
id-token: write # For ESC secrets.
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
needs:
@@ -589,13 +514,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
persist-credentials: false
ref: ${{ env.PR_COMMIT_SHA }}
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
@@ -606,7 +531,8 @@ jobs:
uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
with:
version: ${{ env.GOLANGCI_LINT_VERSION }}
working-directory: .
args: -c ../.golangci.yml
working-directory: provider
name: lint
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository

68
.github/workflows/weekly-pulumi-update.yml vendored
View File

@@ -8,17 +8,34 @@ on:
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PROVIDER: docker-build
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
TRAVIS_OS_NAME: linux
GOVERSION: "1.21.x"
NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x"
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
GOVERSION: 1.21.x
NODEVERSION: 20.x
PYTHONVERSION: "3.11"
DOTNETVERSION: 8.0.x
JAVAVERSION: "11"
ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
AWS_REGION: us-west-2
AZURE_LOCATION: westus
DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
@@ -27,59 +44,38 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
jobs:
weekly-pulumi-update:
runs-on: ubuntu-latest
permissions: write-all
steps:
- name: Checkout Repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
lfs: true
- name: Install Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
uses: jaxxstorm/action-install-gh-release@4304621e8c48d66093a8a214af5d5b5bc3b3d943 # v2.0.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@cc7494be991dba0978f7ffafaf995b0449a0998e # v6.5.0
uses: pulumi/actions@9519177da243fd32cab35cdbf19cce1ab7472fcc # v6.2.0
- name: Setup DotNet
uses: actions/setup-dotnet@d4c94342e560b34958eacfc5d055d21461ed1c5d # v5.0.0
uses: actions/setup-dotnet@67a3573c9a986a3f9c594539f4ab511d57bb3ce9 # v4.3.1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup Python
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
with:
java-version: ${{ env.JAVAVERSION }}
distribution: temurin
cache: gradle
- name: Setup Gradle
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
with:
gradle-version: "7.6"
- name: Update Pulumi/Pulumi
id: gomod
run: >-
@@ -89,7 +85,7 @@ jobs:
git checkout -b update-pulumi/${{ github.run_id }}-${{ github.run_number }}
find . -name go.mod -execdir sh -c 'go get github.com/pulumi/pulumi/pkg/v3 github.com/pulumi/pulumi/sdk/v3; go mod tidy' \;
for MODFILE in $(find . -name go.mod); do pushd $(dirname $MODFILE); go get github.com/pulumi/pulumi/pkg/v3 github.com/pulumi/pulumi/sdk/v3; go mod tidy; popd; done
gh repo view pulumi/pulumi --json latestRelease --jq .latestRelease.tagName | sed 's/^v//' > .pulumi.version
@@ -136,7 +132,7 @@ jobs:
# See https://github.com/cli/cli/issues/6485#issuecomment-2560935183 for --head workaround
gh pr create -t "$msg" -b "$msg" --head "$(git branch --show-current)"
gh pr create -t "$msg" -b "$msg" --head $(git branch --show-current)
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
name: weekly-pulumi-update

2
.pulumi.version
View File

@@ -1 +1 @@
3.192.0
3.153.1

71
CHANGELOG.md
View File

@@ -1,71 +1,10 @@
## Unreleased
## Changed
- Arguments `CacheFromGitHubActions.URL` and `CacheFromGitHubActions.Token` have been removed. If the previous behaviour is desired, set the `ACTIONS_CACHE_URL` and `ACTIONS_RUNTIME_TOKEN` environment variables. (https://github.com/pulumi/pulumi-docker-build/issues/75)
## 0.0.14 (2025-09-30)
### Fixed
- A warning is no longer emitted for the reserved `__internal` key. (https://github.com/pulumi/pulumi-docker-build/issues/579)
## 0.0.13 (2025-08-27)
### Changed
- Docker Build Cloud and `exec` errors are more helpful. (https://github.com/pulumi/pulumi-docker-build/issues/549)
### Fixed
- The provider is no longer replaced on version changes. (https://github.com/pulumi/pulumi-docker-build/issues/581)
## 0.0.12 (2025-05-16)
### Changed
- Upgraded pulumi-go-provider to v1.0.0-rc2.
### Fixed
- Builds now respect cancellation. (https://github.com/pulumi/pulumi-docker-build/issues/533, https://github.com/pulumi/pulumi-docker-build/pull/522)
## 0.0.11 (2025-04-11)
### Changed
- Upgraded buildx from 0.18.0 to 0.20.1 to remain compatible with upcoming
changes to GitHub Actions. (https://github.com/pulumi/pulumi-docker-build/pull/519)
### Fixed
- Upgrading docker-build no longer causes resource replacements. (<https://github.com/pulumi/pulumi-docker-build/issues/404>)
- Fixed a panic that could occur in `exec` mode. (https://github.com/pulumi/pulumi-docker-build/issues/482)
- The default GitHub Actions cache scope is now correctly set as `buildkit`. (https://github.com/pulumi/pulumi-docker-build/issues/496)
## 0.0.10 (2025-01-27)
### Changed
- Windows binaries are now signed. (https://github.com/pulumi/pulumi-docker-build/pull/429)
## 0.0.9 (2025-01-16)
### Changed
- Upgraded pulumi-go-provider to v0.24.1. (https://github.com/pulumi/pulumi-docker-build/pull/413)
### Fixed
- `ACTIONS_RUNTIME_TOKEN` is now correctly marked as a secret. (https://github.com/pulumi/pulumi-docker-build/issues/403)
## 0.0.8 (2024-12-10)
### Added
- Multiple exports are now allowed if the build daemon is detected to have
version 0.13 of Buildkit or newer.
(https://github.com/pulumi/pulumi-docker-build/issues/21)
version 0.13 of Buildkit or newer. (<https://github.com/pulumi/pulumi-docker-build/issues/21>)
- Use 'buildkit' as default scope (<https://github.com/pulumi/pulumi-docker-build/pull/516>)
### Changed
@@ -73,8 +12,10 @@
### Fixed
- Custom `# syntax=` directives no longer cause validation errors.
(https://github.com/pulumi/pulumi-docker-build/issues/300)
- Custom `# syntax=` directives no longer cause validation errors. (<https://github.com/pulumi/pulumi-docker-build/issues/300>)
- Upgrading docker-build no longer causes resource replacements. (<https://github.com/pulumi/pulumi-docker-build/issues/404>)
- Fixed leaking the GitHub actions secret in diff logs. (<https://github.com/pulumi/pulumi-docker-build/issues/403>)
- Provider panics when using Image resource with exec set to true. (<https://github.com/pulumi/pulumi-docker-build/issues/482>)
## 0.0.7 (2024-10-16)

59
Makefile
View File

@@ -17,9 +17,8 @@ WORKING_DIR := $(shell pwd)
EXAMPLES_DIR := ${WORKING_DIR}/examples/yaml
TESTPARALLELISM := 4
PULUMI := pulumi
GOGLANGCILINT := golangci-lint
GOTEST := go test
PULUMI := bin/pulumi
GOGLANGCILINT := bin/golangci-lint
# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable
# Local & branch builds will just used this fixed default version unless specified
@@ -47,10 +46,10 @@ provider_debug::
(cd provider && go build -o $(WORKING_DIR)/bin/${PROVIDER} -gcflags="all=-N -l" -ldflags "-X ${PROJECT}/${VERSION_PATH}=${VERSION_GENERIC}" $(PROJECT)/${PROVIDER_PATH}/cmd/$(PROVIDER))
test_provider:: # Required by CI
${GOTEST} -short -v -coverprofile="coverage.txt" -coverpkg=./provider/... -timeout 2h -parallel ${TESTPARALLELISM} ./provider/...
go test -short -v -coverprofile="coverage.txt" -coverpkg=./provider/... -timeout 2h -parallel ${TESTPARALLELISM} ./provider/...
test_examples: install_nodejs_sdk install_dotnet_sdk
${GOTEST} -short -v -cover -tags=all -timeout 2h -parallel ${TESTPARALLELISM} ./examples/...
go test -short -v -cover -tags=all -timeout 2h -parallel ${TESTPARALLELISM} ./examples/...
test_all:: test_provider test_examples
@@ -64,26 +63,38 @@ examples/yaml:
rm -rf ${WORKING_DIR}/examples/yaml/app
cp -r ${WORKING_DIR}/examples/app ${WORKING_DIR}/examples/yaml/app
examples/go: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/go: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,go)
@git checkout examples/go/go.mod
examples/nodejs: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/nodejs: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,nodejs)
@git checkout examples/nodejs/package.json
examples/python: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/python: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,python)
@git checkout examples/python/requirements.txt
examples/dotnet: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/dotnet: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,dotnet)
@git checkout examples/dotnet/provider-docker-build.csproj
examples/java: bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
examples/java: ${PULUMI} bin/${PROVIDER} ${WORKING_DIR}/examples/yaml/Pulumi.yaml
$(call example,java)
@git checkout examples/java/pom.xml
${PULUMI}: go.sum
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi/pkg/v3/cmd/pulumi
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi/sdk/go/pulumi-language-go/v3
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi/sdk/nodejs/cmd/pulumi-language-nodejs/v3
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi/sdk/python/cmd/pulumi-language-python/v3
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi-java/pkg/cmd/pulumi-language-java
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet
GOBIN=${WORKING_DIR}/bin go install github.com/pulumi/pulumi-yaml/cmd/pulumi-converter-yaml
${GOGLANGCILINT}: go.sum
GOBIN=${WORKING_DIR}/bin go install github.com/golangci/golangci-lint/cmd/golangci-lint
define pulumi_login
export PULUMI_CONFIG_PASSPHRASE=asdfqwerty1234; \
pulumi login --local;
@@ -91,7 +102,7 @@ endef
define example
rm -rf ${WORKING_DIR}/examples/$(1)
pulumi convert \
$(PULUMI) convert \
--cwd ${WORKING_DIR}/examples/yaml \
--logtostderr \
--generate-only \
@@ -129,7 +140,7 @@ build:: provider sdk/dotnet sdk/go sdk/nodejs sdk/python sdk/java ${SCHEMA_PATH}
only_build:: build
.PHONY: lint
lint:
lint: ${GOGLANGCILINT}
${GOGLANGCILINT} run --fix -c .golangci.yml
install:: install_nodejs_sdk install_dotnet_sdk
@@ -176,7 +187,7 @@ generate_dotnet: sdk/dotnet # Required by CI
build_dotnet: # Required by CI
${SCHEMA_PATH}: bin/${PROVIDER}
pulumi package get-schema ./bin/${PROVIDER} | jq 'del(.version)' > $(SCHEMA_PATH)
pulumi package get-schema bin/${PROVIDER} | jq 'del(.version)' > $(SCHEMA_PATH)
bin/${PROVIDER}: $(shell find ./provider -name '*.go') go.mod
(cd provider && go build -o ../bin/${PROVIDER} -ldflags "-X ${PROJECT}/${VERSION_PATH}=${VERSION_GENERIC}" $(PROJECT)/${PROVIDER_PATH}/cmd/$(PROVIDER))
@@ -194,9 +205,9 @@ sdk: sdk/python sdk/nodejs sdk/java sdk/python sdk/go sdk/dotnet
.PHONY: sdk/*
sdk/python: TMPDIR := $(shell mktemp -d)
sdk/python: bin/${PROVIDER}
sdk/python: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/python
$(PULUMI) package gen-sdk ./bin/$(PROVIDER) --language python -o ${TMPDIR}
$(PULUMI) package gen-sdk bin/$(PROVIDER) --language python -o ${TMPDIR}
cp README.md ${TMPDIR}/python/
cd ${TMPDIR}/python/ && \
rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \
@@ -207,9 +218,9 @@ sdk/python: bin/${PROVIDER}
mv -f ${TMPDIR}/python ${WORKING_DIR}/sdk/.
sdk/nodejs: TMPDIR := $(shell mktemp -d)
sdk/nodejs: bin/${PROVIDER}
sdk/nodejs: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/nodejs
$(PULUMI) package gen-sdk ./bin/$(PROVIDER) --language nodejs -o ${TMPDIR}
$(PULUMI) package gen-sdk bin/$(PROVIDER) --language nodejs -o ${TMPDIR}
cp README.md LICENSE ${TMPDIR}/nodejs
cd ${TMPDIR}/nodejs/ && \
yarn install && \
@@ -219,9 +230,9 @@ sdk/nodejs: bin/${PROVIDER}
sdk/go: TMPDIR := $(shell mktemp -d)
sdk/go: PATH := "$(WORKING_DIR)/bin:$(PATH)"
sdk/go: bin/${PROVIDER}
sdk/go: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/go
PATH=$(PATH) $(PULUMI) package gen-sdk ./bin/$(PROVIDER) --language go -o ${TMPDIR}
PATH=$(PATH) $(PULUMI) package gen-sdk bin/$(PROVIDER) --language go -o ${TMPDIR}
cp go.mod ${TMPDIR}/go/dockerbuild/go.mod
cd ${TMPDIR}/go/dockerbuild && \
go mod edit -module=github.com/pulumi/pulumi-${PACK}/${PACKDIR}/go/dockerbuild && \
@@ -229,9 +240,9 @@ sdk/go: bin/${PROVIDER}
mv -f ${TMPDIR}/go ${WORKING_DIR}/sdk/go
sdk/dotnet: TMPDIR := $(shell mktemp -d)
sdk/dotnet: bin/${PROVIDER}
sdk/dotnet: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/dotnet
$(PULUMI) package gen-sdk ./bin/${PROVIDER} --language dotnet -o ${TMPDIR}
$(PULUMI) package gen-sdk bin/${PROVIDER} --language dotnet -o ${TMPDIR}
cd ${TMPDIR}/dotnet/ && \
echo "$(VERSION_GENERIC)" > version.txt && \
dotnet build
@@ -239,9 +250,9 @@ sdk/dotnet: bin/${PROVIDER}
sdk/java: PACKAGE_VERSION := $(shell pulumictl convert-version --language generic -v "$(VERSION_GENERIC)")
sdk/java: TMPDIR := $(shell mktemp -d)
sdk/java: bin/${PROVIDER}
sdk/java: $(PULUMI) bin/${PROVIDER}
rm -rf sdk/java
$(PULUMI) package gen-sdk --language java ./bin/${PROVIDER} -o ${TMPDIR}
$(PULUMI) package gen-sdk --language java bin/${PROVIDER} -o ${TMPDIR}
cd ${TMPDIR}/java/ && gradle --console=plain build
mv -f ${TMPDIR}/java ${WORKING_DIR}/sdk/.
@@ -300,6 +311,6 @@ sign-goreleaser-exe-%: bin/jsign-6.0.jar
# - Run make ci-mgmt to apply the change locally.
#
ci-mgmt: .ci-mgmt.yaml
go run github.com/pulumi/ci-mgmt/provider-ci@master generate
go run github.com/pulumi/ci-mgmt/provider-ci@e3a00c6fa872560ede29a9c0e932cd1fd74eadaf generate
.PHONY: ci-mgmt
fi

428
docs/_index.md
View File

@@ -1,428 +0,0 @@
---
title: Docker Build
meta_desc: Provides an overview of the Docker Build Provider for Pulumi.
layout: package
---
The Docker Build provider leverages [buildx and BuildKit](https://docs.docker.com/build/architecture/) to build modern Docker images with Pulumi.
Not to be confused with the earlier
[Docker](../docker) provider, which is still
appropriate for managing resources unrelated to building images.
| Provider | Use cases |
| ---------------- | ----------------------------------------------------------------------- |
| `@pulumi/docker-build` | Anything related to building images with `docker build`. |
| `@pulumi/docker` | Everything else -- including running containers and creating networks. |
## Example
If your Pulumi program has a directory called `app` alongside it, containing a
file named "Dockerfile" (which can be as simple as `FROM alpine` for the
purpose of example), then the code below shows how to build a multi-platform
image, publish it to a remote AWS ECR registry, and use an [inline
cache](https://docs.docker.com/build/cache/backends/inline/) to speed up
subsequent builds.
{{< chooser language "typescript,python,csharp,go,yaml,java" / >}}
{{% choosable language typescript %}}
```typescript
import * as aws from "@pulumi/aws";
import * as docker_build from "@pulumi/docker-build";
// Create an ECR repository for pushing.
const ecrRepository = new aws.ecr.Repository("ecr-repository", {});
// Grab auth credentials for ECR.
const authToken = aws.ecr.getAuthorizationTokenOutput({
registryId: ecrRepository.registryId,
});
// Build and push an image to ECR with inline caching.
const myImage = new docker_build.Image("my-image", {
// Tag our image with our ECR repository's address.
tags: [pulumi.interpolate`${ecrRepository.repositoryUrl}:latest`],
context: {
location: "./app",
},
// Use the pushed image as a cache source.
cacheFrom: [{
registry: {
ref: pulumi.interpolate`${ecrRepository.repositoryUrl}:latest`,
},
}],
// Include an inline cache with our pushed image.
cacheTo: [{
inline: {},
}],
// Build a multi-platform image manifest for ARM and AMD.
platforms: [
"linux/amd64",
"linux/arm64",
],
// Push the final result to ECR.
push: true,
// Provide our ECR credentials.
registries: [{
address: ecrRepository.repositoryUrl,
password: authToken.password,
username: authToken.userName,
}],
});
// Export a ref for the pushed images so we can deploy it.
export const ref = myImage.ref;
```
{{% /choosable %}}
{{% choosable language python %}}
```python
import pulumi
import pulumi_aws as aws
import pulumi_docker_build as docker_build
# Create an ECR repository for pushing.
ecr_repository = aws.ecr.Repository("ecr-repository")
# Grab auth credentials for ECR.
auth_token = aws.ecr.get_authorization_token_output(registry_id=ecr_repository.registry_id)
# Build and push an image to ECR with inline caching.
my_image = docker_build.Image("my-image",
# Tag our image with our ECR repository's address.
tags=[ecr_repository.repository_url.apply(lambda repository_url: f"{repository_url}:latest")],
context=docker_build.BuildContextArgs(
location="./app",
),
# Use the pushed image as a cache source.
cache_from=[docker_build.CacheFromArgs(
registry=docker_build.CacheFromRegistryArgs(
ref=ecr_repository.repository_url.apply(lambda repository_url: f"{repository_url}:latest"),
),
)],
# Include an inline cache with our pushed image.
cache_to=[docker_build.CacheToArgs(
inline=docker_build.CacheToInlineArgs(),
)],
# Build a multi-platform image manifest for ARM and AMD.
platforms=[
docker_build.Platform.LINUX_AMD64,
docker_build.Platform.LINUX_ARM64,
],
# Push the final result to ECR.
push=True,
# Provide our ECR credentials.
registries=[docker_build.RegistryArgs(
address=ecr_repository.repository_url,
password=auth_token.password,
username=auth_token.user_name,
)],
)
# Export a ref for the pushed images so we can deploy it.
pulumi.export("ref", my_image.ref)
```
{{% /choosable %}}
{{% choosable language csharp %}}
```csharp
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
using DockerBuild = Pulumi.DockerBuild;
return await Deployment.RunAsync(() =>
{
// Create an ECR repository for pushing.
var ecrRepository = new Aws.Ecr.Repository("ecr-repository");
// Grab auth credentials for ECR.
var authToken = Aws.Ecr.GetAuthorizationToken.Invoke(new()
{
RegistryId = ecrRepository.RegistryId,
});
// Build and push an image to ECR with inline caching.
var myImage = new DockerBuild.Image("my-image", new()
{
// Tag our image with our ECR repository's address.
Tags = new[]
{
ecrRepository.RepositoryUrl.Apply(repositoryUrl => $"{repositoryUrl}:latest"),
},
Context = new DockerBuild.Inputs.BuildContextArgs
{
Location = "./app",
},
// Use the pushed image as a cache source.
CacheFrom = new[]
{
new DockerBuild.Inputs.CacheFromArgs
{
Registry = new DockerBuild.Inputs.CacheFromRegistryArgs
{
Ref = ecrRepository.RepositoryUrl.Apply(repositoryUrl => $"{repositoryUrl}:latest"),
},
},
},
// Include an inline cache with our pushed image.
CacheTo = new[]
{
new DockerBuild.Inputs.CacheToArgs
{
Inline = null,
},
},
// Build a multi-platform image manifest for ARM and AMD.
Platforms = new[]
{
DockerBuild.Platform.Linux_amd64,
DockerBuild.Platform.Linux_arm64,
},
// Push the final result to ECR.
Push = true,
// Provide our ECR credentials.
Registries = new[]
{
new DockerBuild.Inputs.RegistryArgs
{
Address = ecrRepository.RepositoryUrl,
Password = authToken.Apply(getAuthorizationTokenResult => getAuthorizationTokenResult.Password),
Username = authToken.Apply(getAuthorizationTokenResult => getAuthorizationTokenResult.UserName),
},
},
});
// Export a ref for the pushed images so we can deploy it.
return new Dictionary<string, object?>
{
["ref"] = myImage.Ref,
};
});
```
{{% /choosable %}}
{{% choosable language go %}}
```go
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr"
"github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Create an ECR repository for pushing.
ecrRepository, err := ecr.NewRepository(ctx, "ecr-repository", nil)
if err != nil {
return err
}
// Grab auth credentials for ECR.
authToken := ecr.GetAuthorizationTokenOutput(ctx, ecr.GetAuthorizationTokenOutputArgs{
RegistryId: ecrRepository.RegistryId,
}, nil)
// Build and push an image to ECR with inline caching.
myImage, err := dockerbuild.NewImage(ctx, "my-image", &dockerbuild.ImageArgs{
// Tag our image with our ECR repository's address.
Tags: pulumi.StringArray{
ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) {
return fmt.Sprintf("%v:latest", repositoryUrl), nil
}).(pulumi.StringOutput),
},
Context: &dockerbuild.BuildContextArgs{
Location: pulumi.String("./app"),
},
// Use the pushed image as a cache source.
CacheFrom: dockerbuild.CacheFromArray{
&dockerbuild.CacheFromArgs{
Registry: &dockerbuild.CacheFromRegistryArgs{
Ref: ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) {
return fmt.Sprintf("%v:latest", repositoryUrl), nil
}).(pulumi.StringOutput),
},
},
},
// Include an inline cache with our pushed image.
CacheTo: dockerbuild.CacheToArray{
&dockerbuild.CacheToArgs{
Inline: nil,
},
},
// Build a multi-platform image manifest for ARM and AMD.
Platforms: dockerbuild.PlatformArray{
dockerbuild.Platform_Linux_amd64,
dockerbuild.Platform_Linux_arm64,
},
// Push the final result to ECR.
Push: pulumi.Bool(true),
// Provide our ECR credentials.
Registries: dockerbuild.RegistryArray{
&dockerbuild.RegistryArgs{
Address: ecrRepository.RepositoryUrl,
Password: authToken.ApplyT(func(authToken ecr.GetAuthorizationTokenResult) (*string, error) {
return &authToken.Password, nil
}).(pulumi.StringPtrOutput),
Username: authToken.ApplyT(func(authToken ecr.GetAuthorizationTokenResult) (*string, error) {
return &authToken.UserName, nil
}).(pulumi.StringPtrOutput),
},
},
})
if err != nil {
return err
}
// Export a ref for the pushed images so we can deploy it.
ctx.Export("ref", myImage.Ref)
return nil
})
}
```
{{% /choosable %}}
{{% choosable language yaml %}}
```yaml
description: Push to AWS ECR with caching
name: ecr
outputs:
ref: ${my-image.ref}
resources:
# Create an ECR repository for pushing.
ecr-repository:
type: aws:ecr:Repository
# Build and push an image to ECR with inline caching.
my-image:
type: docker-build:Image
properties:
# Tag our image with our ECR repository's address.
tags:
- ${ecr-repository.repositoryUrl}:latest
context:
location: ./app
# Use the pushed image as a cache source.
cacheFrom:
- registry:
ref: ${ecr-repository.repositoryUrl}:latest
# Include an inline cache with our pushed image.
cacheTo:
- inline: {}
# Build a multi-platform image manifest for ARM and AMD.
platforms:
- linux/amd64
- linux/arm64
# Push the final result to ECR.
push: true
# Provide our ECR credentials.
registries:
- address: ${ecr-repository.repositoryUrl}
password: ${auth-token.password}
username: ${auth-token.userName}
runtime: yaml
variables:
auth-token:
# Grab auth credentials for ECR.
fn::aws:ecr:getAuthorizationToken:
registryId: ${ecr-repository.registryId}
```
{{% /choosable %}}
{{% choosable language java %}}
```java
package myapp;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ecr.Repository;
import com.pulumi.aws.ecr.EcrFunctions;
import com.pulumi.aws.ecr.inputs.GetAuthorizationTokenArgs;
import com.pulumi.dockerbuild.Image;
import com.pulumi.dockerbuild.ImageArgs;
import com.pulumi.dockerbuild.inputs.CacheFromArgs;
import com.pulumi.dockerbuild.inputs.CacheFromRegistryArgs;
import com.pulumi.dockerbuild.inputs.CacheToArgs;
import com.pulumi.dockerbuild.inputs.CacheToInlineArgs;
import com.pulumi.dockerbuild.inputs.BuildContextArgs;
import com.pulumi.dockerbuild.inputs.RegistryArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Create an ECR repository for pushing.
var ecrRepository = new Repository("ecrRepository");
// Grab auth credentials for ECR.
final var authToken = EcrFunctions.getAuthorizationToken(GetAuthorizationTokenArgs.builder()
.registryId(ecrRepository.registryId())
.build());
// Build and push an image to ECR with inline caching.
var myImage = new Image("myImage", ImageArgs.builder()
// Tag our image with our ECR repository's address.
.tags(ecrRepository.repositoryUrl().applyValue(repositoryUrl -> String.format("%s:latest", repositoryUrl)))
.context(BuildContextArgs.builder()
.location("./app")
.build())
// Use the pushed image as a cache source.
.cacheFrom(CacheFromArgs.builder()
.registry(CacheFromRegistryArgs.builder()
.ref(ecrRepository.repositoryUrl().applyValue(repositoryUrl -> String.format("%s:latest", repositoryUrl)))
.build())
.build())
// Include an inline cache with our pushed image.
.cacheTo(CacheToArgs.builder()
.inline()
.build())
// Build a multi-platform image manifest for ARM and AMD.
.platforms(
"linux/amd64",
"linux/arm64")
// Push the final result to ECR.
.push(true)
// Provide our ECR credentials.
.registries(RegistryArgs.builder()
.address(ecrRepository.repositoryUrl())
.password(authToken.applyValue(getAuthorizationTokenResult -> getAuthorizationTokenResult).applyValue(authToken -> authToken.applyValue(getAuthorizationTokenResult -> getAuthorizationTokenResult.password())))
.username(authToken.applyValue(getAuthorizationTokenResult -> getAuthorizationTokenResult).applyValue(authToken -> authToken.applyValue(getAuthorizationTokenResult -> getAuthorizationTokenResult.userName())))
.build())
.build());
ctx.export("ref", myImage.ref());
}
}
```
{{% /choosable %}}
{{< /chooser >}}

33
docs/installation-configuration.md
View File

@@ -1,33 +0,0 @@
---
title: Docker-Build Installation & Configuration
meta_desc: Provides an overview on how to configure the Pulumi Docker-Build Provider.
layout: package
---
The Pulumi Docker-build provider builds modern Docker images with [buildx](https://docs.docker.com/reference/cli/docker/buildx/) and [BuildKit](https://docs.docker.com/build/buildkit/).
## Installation
The Docker-Build provider is available as a package in all Pulumi languages:
* JavaScript/TypeScript: [`@pulumi/docker-build`](https://www.npmjs.com/package/@pulumi/docker-build)
* Python: [`pulumi-docker-build`](https://pypi.org/project/pulumi-docker-build/)
* Go: [`github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild`](https://github.com/pulumi/pulumi-docker-build)
* .NET: [`Pulumi.DockerBuild`](https://www.nuget.org/packages/Pulumi.DockerBuild)
* Java: [`com.pulumi/docker-build`](https://central.sonatype.com/artifact/com.pulumi/docker-build)
## Configuring The Provider
### Host
The `DOCKER_HOST` environment variable can be used to specify a custom build daemon's location.
```bash
$ export DOCKER_HOST=tcp://127.0.0.1:2376/
```
This can also be specified in your stack's configuration:
```bash
$ pulumi config set docker-build:host tcp://127.0.0.1:2376/
```

84
examples/go/go.mod
View File

@@ -1,48 +1,47 @@
module provider-docker-build
go 1.24.1
go 1.22.0
toolchain go1.24.5
toolchain go1.23.4
require (
github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.12
github.com/pulumi/pulumi/sdk/v3 v3.192.0
github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.8
github.com/pulumi/pulumi/sdk/v3 v3.153.1
)
require (
dario.cat/mergo v1.0.1 // indirect
github.com/BurntSushi/toml v1.5.0 // indirect
github.com/BurntSushi/toml v1.4.0 // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/ProtonMail/go-crypto v1.2.0 // indirect
github.com/ProtonMail/go-crypto v1.1.3 // indirect
github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da // indirect
github.com/agext/levenshtein v1.2.3 // indirect
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
github.com/atotto/clipboard v0.1.4 // indirect
github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
github.com/blang/semver v3.5.1+incompatible // indirect
github.com/charmbracelet/bubbles v0.21.0 // indirect
github.com/charmbracelet/bubbletea v1.3.4 // indirect
github.com/charmbracelet/colorprofile v0.3.0 // indirect
github.com/charmbracelet/lipgloss v1.1.0 // indirect
github.com/charmbracelet/x/ansi v0.8.0 // indirect
github.com/charmbracelet/x/cellbuf v0.0.13 // indirect
github.com/charmbracelet/x/term v0.2.1 // indirect
github.com/charmbracelet/bubbles v0.20.0 // indirect
github.com/charmbracelet/bubbletea v1.1.0 // indirect
github.com/charmbracelet/lipgloss v0.13.0 // indirect
github.com/charmbracelet/x/ansi v0.2.3 // indirect
github.com/charmbracelet/x/term v0.2.0 // indirect
github.com/cheggaaa/pb v1.0.29 // indirect
github.com/cloudflare/circl v1.6.1 // indirect
github.com/cyphar/filepath-securejoin v0.4.1 // indirect
github.com/cloudflare/circl v1.4.0 // indirect
github.com/cyphar/filepath-securejoin v0.3.6 // indirect
github.com/djherbis/times v1.6.0 // indirect
github.com/emirpasic/gods v1.18.1 // indirect
github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
github.com/go-git/go-billy/v5 v5.6.2 // indirect
github.com/go-git/go-git/v5 v5.16.0 // indirect
github.com/go-git/go-billy/v5 v5.6.1 // indirect
github.com/go-git/go-git/v5 v5.13.1 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/glog v1.2.4 // indirect
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
github.com/golang/glog v1.2.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/hcl/v2 v2.23.0 // indirect
github.com/hashicorp/hcl/v2 v2.22.0 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
github.com/kevinburke/ssh_config v1.2.0 // indirect
@@ -54,46 +53,43 @@ require (
github.com/mitchellh/go-wordwrap v1.0.1 // indirect
github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 // indirect
github.com/muesli/cancelreader v0.2.2 // indirect
github.com/muesli/termenv v0.16.0 // indirect
github.com/muesli/termenv v0.15.2 // indirect
github.com/opentracing/basictracer-go v1.1.0 // indirect
github.com/opentracing/opentracing-go v1.2.0 // indirect
github.com/pgavlin/fx v0.1.6 // indirect
github.com/pjbgf/sha1cd v0.3.2 // indirect
github.com/pjbgf/sha1cd v0.3.0 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pkg/term v1.1.0 // indirect
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect
github.com/pulumi/esc v0.17.0 // indirect
github.com/pulumi/esc v0.10.0 // indirect
github.com/rivo/uniseg v0.4.7 // indirect
github.com/rogpeppe/go-internal v1.14.1 // indirect
github.com/rogpeppe/go-internal v1.12.0 // indirect
github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 // indirect
github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
github.com/skeema/knownhosts v1.3.1 // indirect
github.com/skeema/knownhosts v1.3.0 // indirect
github.com/spf13/cast v1.5.0 // indirect
github.com/spf13/cobra v1.9.1 // indirect
github.com/spf13/pflag v1.0.6 // indirect
github.com/spf13/cobra v1.8.1 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/texttheater/golang-levenshtein v1.0.1 // indirect
github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect
github.com/uber/jaeger-lib v2.4.1+incompatible // indirect
github.com/xanzy/ssh-agent v0.3.3 // indirect
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
github.com/zclconf/go-cty v1.16.2 // indirect
go.opentelemetry.io/otel v1.36.0 // indirect
go.opentelemetry.io/otel/sdk v1.36.0 // indirect
github.com/zclconf/go-cty v1.15.0 // indirect
go.uber.org/atomic v1.11.0 // indirect
golang.org/x/crypto v0.39.0 // indirect
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 // indirect
golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.40.0 // indirect
golang.org/x/sync v0.15.0 // indirect
golang.org/x/sys v0.33.0 // indirect
golang.org/x/term v0.32.0 // indirect
golang.org/x/text v0.26.0 // indirect
golang.org/x/tools v0.33.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250519155744-55703ea1f237 // indirect
google.golang.org/grpc v1.72.1 // indirect
google.golang.org/protobuf v1.36.6 // indirect
golang.org/x/crypto v0.31.0 // indirect
golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 // indirect
golang.org/x/mod v0.21.0 // indirect
golang.org/x/net v0.33.0 // indirect
golang.org/x/sync v0.10.0 // indirect
golang.org/x/sys v0.28.0 // indirect
golang.org/x/term v0.27.0 // indirect
golang.org/x/text v0.21.0 // indirect
golang.org/x/tools v0.25.0 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
google.golang.org/grpc v1.67.1 // indirect
google.golang.org/protobuf v1.35.1 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
lukechampine.com/frand v1.5.1 // indirect
lukechampine.com/frand v1.4.2 // indirect
)

193
examples/go/go.sum
View File

@@ -1,14 +1,16 @@
dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s=
dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
github.com/BurntSushi/toml v1.5.0 h1:W5quZX/G/csjUnuI8SUYlsHs9M38FC7znL0lIO+DvMg=
github.com/BurntSushi/toml v1.5.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=
github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
github.com/HdrHistogram/hdrhistogram-go v1.1.2 h1:5IcZpTvzydCQeHzK4Ef/D5rrSqwxob0t8PQPMybUNFM=
github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo=
github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
github.com/ProtonMail/go-crypto v1.2.0 h1:+PhXXn4SPGd+qk76TlEePBfOfivE0zkWFenhGhFLzWs=
github.com/ProtonMail/go-crypto v1.2.0/go.mod h1:9whxjD8Rbs29b4XWbB8irEcE8KHMqaR2e7GWU1R+/PE=
github.com/ProtonMail/go-crypto v1.1.3 h1:nRBOetoydLeUb4nHajyO2bKqMLfWQ/ZPwkXqXxPxCFk=
github.com/ProtonMail/go-crypto v1.1.3/go.mod h1:rA3QumHc/FZ8pAHreoekgiAbzpNsfQAosU5td4SnOrE=
github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da h1:KjTM2ks9d14ZYCvmHS9iAKVt9AyzRSqNU1qabPih5BY=
github.com/aead/chacha20 v0.0.0-20180709150244-8b13a72661da/go.mod h1:eHEWzANqSiWQsof+nXEI9bUVUyV6F53Fp89EuCh2EAA=
github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo=
github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
@@ -23,35 +25,30 @@ github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiE
github.com/aymanbagabas/go-osc52/v2 v2.0.1/go.mod h1:uYgXzlJ7ZpABp8OJ+exZzJJhRNQ2ASbcXHWsFqH8hp8=
github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ=
github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
github.com/charmbracelet/bubbles v0.21.0 h1:9TdC97SdRVg/1aaXNVWfFH3nnLAwOXr8Fn6u6mfQdFs=
github.com/charmbracelet/bubbles v0.21.0/go.mod h1:HF+v6QUR4HkEpz62dx7ym2xc71/KBHg+zKwJtMw+qtg=
github.com/charmbracelet/bubbletea v1.3.4 h1:kCg7B+jSCFPLYRA52SDZjr51kG/fMUEoPoZrkaDHyoI=
github.com/charmbracelet/bubbletea v1.3.4/go.mod h1:dtcUCyCGEX3g9tosuYiut3MXgY/Jsv9nKVdibKKRRXo=
github.com/charmbracelet/colorprofile v0.3.0 h1:KtLh9uuu1RCt+Hml4s6Hz+kB1PfV3wi++1h5ia65yKQ=
github.com/charmbracelet/colorprofile v0.3.0/go.mod h1:oHJ340RS2nmG1zRGPmhJKJ/jf4FPNNk0P39/wBPA1G0=
github.com/charmbracelet/lipgloss v1.1.0 h1:vYXsiLHVkK7fp74RkV7b2kq9+zDLoEU4MZoFqR/noCY=
github.com/charmbracelet/lipgloss v1.1.0/go.mod h1:/6Q8FR2o+kj8rz4Dq0zQc3vYf7X+B0binUUBwA0aL30=
github.com/charmbracelet/x/ansi v0.8.0 h1:9GTq3xq9caJW8ZrBTe0LIe2fvfLR/bYXKTx2llXn7xE=
github.com/charmbracelet/x/ansi v0.8.0/go.mod h1:wdYl/ONOLHLIVmQaxbIYEC/cRKOQyjTkowiI4blgS9Q=
github.com/charmbracelet/x/cellbuf v0.0.13 h1:/KBBKHuVRbq1lYx5BzEHBAFBP8VcQzJejZ/IA3iR28k=
github.com/charmbracelet/x/cellbuf v0.0.13/go.mod h1:xe0nKWGd3eJgtqZRaN9RjMtK7xUYchjzPr7q6kcvCCs=
github.com/charmbracelet/x/term v0.2.1 h1:AQeHeLZ1OqSXhrAWpYUtZyX1T3zVxfpZuEQMIQaGIAQ=
github.com/charmbracelet/x/term v0.2.1/go.mod h1:oQ4enTYFV7QN4m0i9mzHrViD7TQKvNEEkHUMCmsxdUg=
github.com/charmbracelet/bubbles v0.20.0 h1:jSZu6qD8cRQ6k9OMfR1WlM+ruM8fkPWkHvQWD9LIutE=
github.com/charmbracelet/bubbles v0.20.0/go.mod h1:39slydyswPy+uVOHZ5x/GjwVAFkCsV8IIVy+4MhzwwU=
github.com/charmbracelet/bubbletea v1.1.0 h1:FjAl9eAL3HBCHenhz/ZPjkKdScmaS5SK69JAK2YJK9c=
github.com/charmbracelet/bubbletea v1.1.0/go.mod h1:9Ogk0HrdbHolIKHdjfFpyXJmiCzGwy+FesYkZr7hYU4=
github.com/charmbracelet/lipgloss v0.13.0 h1:4X3PPeoWEDCMvzDvGmTajSyYPcZM4+y8sCA/SsA3cjw=
github.com/charmbracelet/lipgloss v0.13.0/go.mod h1:nw4zy0SBX/F/eAO1cWdcvy6qnkDUxr8Lw7dvFrAIbbY=
github.com/charmbracelet/x/ansi v0.2.3 h1:VfFN0NUpcjBRd4DnKfRaIRo53KRgey/nhOoEqosGDEY=
github.com/charmbracelet/x/ansi v0.2.3/go.mod h1:dk73KoMTT5AX5BsX0KrqhsTqAnhZZoCBjs7dGWp4Ktw=
github.com/charmbracelet/x/term v0.2.0 h1:cNB9Ot9q8I711MyZ7myUR5HFWL/lc3OpU8jZ4hwm0x0=
github.com/charmbracelet/x/term v0.2.0/go.mod h1:GVxgxAbjUrmpvIINHIQnJJKpMlHiZ4cktEQCN6GWyF0=
github.com/cheggaaa/pb v1.0.29 h1:FckUN5ngEk2LpvuG0fw1GEFx6LtyY2pWI/Z2QgCnEYo=
github.com/cheggaaa/pb v1.0.29/go.mod h1:W40334L7FMC5JKWldsTWbdGjLo0RxUKK73K+TuPxX30=
github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s=
github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
github.com/cloudflare/circl v1.4.0 h1:BV7h5MgrktNzytKmWjpOtdYrf0lkkbF8YMlBGPhJQrY=
github.com/cloudflare/circl v1.4.0/go.mod h1:PDRU+oXvdD7KCtgKxW95M5Z8BpSCJXQORiZFnBQS5QU=
github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/cyphar/filepath-securejoin v0.3.6 h1:4d9N5ykBnSp5Xn2JkhocYDkOpURL/18CYMpo6xB9uWM=
github.com/cyphar/filepath-securejoin v0.3.6/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/djherbis/times v1.6.0 h1:w2ctJ92J8fBvWPxugmXIv7Nz7Q3iDMKNx9v5ocVH20c=
github.com/djherbis/times v1.6.0/go.mod h1:gOHeRAz2h+VJNZ5Gmc/o7iD9k4wW7NMVqieYCY99oc0=
github.com/elazarl/goproxy v1.7.2 h1:Y2o6urb7Eule09PjlhQRGNsqRfPmYI3KKQLFpCAV3+o=
github.com/elazarl/goproxy v1.7.2/go.mod h1:82vkLNir0ALaW14Rc399OTTjyNREgmdL2cVoIbS6XaE=
github.com/elazarl/goproxy v1.2.3 h1:xwIyKHbaP5yfT6O9KIeYJR5549MXRQkoQMRXGztz8YQ=
github.com/elazarl/goproxy v1.2.3/go.mod h1:YfEbZtqP4AetfO6d40vWchF3znWX7C7Vd6ZMfdL8z64=
github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f h1:Y/CXytFA4m6baUTXGLOoWe4PQhGxaX0KpnayAqC48p4=
@@ -65,27 +62,21 @@ github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c=
github.com/gliderlabs/ssh v0.3.8/go.mod h1:xYoytBv1sV0aL3CavoDuJIQNURXkkfPA/wxQ1pL1fAU=
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI=
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic=
github.com/go-git/go-billy/v5 v5.6.2 h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UNbRM=
github.com/go-git/go-billy/v5 v5.6.2/go.mod h1:rcFC2rAsp/erv7CMz9GczHcuD0D32fWzH+MJAU+jaUU=
github.com/go-git/go-billy/v5 v5.6.1 h1:u+dcrgaguSSkbjzHwelEjc0Yj300NUevrrPphk/SoRA=
github.com/go-git/go-billy/v5 v5.6.1/go.mod h1:0AsLr1z2+Uksi4NlElmMblP5rPcDZNRCD8ujZCRR2BE=
github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4=
github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
github.com/go-git/go-git/v5 v5.16.0 h1:k3kuOEpkc0DeY7xlL6NaaNg39xdgQbtH5mwCafHO9AQ=
github.com/go-git/go-git/v5 v5.16.0/go.mod h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8=
github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
github.com/go-git/go-git/v5 v5.13.1 h1:DAQ9APonnlvSWpvolXWIuV6Q6zXy2wHbN4cVlNR5Q+M=
github.com/go-git/go-git/v5 v5.13.1/go.mod h1:qryJB4cSBoq3FRoBRf5A77joojuBcmPJ0qu3XXXVixc=
github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
github.com/golang/glog v1.2.4 h1:CNNw5U8lSiiBk7druxtSHHTsRWcxKoac6kZKm2peBBc=
github.com/golang/glog v1.2.4/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w=
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ=
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw=
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/golang/glog v1.2.2 h1:1+mZ9upx1Dh6FmUTFR1naJ77miKiXgALjWOZ3NVFPmY=
github.com/golang/glog v1.2.2/go.mod h1:6AhwSGph0fcJtXVM/PEHPqZlFeoLxhs7/t5UDAwmO+w=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 h1:MJG/KsmcqMwFAkh8mTnAwhyKoB+sTAnY4CACC110tbU=
@@ -95,8 +86,8 @@ github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY
github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
github.com/hashicorp/hcl/v2 v2.23.0 h1:Fphj1/gCylPxHutVSEOf2fBOh1VE4AuLV7+kbJf3qos=
github.com/hashicorp/hcl/v2 v2.23.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA=
github.com/hashicorp/hcl/v2 v2.22.0 h1:hkZ3nCtqeJsDhPRFz5EA9iwcG1hNWGePOTw6oyul12M=
github.com/hashicorp/hcl/v2 v2.22.0/go.mod h1:62ZYHrXgPoX8xBnzl8QzbWq4dyDsDtfCRgIq1rbJEvA=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
@@ -135,8 +126,8 @@ github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6 h1:ZK8zHtRHOkbHy6Mmr5D
github.com/muesli/ansi v0.0.0-20230316100256-276c6243b2f6/go.mod h1:CJlz5H+gyd6CUWT45Oy4q24RdLyn7Md9Vj2/ldJBSIo=
github.com/muesli/cancelreader v0.2.2 h1:3I4Kt4BQjOR54NavqnDogx/MIoWBFa0StPA8ELUXHmA=
github.com/muesli/cancelreader v0.2.2/go.mod h1:3XuTXfFS2VjM+HTLZY9Ak0l6eUKfijIfMUZ4EgX0QYo=
github.com/muesli/termenv v0.16.0 h1:S5AlUN9dENB57rsbnkPyfdGuWIlkmzJjbFf0Tf5FWUc=
github.com/muesli/termenv v0.16.0/go.mod h1:ZRfOIKPFDYQoDFF4Olj7/QJbW60Ol/kL1pU3VfY/Cnk=
github.com/muesli/termenv v0.15.2 h1:GohcuySI0QmI3wN8Ok9PtKGkgkFIk7y6Vpb5PvrY+Wo=
github.com/muesli/termenv v0.15.2/go.mod h1:Epx+iuz8sNs7mNKhxzH4fWXGNpZwUaJKRS1noLXviQ8=
github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k=
github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY=
github.com/opentracing/basictracer-go v1.1.0 h1:Oa1fTSBvAl8pa3U+IJYqrKm0NALwH9OsgwOqDv4xJW0=
@@ -146,30 +137,27 @@ github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+
github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc=
github.com/pgavlin/fx v0.1.6 h1:r9jEg69DhNoCd3Xh0+5mIbdbS3PqWrVWujkY76MFRTU=
github.com/pgavlin/fx v0.1.6/go.mod h1:KWZJ6fqBBSh8GxHYqwYCf3rYE7Gp2p0N8tJp8xv9u9M=
github.com/pgavlin/fx/v2 v2.0.3 h1:ZBVklTFjxcWvBVPE+ti5qwnmTIQ0Gq6nuj3J5RKDtKk=
github.com/pgavlin/fx/v2 v2.0.3/go.mod h1:Cvnwqq0BopdHUJ7CU50h1XPeKrF4ZwdFj1nJLXbAjCE=
github.com/pjbgf/sha1cd v0.3.2 h1:a9wb0bp1oC2TGwStyn0Umc/IGKQnEgF0vVaZ8QF8eo4=
github.com/pjbgf/sha1cd v0.3.2/go.mod h1:zQWigSxVmsHEZow5qaLtPYxpcKMMQpa09ixqBxuCS6A=
github.com/pjbgf/sha1cd v0.3.0 h1:4D5XXmUUBUl/xQ6IjCkEAbqXskkq/4O7LmGn0AqMDs4=
github.com/pjbgf/sha1cd v0.3.0/go.mod h1:nZ1rrWOcGJ5uZgEEVL1VUM9iRQiZvWdbZjkKyFzPPsI=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/term v1.1.0 h1:xIAAdCMh3QIAy+5FrE8Ad8XoDhEU4ufwbaSozViP9kk=
github.com/pkg/term v1.1.0/go.mod h1:E25nymQcrSllhX42Ok8MRm1+hyBdHY0dCeiKZ9jpNGw=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 h1:vkHw5I/plNdTr435cARxCW6q9gc0S/Yxz7Mkd38pOb0=
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231/go.mod h1:murToZ2N9hNJzewjHBgfFdXhZKjY3z5cYC1VXk+lbFE=
github.com/pulumi/esc v0.17.0 h1:oaVOIyFTENlYDuqc3pW75lQT9jb2cd6ie/4/Twxn66w=
github.com/pulumi/esc v0.17.0/go.mod h1:XnSxlt5NkmuAj304l/gK4pRErFbtqq6XpfX1tYT9Jbc=
github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.12 h1:uzmw+0iic764m0Yvh4I/jRV1x3q49dVh5Ctq9RllsQ8=
github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.12/go.mod h1:6zFMe786NvFDO03BVJwdw1R/Yms4F6vAU49iBHo8zbQ=
github.com/pulumi/pulumi/sdk/v3 v3.192.0 h1:sfHuR3P02wSbV3xdSMEQ0+uC/HzlMz0YfKrVAXy1hSQ=
github.com/pulumi/pulumi/sdk/v3 v3.192.0/go.mod h1:aV0+c5xpSYccWKmOjTZS9liYCqh7+peu3cQgSXu7CJw=
github.com/pulumi/esc v0.10.0 h1:jzBKzkLVW0mePeanDRfqSQoCJ5yrkux0jIwAkUxpRKE=
github.com/pulumi/esc v0.10.0/go.mod h1:2Bfa+FWj/xl8CKqRTWbWgDX0SOD4opdQgvYSURTGK2c=
github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.8 h1:KOacOEorWqHIhDadPUPa0BPldstpMWnQEWLN9mjomXc=
github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.8/go.mod h1:vaaKuLQIa72p0GBE0sJ6SWXzVIeIfwk1JjqGjfEnyCU=
github.com/pulumi/pulumi/sdk/v3 v3.153.1 h1:qlkttqvoPcuxbMZd1ZfwairuYAZ68izqRnCWmpA9p84=
github.com/pulumi/pulumi/sdk/v3 v3.153.1/go.mod h1:+WC9aIDo8fMgd2g0jCHuZU2S/VYNLRAZ3QXt6YVgwaA=
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
github.com/rivo/uniseg v0.4.7 h1:WUdvkW8uEhrYfLC4ZzdpI2ztxP1I582+49Oc5Mq64VQ=
github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88=
github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06 h1:OkMGxebDjyw0ULyrTYWeN0UNCCkmCWfjPnIA2W6oviI=
github.com/sabhiram/go-gitignore v0.0.0-20210923224102-525f6e181f06/go.mod h1:+ePHsJ1keEjQtpvf9HHw0f4ZeJ0TLRsxhunSI2hYJSs=
@@ -178,14 +166,14 @@ github.com/santhosh-tekuri/jsonschema/v5 v5.3.1/go.mod h1:uToXkOrWAZ6/Oc07xWQrPO
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
github.com/skeema/knownhosts v1.3.1 h1:X2osQ+RAjK76shCbvhHHHVl3ZlgDm8apHEHFqRjnBY8=
github.com/skeema/knownhosts v1.3.1/go.mod h1:r7KTdC8l4uxWRyK2TpQZ/1o5HaSzh06ePQNxPwTcfiY=
github.com/skeema/knownhosts v1.3.0 h1:AM+y0rI04VksttfwjkSTNQorvGqmwATnvnAHpSgc0LY=
github.com/skeema/knownhosts v1.3.0/go.mod h1:sPINvnADmT/qYH1kfv+ePMmOBTH6Tbl7b5LvTDjFK7M=
github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w=
github.com/spf13/cast v1.5.0/go.mod h1:SpXXQ5YoyJw6s3/6cMTQuxvgRl3PCJiyaX9p6b155UU=
github.com/spf13/cobra v1.9.1 h1:CXSaggrXdbHK9CF+8ywj8Amf7PBRmPCOJugH954Nnlo=
github.com/spf13/cobra v1.9.1/go.mod h1:nDyEzZ8ogv936Cinf6g1RU9MRY64Ir93oCnqb9wxYW0=
github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
@@ -204,56 +192,43 @@ github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVK
github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
github.com/xanzy/ssh-agent v0.3.3 h1:+/15pJfg/RsTxqYcX6fHqOXZwwMP+2VyYWJeWM2qQFM=
github.com/xanzy/ssh-agent v0.3.3/go.mod h1:6dzNDKs0J9rVPHPhaGCukekBHKqfl+L3KghI1Bc68Uw=
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e h1:JVG44RsyaB9T2KIHavMF/ppJZNG9ZpyihvCd0w101no=
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e/go.mod h1:RbqR21r5mrJuqunuUZ/Dhy/avygyECGrLceyNeo4LiM=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/zclconf/go-cty v1.16.2 h1:LAJSwc3v81IRBZyUVQDUdZ7hs3SYs9jv0eZJDWHD/70=
github.com/zclconf/go-cty v1.16.2/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE=
go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
go.opentelemetry.io/otel v1.36.0 h1:UumtzIklRBY6cI/lllNZlALOF5nNIzJVb16APdvgTXg=
go.opentelemetry.io/otel v1.36.0/go.mod h1:/TcFMXYjyRNh8khOAO9ybYkqaDBb/70aVwkNML4pP8E=
go.opentelemetry.io/otel/metric v1.36.0 h1:MoWPKVhQvJ+eeXWHFBOPoBOi20jh6Iq2CcCREuTYufE=
go.opentelemetry.io/otel/metric v1.36.0/go.mod h1:zC7Ks+yeyJt4xig9DEw9kuUFe5C3zLbVjV2PzT6qzbs=
go.opentelemetry.io/otel/sdk v1.36.0 h1:b6SYIuLRs88ztox4EyrvRti80uXIFy+Sqzoh9kFULbs=
go.opentelemetry.io/otel/sdk v1.36.0/go.mod h1:+lC+mTgD+MUWfjJubi2vvXWcVxyr9rmlshZni72pXeY=
go.opentelemetry.io/otel/sdk/metric v1.34.0 h1:5CeK9ujjbFVL5c1PhLuStg1wxA7vQv7ce1EK0Gyvahk=
go.opentelemetry.io/otel/sdk/metric v1.34.0/go.mod h1:jQ/r8Ze28zRKoNRdkjCZxfs6YvBTG1+YIqyFVFYec5w=
go.opentelemetry.io/otel/trace v1.36.0 h1:ahxWNuqZjpdiFAyrIoQ4GIiAIhxAunQR6MUoKrsNd4w=
go.opentelemetry.io/otel/trace v1.36.0/go.mod h1:gQ+OnDZzrybY4k4seLzPAWNwVBBVlF2szhehOBB/tGA=
github.com/zclconf/go-cty v1.15.0 h1:tTCRWxsexYUmtt/wVxgDClUe+uQusuI443uL6e+5sXQ=
github.com/zclconf/go-cty v1.15.0/go.mod h1:VvMs5i0vgZdhYawQNq5kePSpLAoz8u1xvZgrPIxfnZE=
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.39.0 h1:SHs+kF4LP+f+p14esP5jAoDpHU8Gu/v9lFRK6IT5imM=
golang.org/x/crypto v0.39.0/go.mod h1:L+Xg3Wf6HoL4Bn4238Z6ft6KfEpN0tJGo53AAPC632U=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 h1:R84qjqJb5nVJMxqWYb3np9L5ZsaDtB+a39EqjV0JSUM=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0/go.mod h1:S9Xr4PYopiDyqSyp5NjCrhFrqg6A5zA2E/iPHPhqnS8=
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/exp v0.0.0-20240909161429-701f63a606c0 h1:e66Fs6Z+fZTbFBAxKfP3PALWBtpfqks2bwGcexMxgtk=
golang.org/x/exp v0.0.0-20240909161429-701f63a606c0/go.mod h1:2TbTHSBQa924w8M6Xs1QcRcFwyucIwBGpK1p2f1YFFY=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0=
golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200909081042-eff7692f9009/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -266,34 +241,34 @@ golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.33.0 h1:4qz2S3zmRxbGIhDIAgjxvFutSvH5EfnsYrRBj0UI0bc=
golang.org/x/tools v0.33.0/go.mod h1:CIJMaWEY88juyUfo7UbgPqbC8rU2OqfAV1h2Qp0oMYI=
golang.org/x/tools v0.25.0 h1:oFU9pkj/iJgs+0DT+VMHrx+oBKs/LJMV+Uvg78sl+fE=
golang.org/x/tools v0.25.0/go.mod h1:/vtpO8WL1N9cQC3FN5zPqb//fRXskFHbLKk4OW1Q7rg=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/genproto/googleapis/rpc v0.0.0-20250519155744-55703ea1f237 h1:cJfm9zPbe1e873mHJzmQ1nwVEeRDU/T1wXDK2kUSU34=
google.golang.org/genproto/googleapis/rpc v0.0.0-20250519155744-55703ea1f237/go.mod h1:qQ0YXyHHx3XkvlzUtpXDkS29lDSafHMZBAZDc03LQ3A=
google.golang.org/grpc v1.72.1 h1:HR03wO6eyZ7lknl75XlxABNVLLFc2PAb6mHlYh756mA=
google.golang.org/grpc v1.72.1/go.mod h1:wH5Aktxcg25y1I3w7H69nHfXdOG3UiadoBtjh3izSDM=
google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY=
google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY=
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 h1:pPJltXNxVzT4pK9yD8vR9X75DaWYYmLGMsEvBfFQZzQ=
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU=
google.golang.org/grpc v1.67.1 h1:zWnc1Vrcno+lHZCOofnIMvycFcc0QRGIzm9dhnDX68E=
google.golang.org/grpc v1.67.1/go.mod h1:1gLDyUQU7CTLJI90u3nXZ9ekeghjeM7pTDZlqFNg2AA=
google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
@@ -306,7 +281,7 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
lukechampine.com/frand v1.5.1 h1:fg0eRtdmGFIxhP5zQJzM1lFDbD6CUfu/f+7WgAZd5/w=
lukechampine.com/frand v1.5.1/go.mod h1:4VstaWc2plN4Mjr10chUD46RAVGWhpkZ5Nja8+Azp0Q=
lukechampine.com/frand v1.4.2 h1:RzFIpOvkMXuPMBb9maa4ND4wjBn71E1Jpf8BzJHMaVw=
lukechampine.com/frand v1.4.2/go.mod h1:4S/TM2ZgrKejMcKMbeLjISpJMO+/eZ1zu3vYX9dtj3s=
pgregory.net/rapid v1.1.0 h1:CMa0sjHSru3puNx+J0MIAuiiEV4N0qj8/cMWGBBCsjw=
pgregory.net/rapid v1.1.0/go.mod h1:PY5XlDGj0+V1FCq0o192FdRhpKHGTRIWBgqjDBTrq04=

2
examples/nodejs/package.json
View File

@@ -5,6 +5,6 @@
},
"dependencies": {
"typescript": "^4.0.0",
"@pulumi/pulumi": "3.184.0"
"@pulumi/pulumi": "3.144.1"
}
}

5
examples/nodejs_test.go
View File

@@ -181,9 +181,8 @@ func TestConfig(t *testing.T) {
require.NoError(t, err)
test := integration.ProgramTestOptions{
Dir: path.Join(cwd, "tests", "config"),
Dependencies: []string{"@pulumi/docker-build"},
SkipEmptyPreviewUpdate: true,
Dir: path.Join(cwd, "tests", "config"),
Dependencies: []string{"@pulumi/docker-build"},
}
integration.ProgramTest(t, &test)

200
examples/python/__main__.py
View File

@@ -5,151 +5,151 @@ config = pulumi.Config()
docker_hub_password = config.require("dockerHubPassword")
multi_platform = docker_build.Image("multiPlatform",
push=False,
dockerfile={
"location": "./app/Dockerfile.multiPlatform",
},
context={
"location": "./app",
},
dockerfile=docker_build.DockerfileArgs(
location="./app/Dockerfile.multiPlatform",
),
context=docker_build.BuildContextArgs(
location="./app",
),
platforms=[
docker_build.Platform.PLAN9_AMD64,
docker_build.Platform.PLAN9_386,
])
registry_push = docker_build.Image("registryPush",
push=False,
context={
"location": "./app",
},
context=docker_build.BuildContextArgs(
location="./app",
),
tags=["docker.io/pulumibot/buildkit-e2e:example"],
exports=[{
"registry": {
"oci_media_types": True,
"push": False,
},
}],
registries=[{
"address": "docker.io",
"username": "pulumibot",
"password": docker_hub_password,
}])
exports=[docker_build.ExportArgs(
registry=docker_build.ExportRegistryArgs(
oci_media_types=True,
push=False,
),
)],
registries=[docker_build.RegistryArgs(
address="docker.io",
username="pulumibot",
password=docker_hub_password,
)])
cached = docker_build.Image("cached",
push=False,
context={
"location": "./app",
},
cache_to=[{
"local": {
"dest": "tmp/cache",
"mode": docker_build.CacheMode.MAX,
},
}],
cache_from=[{
"local": {
"src": "tmp/cache",
},
}])
context=docker_build.BuildContextArgs(
location="./app",
),
cache_to=[docker_build.CacheToArgs(
local=docker_build.CacheToLocalArgs(
dest="tmp/cache",
mode=docker_build.CacheMode.MAX,
),
)],
cache_from=[docker_build.CacheFromArgs(
local=docker_build.CacheFromLocalArgs(
src="tmp/cache",
),
)])
build_args = docker_build.Image("buildArgs",
push=False,
dockerfile={
"location": "./app/Dockerfile.buildArgs",
},
context={
"location": "./app",
},
dockerfile=docker_build.DockerfileArgs(
location="./app/Dockerfile.buildArgs",
),
context=docker_build.BuildContextArgs(
location="./app",
),
build_args={
"SET_ME_TO_TRUE": "true",
})
extra_hosts = docker_build.Image("extraHosts",
push=False,
dockerfile={
"location": "./app/Dockerfile.extraHosts",
},
context={
"location": "./app",
},
dockerfile=docker_build.DockerfileArgs(
location="./app/Dockerfile.extraHosts",
),
context=docker_build.BuildContextArgs(
location="./app",
),
add_hosts=["metadata.google.internal:169.254.169.254"])
ssh_mount = docker_build.Image("sshMount",
push=False,
dockerfile={
"location": "./app/Dockerfile.sshMount",
},
context={
"location": "./app",
},
ssh=[{
"id": "default",
}])
dockerfile=docker_build.DockerfileArgs(
location="./app/Dockerfile.sshMount",
),
context=docker_build.BuildContextArgs(
location="./app",
),
ssh=[docker_build.SSHArgs(
id="default",
)])
secrets = docker_build.Image("secrets",
push=False,
dockerfile={
"location": "./app/Dockerfile.secrets",
},
context={
"location": "./app",
},
dockerfile=docker_build.DockerfileArgs(
location="./app/Dockerfile.secrets",
),
context=docker_build.BuildContextArgs(
location="./app",
),
secrets={
"password": "hunter2",
})
labels = docker_build.Image("labels",
push=False,
context={
"location": "./app",
},
context=docker_build.BuildContextArgs(
location="./app",
),
labels={
"description": "This image will get a descriptive label 👍",
})
target = docker_build.Image("target",
push=False,
dockerfile={
"location": "./app/Dockerfile.target",
},
context={
"location": "./app",
},
dockerfile=docker_build.DockerfileArgs(
location="./app/Dockerfile.target",
),
context=docker_build.BuildContextArgs(
location="./app",
),
target="build-me")
named_contexts = docker_build.Image("namedContexts",
push=False,
dockerfile={
"location": "./app/Dockerfile.namedContexts",
},
context={
"location": "./app",
"named": {
"golang:latest": {
"location": "docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984",
},
dockerfile=docker_build.DockerfileArgs(
location="./app/Dockerfile.namedContexts",
),
context=docker_build.BuildContextArgs(
location="./app",
named={
"golang:latest": docker_build.ContextArgs(
location="docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984",
),
},
})
))
remote_context = docker_build.Image("remoteContext",
push=False,
context={
"location": "https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile",
})
context=docker_build.BuildContextArgs(
location="https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile",
))
remote_context_with_inline = docker_build.Image("remoteContextWithInline",
push=False,
dockerfile={
"inline": """FROM busybox
dockerfile=docker_build.DockerfileArgs(
inline="""FROM busybox
COPY hello.c ./
""",
},
context={
"location": "https://github.com/docker-library/hello-world.git",
})
),
context=docker_build.BuildContextArgs(
location="https://github.com/docker-library/hello-world.git",
))
inline = docker_build.Image("inline",
push=False,
dockerfile={
"inline": """FROM alpine
dockerfile=docker_build.DockerfileArgs(
inline="""FROM alpine
RUN echo "This uses an inline Dockerfile! 👍"
""",
})
))
docker_load = docker_build.Image("dockerLoad",
push=False,
context={
"location": "./app",
},
exports=[{
"docker": {
"tar": True,
},
}])
context=docker_build.BuildContextArgs(
location="./app",
),
exports=[docker_build.ExportArgs(
docker=docker_build.ExportDockerArgs(
tar=True,
),
)])
pulumi.export("platforms", multi_platform.platforms)

2
examples/tests/caching/package.json
View File

@@ -4,6 +4,6 @@
"@types/node": "^20.0.0"
},
"dependencies": {
"@pulumi/pulumi": "3.184.0"
"@pulumi/pulumi": "3.128.0"
}
}

176
examples/tests/caching/yarn.lock
View File

@@ -204,112 +204,107 @@
proc-log "^4.0.0"
which "^4.0.0"
"@opentelemetry/api-logs@0.55.0":
version "0.55.0"
resolved "https://registry.yarnpkg.com/@opentelemetry/api-logs/-/api-logs-0.55.0.tgz#5cd7461820d864600250deb3803c32367a6bb2d2"
integrity sha512-3cpa+qI45VHYcA5c0bHM6VHo9gicv3p5mlLHNG3rLyjQU8b7e0st1rWtrUn3JbZ3DwwCfhKop4eQ9UuYlC6Pkg==
"@opentelemetry/api-logs@0.52.1":
version "0.52.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/api-logs/-/api-logs-0.52.1.tgz#52906375da4d64c206b0c4cb8ffa209214654ecc"
integrity sha512-qnSqB2DQ9TPP96dl8cDubDvrUyWc0/sK81xHTK8eSUspzDM3bsewX903qclQFvVhgStjRWdC5bLb3kQqMkfV5A==
dependencies:
"@opentelemetry/api" "^1.3.0"
"@opentelemetry/api" "^1.0.0"
"@opentelemetry/api@^1.3.0", "@opentelemetry/api@^1.9":
"@opentelemetry/api@^1.0.0", "@opentelemetry/api@^1.9":
version "1.9.0"
resolved "https://registry.yarnpkg.com/@opentelemetry/api/-/api-1.9.0.tgz#d03eba68273dc0f7509e2a3d5cba21eae10379fe"
integrity sha512-3giAOQvZiH5F9bMlMiv8+GSPMeqg0dbaeo58/0SlA9sxSqZhnUtxzX9/2FzyhS9sWQf5S0GJE0AKBrFqjpeYcg==
"@opentelemetry/context-async-hooks@1.30.1":
version "1.30.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/context-async-hooks/-/context-async-hooks-1.30.1.tgz#4f76280691a742597fd0bf682982126857622948"
integrity sha512-s5vvxXPVdjqS3kTLKMeBMvop9hbWkwzBpu+mUO2M7sZtlkyDJGwFe33wRKnbaYDo8ExRVBIIdwIGrqpxHuKttA==
"@opentelemetry/context-async-hooks@1.25.1":
version "1.25.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/context-async-hooks/-/context-async-hooks-1.25.1.tgz#810bff2fcab84ec51f4684aff2d21f6c057d9e73"
integrity sha512-UW/ge9zjvAEmRWVapOP0qyCvPulWU6cQxGxDbWEFfGOj1VBBZAuOqTo3X6yWmDTD3Xe15ysCZChHncr2xFMIfQ==
"@opentelemetry/core@1.30.1":
version "1.30.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/core/-/core-1.30.1.tgz#a0b468bb396358df801881709ea38299fc30ab27"
integrity sha512-OOCM2C/QIURhJMuKaekP3TRBxBKxG/TWWA0TL2J6nXUtDnuCtccy49LUJF8xPFXMX+0LMcxFpCo8M9cGY1W6rQ==
"@opentelemetry/core@1.25.1":
version "1.25.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/core/-/core-1.25.1.tgz#ff667d939d128adfc7c793edae2f6bca177f829d"
integrity sha512-GeT/l6rBYWVQ4XArluLVB6WWQ8flHbdb6r2FCHC3smtdOAbrJBIv35tpV/yp9bmYUJf+xmZpu9DRTIeJVhFbEQ==
dependencies:
"@opentelemetry/semantic-conventions" "1.28.0"
"@opentelemetry/semantic-conventions" "1.25.1"
"@opentelemetry/exporter-zipkin@^1.28":
version "1.30.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/exporter-zipkin/-/exporter-zipkin-1.30.1.tgz#d96213a38d201ef2d50c3ba29faeb6e579f70e77"
integrity sha512-6S2QIMJahIquvFaaxmcwpvQQRD/YFaMTNoIxrfPIPOeITN+a8lfEcPDxNxn8JDAaxkg+4EnXhz8upVDYenoQjA==
"@opentelemetry/exporter-zipkin@^1.25":
version "1.25.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/exporter-zipkin/-/exporter-zipkin-1.25.1.tgz#81bb3b3aa16500676277c2fd6d50159eaf6c081a"
integrity sha512-RmOwSvkimg7ETwJbUOPTMhJm9A9bG1U8s7Zo3ajDh4zM7eYcycQ0dM7FbLD6NXWbI2yj7UY4q8BKinKYBQksyw==
dependencies:
"@opentelemetry/core" "1.30.1"
"@opentelemetry/resources" "1.30.1"
"@opentelemetry/sdk-trace-base" "1.30.1"
"@opentelemetry/semantic-conventions" "1.28.0"
"@opentelemetry/core" "1.25.1"
"@opentelemetry/resources" "1.25.1"
"@opentelemetry/sdk-trace-base" "1.25.1"
"@opentelemetry/semantic-conventions" "1.25.1"
"@opentelemetry/instrumentation-grpc@^0.55":
version "0.55.0"
resolved "https://registry.yarnpkg.com/@opentelemetry/instrumentation-grpc/-/instrumentation-grpc-0.55.0.tgz#b5161359060999f7ccbef26d6550beef021572fa"
integrity sha512-n2ZH4pRwOy0Vhag/3eKqiyDBwcpUnGgJI9iiIRX7vivE0FMncaLazWphNFezRRaM/LuKwq1TD8pVUvieP68mow==
"@opentelemetry/instrumentation-grpc@^0.52":
version "0.52.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/instrumentation-grpc/-/instrumentation-grpc-0.52.1.tgz#906ce4756a0eb1b050cd89b6b97dc09efe3ae3e3"
integrity sha512-EdSDiDSAO+XRXk/ZN128qQpBo1I51+Uay/LUPcPQhSRGf7fBPIEUBeOLQiItguGsug5MGOYjql2w/1wCQF3fdQ==
dependencies:
"@opentelemetry/instrumentation" "0.55.0"
"@opentelemetry/semantic-conventions" "1.27.0"
"@opentelemetry/instrumentation" "0.52.1"
"@opentelemetry/semantic-conventions" "1.25.1"
"@opentelemetry/instrumentation@0.55.0", "@opentelemetry/instrumentation@^0.55":
version "0.55.0"
resolved "https://registry.yarnpkg.com/@opentelemetry/instrumentation/-/instrumentation-0.55.0.tgz#ecac8afd8706f6e99b3bb6951b9e07c4c81533f0"
integrity sha512-YDCMlaQRZkziLL3t6TONRgmmGxDx6MyQDXRD0dknkkgUZtOK5+8MWft1OXzmNu6XfBOdT12MKN5rz+jHUkafKQ==
"@opentelemetry/instrumentation@0.52.1", "@opentelemetry/instrumentation@^0.52":
version "0.52.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/instrumentation/-/instrumentation-0.52.1.tgz#2e7e46a38bd7afbf03cf688c862b0b43418b7f48"
integrity sha512-uXJbYU/5/MBHjMp1FqrILLRuiJCs3Ofk0MeRDk8g1S1gD47U8X3JnSwcMO1rtRo1x1a7zKaQHaoYu49p/4eSKw==
dependencies:
"@opentelemetry/api-logs" "0.55.0"
"@types/shimmer" "^1.2.0"
"@opentelemetry/api-logs" "0.52.1"
"@types/shimmer" "^1.0.2"
import-in-the-middle "^1.8.1"
require-in-the-middle "^7.1.1"
semver "^7.5.2"
shimmer "^1.2.1"
"@opentelemetry/propagator-b3@1.30.1":
version "1.30.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/propagator-b3/-/propagator-b3-1.30.1.tgz#b73321e5f30f062a9229887a4aa80c771107fdd2"
integrity sha512-oATwWWDIJzybAZ4pO76ATN5N6FFbOA1otibAVlS8v90B4S1wClnhRUk7K+2CHAwN1JKYuj4jh/lpCEG5BAqFuQ==
"@opentelemetry/propagator-b3@1.25.1":
version "1.25.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/propagator-b3/-/propagator-b3-1.25.1.tgz#653ee5f3f0f223c000907c1559c89c0a208819f7"
integrity sha512-p6HFscpjrv7//kE+7L+3Vn00VEDUJB0n6ZrjkTYHrJ58QZ8B3ajSJhRbCcY6guQ3PDjTbxWklyvIN2ojVbIb1A==
dependencies:
"@opentelemetry/core" "1.30.1"
"@opentelemetry/core" "1.25.1"
"@opentelemetry/propagator-jaeger@1.30.1":
version "1.30.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/propagator-jaeger/-/propagator-jaeger-1.30.1.tgz#c06c9dacbe818b80cfb13c4dbf0b57df1ad26b71"
integrity sha512-Pj/BfnYEKIOImirH76M4hDaBSx6HyZ2CXUqk+Kj02m6BB80c/yo4BdWkn/1gDFfU+YPY+bPR2U0DKBfdxCKwmg==
"@opentelemetry/propagator-jaeger@1.25.1":
version "1.25.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/propagator-jaeger/-/propagator-jaeger-1.25.1.tgz#7eae165921e65dce6f8d87339379880125dab765"
integrity sha512-nBprRf0+jlgxks78G/xq72PipVK+4or9Ypntw0gVZYNTCSK8rg5SeaGV19tV920CMqBD/9UIOiFr23Li/Q8tiA==
dependencies:
"@opentelemetry/core" "1.30.1"
"@opentelemetry/core" "1.25.1"
"@opentelemetry/resources@1.30.1", "@opentelemetry/resources@^1.28":
version "1.30.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/resources/-/resources-1.30.1.tgz#a4eae17ebd96947fdc7a64f931ca4b71e18ce964"
integrity sha512-5UxZqiAgLYGFjS4s9qm5mBVo433u+dSPUFWVWXmLAD4wB65oMCoXaJP1KJa9DIYYMeHu3z4BZcStG3LC593cWA==
"@opentelemetry/resources@1.25.1", "@opentelemetry/resources@^1.25":
version "1.25.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/resources/-/resources-1.25.1.tgz#bb9a674af25a1a6c30840b755bc69da2796fefbb"
integrity sha512-pkZT+iFYIZsVn6+GzM0kSX+u3MSLCY9md+lIJOoKl/P+gJFfxJte/60Usdp8Ce4rOs8GduUpSPNe1ddGyDT1sQ==
dependencies:
"@opentelemetry/core" "1.30.1"
"@opentelemetry/semantic-conventions" "1.28.0"
"@opentelemetry/core" "1.25.1"
"@opentelemetry/semantic-conventions" "1.25.1"
"@opentelemetry/sdk-trace-base@1.30.1", "@opentelemetry/sdk-trace-base@^1.28":
version "1.30.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/sdk-trace-base/-/sdk-trace-base-1.30.1.tgz#41a42234096dc98e8f454d24551fc80b816feb34"
integrity sha512-jVPgBbH1gCy2Lb7X0AVQ8XAfgg0pJ4nvl8/IiQA6nxOsPvS+0zMJaFSs2ltXe0J6C8dqjcnpyqINDJmU30+uOg==
"@opentelemetry/sdk-trace-base@1.25.1", "@opentelemetry/sdk-trace-base@^1.25":
version "1.25.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/sdk-trace-base/-/sdk-trace-base-1.25.1.tgz#cbc1e60af255655d2020aa14cde17b37bd13df37"
integrity sha512-C8k4hnEbc5FamuZQ92nTOp8X/diCY56XUTnMiv9UTuJitCzaNNHAVsdm5+HLCdI8SLQsLWIrG38tddMxLVoftw==
dependencies:
"@opentelemetry/core" "1.30.1"
"@opentelemetry/resources" "1.30.1"
"@opentelemetry/semantic-conventions" "1.28.0"
"@opentelemetry/core" "1.25.1"
"@opentelemetry/resources" "1.25.1"
"@opentelemetry/semantic-conventions" "1.25.1"
"@opentelemetry/sdk-trace-node@^1.28":
version "1.30.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/sdk-trace-node/-/sdk-trace-node-1.30.1.tgz#bd7d68fcfb4d4ae76ea09810df9668b7dd09a2e5"
integrity sha512-cBjYOINt1JxXdpw1e5MlHmFRc5fgj4GW/86vsKFxJCJ8AL4PdVtYH41gWwl4qd4uQjqEL1oJVrXkSy5cnduAnQ==
"@opentelemetry/sdk-trace-node@^1.25":
version "1.25.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/sdk-trace-node/-/sdk-trace-node-1.25.1.tgz#856063bef1167ae74139199338c24fb958838ff3"
integrity sha512-nMcjFIKxnFqoez4gUmihdBrbpsEnAX/Xj16sGvZm+guceYE0NE00vLhpDVK6f3q8Q4VFI5xG8JjlXKMB/SkTTQ==
dependencies:
"@opentelemetry/context-async-hooks" "1.30.1"
"@opentelemetry/core" "1.30.1"
"@opentelemetry/propagator-b3" "1.30.1"
"@opentelemetry/propagator-jaeger" "1.30.1"
"@opentelemetry/sdk-trace-base" "1.30.1"
"@opentelemetry/context-async-hooks" "1.25.1"
"@opentelemetry/core" "1.25.1"
"@opentelemetry/propagator-b3" "1.25.1"
"@opentelemetry/propagator-jaeger" "1.25.1"
"@opentelemetry/sdk-trace-base" "1.25.1"
semver "^7.5.2"
"@opentelemetry/semantic-conventions@1.27.0":
version "1.27.0"
resolved "https://registry.yarnpkg.com/@opentelemetry/semantic-conventions/-/semantic-conventions-1.27.0.tgz#1a857dcc95a5ab30122e04417148211e6f945e6c"
integrity sha512-sAay1RrB+ONOem0OZanAR1ZI/k7yDpnOQSQmTMuGImUQb2y8EbSaCJ94FQluM74xoU03vlb2d2U90hZluL6nQg==
"@opentelemetry/semantic-conventions@1.28.0":
version "1.28.0"
resolved "https://registry.yarnpkg.com/@opentelemetry/semantic-conventions/-/semantic-conventions-1.28.0.tgz#337fb2bca0453d0726696e745f50064411f646d6"
integrity sha512-lp4qAiMTD4sNWW4DbKLBkfiMZ4jbAboJIGOQr5DvciMRI494OapieI9qiODpOt0XBr1LjIDy1xAGAnVs5supTA==
"@opentelemetry/semantic-conventions@1.25.1", "@opentelemetry/semantic-conventions@^1.25":
version "1.25.1"
resolved "https://registry.yarnpkg.com/@opentelemetry/semantic-conventions/-/semantic-conventions-1.25.1.tgz#0deecb386197c5e9c2c28f2f89f51fb8ae9f145e"
integrity sha512-ZDjMJJQRlyk8A1KZFCc+bCbsyrn1wTwdNt56F7twdfUfnHUZUq77/WfONCj8p72NZOyP7pNTdUWSTYC3GTbuuQ==
"@pkgjs/parseargs@^0.11.0":
version "0.11.0"
@@ -369,21 +364,23 @@
resolved "https://registry.yarnpkg.com/@protobufjs/utf8/-/utf8-1.1.0.tgz#a777360b5b39a1a2e5106f8e858f2fd2d060c570"
integrity sha512-Vvn3zZrhQZkkBE8LSuW3em98c0FwgO4nxzv6OdSxPKJIEKY2bGbHn+mhGIPerzI4twdxaP8/0+06HBpwf345Lw==
"@pulumi/pulumi@3.184.0":
version "3.184.0"
resolved "https://registry.yarnpkg.com/@pulumi/pulumi/-/pulumi-3.184.0.tgz#650831728ed5c22ff1eda36349af860fadc5c9d1"
integrity sha512-hseyV9cDUcu6MgXnnuKibIx5DtZVjS0judMYQdy74vau8CCKIAoIJGoURaKIl0KCT8OuvaMCHS+iOG/8o8VSCg==
"@pulumi/pulumi@3.128.0":
version "3.128.0"
resolved "https://registry.yarnpkg.com/@pulumi/pulumi/-/pulumi-3.128.0.tgz#cb44cb904e9be1e36c7697215c2f91d4e58c0031"
integrity sha512-Xqe5uYp1RpDihK3VbdBFR4q1h+ICg/2Xgg1d7aYWmPqBCIUG4jWddLS0REQO60EsgKBNarXhLeQSmaWXLgiq9w==
dependencies:
"@grpc/grpc-js" "^1.10.1"
"@logdna/tail-file" "^2.0.6"
"@npmcli/arborist" "^7.3.1"
"@opentelemetry/api" "^1.9"
"@opentelemetry/exporter-zipkin" "^1.28"
"@opentelemetry/instrumentation" "^0.55"
"@opentelemetry/instrumentation-grpc" "^0.55"
"@opentelemetry/resources" "^1.28"
"@opentelemetry/sdk-trace-base" "^1.28"
"@opentelemetry/sdk-trace-node" "^1.28"
"@opentelemetry/exporter-zipkin" "^1.25"
"@opentelemetry/instrumentation" "^0.52"
"@opentelemetry/instrumentation-grpc" "^0.52"
"@opentelemetry/resources" "^1.25"
"@opentelemetry/sdk-trace-base" "^1.25"
"@opentelemetry/sdk-trace-node" "^1.25"
"@opentelemetry/semantic-conventions" "^1.25"
"@pulumi/query" "^0.3.0"
"@types/google-protobuf" "^3.15.5"
"@types/semver" "^7.5.6"
"@types/tmp" "^0.2.6"
@@ -403,6 +400,11 @@
tmp "^0.2.1"
upath "^1.1.0"
"@pulumi/query@^0.3.0":
version "0.3.0"
resolved "https://registry.yarnpkg.com/@pulumi/query/-/query-0.3.0.tgz#f496608e86a18c3dd31b6c533408e2441c29071d"
integrity sha512-xfo+yLRM2zVjVEA4p23IjQWzyWl1ZhWOGobsBqRpIarzLvwNH/RAGaoehdxlhx4X92302DrpdIFgTICMN4P38w==
"@sigstore/bundle@^2.3.2":
version "2.3.2"
resolved "https://registry.yarnpkg.com/@sigstore/bundle/-/bundle-2.3.2.tgz#ad4dbb95d665405fd4a7a02c8a073dbd01e4e95e"
@@ -527,7 +529,7 @@
resolved "https://registry.yarnpkg.com/@types/semver/-/semver-7.5.8.tgz#8268a8c57a3e4abd25c165ecd36237db7948a55e"
integrity sha512-I8EUhyrgfLrcTkzV3TSsGyl1tSuPrEDzr0yd5m90UgNxQkyDXULk3b6MlQqTCpZpNtWe1K0hzclnZkTcLBe2UQ==
"@types/shimmer@^1.2.0":
"@types/shimmer@^1.0.2":
version "1.2.0"
resolved "https://registry.yarnpkg.com/@types/shimmer/-/shimmer-1.2.0.tgz#9b706af96fa06416828842397a70dfbbf1c14ded"
integrity sha512-UE7oxhQLLd9gub6JKIAhDq06T0F6FnztwMNRvYgjeQSBeMc1ZG/tA47EwfduvkuQS8apbkM/lpLpWsaCeYsXVg==

2
examples/tests/config/package.json
View File

@@ -4,6 +4,6 @@
"@types/node": "^20.0.0"
},
"dependencies": {
"@pulumi/pulumi": "3.184.0"
"@pulumi/pulumi": "3.144.1"
}
}

2
examples/upgrade-node/package.json
View File

@@ -5,6 +5,6 @@
},
"dependencies": {
"typescript": "^4.0.0",
"@pulumi/pulumi": "3.184.0"
"@pulumi/pulumi": "3.144.1"
}
}

3
examples/yaml_test.go
View File

@@ -1,6 +1,3 @@
//go:build yaml || all
// +build yaml all
package examples
import (

257
go.mod
View File

@@ -1,81 +1,83 @@
module github.com/pulumi/pulumi-docker-build
go 1.24.1
go 1.23.1
require (
github.com/aws/aws-sdk-go v1.55.5
github.com/blang/semver v3.5.1+incompatible
github.com/distribution/reference v0.6.0
github.com/docker/buildx v0.22.0
github.com/docker/cli v28.0.4+incompatible
github.com/docker/docker v28.0.1+incompatible
github.com/docker/buildx v0.18.0
github.com/docker/cli v27.4.0-rc.2+incompatible
github.com/docker/docker v27.4.0-rc.2+incompatible
github.com/golangci/golangci-lint v1.59.1
github.com/moby/buildkit v0.20.1
github.com/moby/buildkit v0.18.1
github.com/moby/patternmatcher v0.6.0
github.com/muesli/reflow v0.3.0
github.com/otiai10/copy v1.14.0
github.com/pulumi/providertest v0.3.1
github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3 v3.0.0-20250806132441-44ca9a522cef
github.com/pulumi/pulumi-go-provider v1.1.2
github.com/pulumi/pulumi-java/pkg v1.16.0
github.com/pulumi/pulumi-yaml v1.21.2
github.com/pulumi/pulumi/pkg/v3 v3.192.0
github.com/pulumi/pulumi/sdk/go/pulumi-language-go/v3 v3.0.0-20250806165243-bee5e4fa4815
github.com/pulumi/pulumi/sdk/nodejs/cmd/pulumi-language-nodejs/v3 v3.0.0-20250806165243-bee5e4fa4815
github.com/pulumi/pulumi/sdk/python/cmd/pulumi-language-python/v3 v3.0.0-20250806165243-bee5e4fa4815
github.com/pulumi/pulumi/sdk/v3 v3.192.0
github.com/pulumi/providertest v0.1.3
github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet v0.0.0-20241219213128-b19d8c8da35b
github.com/pulumi/pulumi-go-provider v0.24.1
github.com/pulumi/pulumi-java/pkg v0.20.0
github.com/pulumi/pulumi-yaml v1.13.0
github.com/pulumi/pulumi/pkg/v3 v3.156.0
github.com/pulumi/pulumi/sdk/go/pulumi-language-go/v3 v3.0.0-20250317155042-e15e594b4e1b
github.com/pulumi/pulumi/sdk/nodejs/cmd/pulumi-language-nodejs/v3 v3.0.0-20250317155042-e15e594b4e1b
github.com/pulumi/pulumi/sdk/python/cmd/pulumi-language-python/v3 v3.0.0-20250317155042-e15e594b4e1b
github.com/pulumi/pulumi/sdk/v3 v3.156.0
github.com/regclient/regclient v0.7.1
github.com/sirupsen/logrus v1.9.3
github.com/spf13/afero v1.14.0
github.com/stretchr/testify v1.10.0
github.com/tonistiigi/fsutil v0.0.0-20250113203817-b14e27f4135a
github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4
go.opentelemetry.io/otel/metric v1.36.0
go.opentelemetry.io/otel/sdk v1.36.0
go.opentelemetry.io/otel/trace v1.36.0
go.uber.org/mock v0.5.2
golang.org/x/crypto v0.39.0
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0
google.golang.org/protobuf v1.36.6
github.com/theupdateframework/notary v0.7.0
github.com/tonistiigi/fsutil v0.0.0-20241121093142-31cf1f437184
go.opentelemetry.io/otel/metric v1.35.0
go.opentelemetry.io/otel/sdk v1.35.0
go.opentelemetry.io/otel/trace v1.35.0
go.uber.org/mock v0.5.0
golang.org/x/crypto v0.36.0
golang.org/x/exp v0.0.0-20250305212735-054e65f0b394
google.golang.org/protobuf v1.36.5
gopkg.in/yaml.v3 v3.0.1
)
require (
4d63.com/gocheckcompilerdirectives v1.2.1 // indirect
4d63.com/gochecknoglobals v0.2.1 // indirect
cloud.google.com/go v0.112.1 // indirect
cloud.google.com/go v0.115.1 // indirect
cloud.google.com/go/auth v0.9.3 // indirect
cloud.google.com/go/auth/oauth2adapt v0.2.4 // indirect
cloud.google.com/go/compute/metadata v0.6.0 // indirect
cloud.google.com/go/iam v1.1.6 // indirect
cloud.google.com/go/kms v1.15.7 // indirect
cloud.google.com/go/logging v1.9.0 // indirect
cloud.google.com/go/longrunning v0.5.5 // indirect
cloud.google.com/go/storage v1.39.1 // indirect
cloud.google.com/go/iam v1.2.0 // indirect
cloud.google.com/go/kms v1.19.0 // indirect
cloud.google.com/go/logging v1.11.0 // indirect
cloud.google.com/go/longrunning v0.6.0 // indirect
cloud.google.com/go/storage v1.43.0 // indirect
dario.cat/mergo v1.0.1 // indirect
github.com/4meepo/tagalign v1.3.4 // indirect
github.com/Abirdcfly/dupword v0.0.14 // indirect
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 // indirect
github.com/AlecAivazis/survey/v2 v2.3.7 // indirect
github.com/Antonboom/errname v0.1.13 // indirect
github.com/Antonboom/nilnil v0.1.9 // indirect
github.com/Antonboom/testifylint v1.3.1 // indirect
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 // indirect
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.14.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.7.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.5.0 // indirect
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.2 // indirect
github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
github.com/Azure/go-autorest/autorest/to v0.4.0 // indirect
github.com/AzureAD/microsoft-authentication-library-for-go v1.3.3 // indirect
github.com/BurntSushi/toml v1.5.0 // indirect
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
github.com/BurntSushi/toml v1.4.0 // indirect
github.com/Crocmagnon/fatcontext v0.2.2 // indirect
github.com/Djarvur/go-err113 v0.0.0-20210108212216-aea10b59be24 // indirect
github.com/GaijinEntertainment/go-exhaustruct/v3 v3.2.0 // indirect
github.com/Masterminds/semver/v3 v3.2.1 // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/OpenPeeDeeP/depguard/v2 v2.2.0 // indirect
github.com/ProtonMail/go-crypto v1.2.0 // indirect
github.com/ProtonMail/go-crypto v1.1.6 // indirect
github.com/agext/levenshtein v1.2.3 // indirect
github.com/alecthomas/chroma v0.10.0 // indirect
github.com/alecthomas/chroma/v2 v2.13.0 // indirect
@@ -83,31 +85,31 @@ require (
github.com/alexkohler/nakedret/v2 v2.0.4 // indirect
github.com/alexkohler/prealloc v1.0.0 // indirect
github.com/alingse/asasalint v0.0.11 // indirect
github.com/apparentlymart/go-cidr v1.0.1 // indirect
github.com/apparentlymart/go-cidr v1.1.0 // indirect
github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
github.com/ashanbrown/forbidigo v1.6.0 // indirect
github.com/ashanbrown/makezero v1.1.1 // indirect
github.com/atotto/clipboard v0.1.4 // indirect
github.com/aws/aws-sdk-go-v2 v1.30.3 // indirect
github.com/aws/aws-sdk-go-v2 v1.30.5 // indirect
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.3 // indirect
github.com/aws/aws-sdk-go-v2/config v1.27.27 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.17.27 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.11 // indirect
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.8 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.15 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.15 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
github.com/aws/aws-sdk-go-v2/config v1.27.33 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.17.32 // indirect
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 // indirect
github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.10 // indirect
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.17 // indirect
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.17 // indirect
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.15 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.4 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.3.17 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.17 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.19 // indirect
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.17.15 // indirect
github.com/aws/aws-sdk-go-v2/service/kms v1.30.1 // indirect
github.com/aws/aws-sdk-go-v2/service/s3 v1.58.2 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.22.4 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.4 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.30.3 // indirect
github.com/aws/smithy-go v1.20.3 // indirect
github.com/aws/aws-sdk-go-v2/service/kms v1.35.7 // indirect
github.com/aws/aws-sdk-go-v2/service/s3 v1.58.3 // indirect
github.com/aws/aws-sdk-go-v2/service/sso v1.22.7 // indirect
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.30.7 // indirect
github.com/aws/smithy-go v1.20.4 // indirect
github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
github.com/aymerick/douceur v0.2.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
@@ -122,12 +124,11 @@ require (
github.com/ccojocar/zxcvbn-go v1.0.2 // indirect
github.com/cenkalti/backoff/v3 v3.2.2 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/cenkalti/backoff/v5 v5.0.2 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/charithe/durationcheck v0.0.10 // indirect
github.com/charmbracelet/bubbles v0.21.0 // indirect
github.com/charmbracelet/bubbles v0.20.0 // indirect
github.com/charmbracelet/bubbletea v1.3.4 // indirect
github.com/charmbracelet/colorprofile v0.3.0 // indirect
github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect
github.com/charmbracelet/glamour v0.6.0 // indirect
github.com/charmbracelet/lipgloss v1.1.0 // indirect
github.com/charmbracelet/x/ansi v0.8.0 // indirect
@@ -136,30 +137,30 @@ require (
github.com/chavacava/garif v0.1.0 // indirect
github.com/cheggaaa/pb v1.0.29 // indirect
github.com/ckaznocha/intrange v0.1.2 // indirect
github.com/cloudflare/circl v1.6.1 // indirect
github.com/compose-spec/compose-go/v2 v2.4.8 // indirect
github.com/cloudflare/circl v1.6.0 // indirect
github.com/compose-spec/compose-go/v2 v2.4.1 // indirect
github.com/containerd/console v1.0.4 // indirect
github.com/containerd/containerd/api v1.8.0 // indirect
github.com/containerd/containerd/v2 v2.0.3 // indirect
github.com/containerd/containerd v1.7.24 // indirect
github.com/containerd/containerd/api v1.7.19 // indirect
github.com/containerd/continuity v0.4.5 // indirect
github.com/containerd/errdefs v1.0.0 // indirect
github.com/containerd/errdefs/pkg v0.3.0 // indirect
github.com/containerd/errdefs v0.3.0 // indirect
github.com/containerd/log v0.1.0 // indirect
github.com/containerd/platforms v1.0.0-rc.1 // indirect
github.com/containerd/ttrpc v1.2.7 // indirect
github.com/containerd/platforms v0.2.1 // indirect
github.com/containerd/ttrpc v1.2.5 // indirect
github.com/containerd/typeurl/v2 v2.2.3 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect
github.com/curioswitch/go-reassign v0.2.0 // indirect
github.com/cyphar/filepath-securejoin v0.4.1 // indirect
github.com/daixiang0/gci v0.13.4 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/deckarep/golang-set/v2 v2.5.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/deckarep/golang-set/v2 v2.6.0 // indirect
github.com/denis-tingaikin/go-header v0.5.0 // indirect
github.com/djherbis/times v1.6.0 // indirect
github.com/dlclark/regexp2 v1.11.0 // indirect
github.com/docker/cli-docs-tool v0.9.0 // indirect
github.com/docker/cli-docs-tool v0.8.0 // indirect
github.com/docker/distribution v2.8.3+incompatible // indirect
github.com/docker/docker-credential-helpers v0.8.2 // indirect
github.com/docker/go v1.5.1-1.0.20160303222718-d30aec9fd63c // indirect
github.com/docker/go-connections v0.5.0 // indirect
github.com/docker/go-metrics v0.0.1 // indirect
github.com/docker/go-units v0.5.0 // indirect
@@ -175,22 +176,21 @@ require (
github.com/fatih/structtag v1.2.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/firefart/nonamedreturns v1.0.5 // indirect
github.com/fsnotify/fsnotify v1.9.0 // indirect
github.com/fvbommel/sortorder v1.0.1 // indirect
github.com/fxamacker/cbor/v2 v2.7.0 // indirect
github.com/fsnotify/fsnotify v1.8.0 // indirect
github.com/fvbommel/sortorder v1.1.0 // indirect
github.com/fzipp/gocyclo v0.6.0 // indirect
github.com/ghostiam/protogetter v0.3.6 // indirect
github.com/go-critic/go-critic v0.11.4 // indirect
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
github.com/go-git/go-billy/v5 v5.6.2 // indirect
github.com/go-git/go-git/v5 v5.16.0 // indirect
github.com/go-jose/go-jose/v3 v3.0.4 // indirect
github.com/go-git/go-git/v5 v5.14.0 // indirect
github.com/go-jose/go-jose/v4 v4.0.4 // indirect
github.com/go-logr/logr v1.4.2 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-ole/go-ole v1.2.6 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.4 // indirect
github.com/go-openapi/swag v0.22.3 // indirect
github.com/go-toolsmith/astcast v1.1.0 // indirect
github.com/go-toolsmith/astcopy v1.1.0 // indirect
github.com/go-toolsmith/astequal v1.2.0 // indirect
@@ -203,9 +203,9 @@ require (
github.com/gobwas/glob v0.2.3 // indirect
github.com/godbus/dbus/v5 v5.1.0 // indirect
github.com/gofrs/flock v0.12.1 // indirect
github.com/gofrs/uuid v4.2.0+incompatible // indirect
github.com/gofrs/uuid v4.4.0+incompatible // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
github.com/golang/glog v1.2.4 // indirect
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
github.com/golang/protobuf v1.5.4 // indirect
@@ -220,13 +220,13 @@ require (
github.com/google/go-cmp v0.7.0 // indirect
github.com/google/go-querystring v1.1.0 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/pprof v0.0.0-20240525223248-4bfdf5a9a2af // indirect
github.com/google/s2a-go v0.1.7 // indirect
github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect
github.com/google/s2a-go v0.1.8 // indirect
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/google/wire v0.6.0 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
github.com/googleapis/gax-go/v2 v2.12.2 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
github.com/googleapis/gax-go/v2 v2.13.0 // indirect
github.com/gordonklaus/ineffassign v0.1.0 // indirect
github.com/gorilla/css v1.0.0 // indirect
github.com/gorilla/mux v1.8.1 // indirect
@@ -235,11 +235,11 @@ require (
github.com/gostaticanalysis/comment v1.4.2 // indirect
github.com/gostaticanalysis/forcetypeassert v0.1.0 // indirect
github.com/gostaticanalysis/nilerr v0.1.1 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.26.3 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.25.1 // indirect
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-cty-funcs v0.0.0-20241120183456-c51673e0b3dd // indirect
github.com/hashicorp/go-cty-funcs v0.0.0-20230405223818-a090f58aa992 // indirect
github.com/hashicorp/go-multierror v1.1.1 // indirect
github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
github.com/hashicorp/go-rootcerts v1.0.2 // indirect
@@ -249,7 +249,7 @@ require (
github.com/hashicorp/go-version v1.7.0 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/hashicorp/hcl/v2 v2.23.0 // indirect
github.com/hashicorp/vault/api v1.12.0 // indirect
github.com/hashicorp/vault/api v1.14.0 // indirect
github.com/hexops/gotextdiff v1.0.3 // indirect
github.com/iancoleman/strcase v0.3.0 // indirect
github.com/ijc/Gotty v0.0.0-20170406111628-a8b993ba6abd // indirect
@@ -281,7 +281,6 @@ require (
github.com/ldez/gomoddirectives v0.2.4 // indirect
github.com/ldez/tagliatelle v0.5.0 // indirect
github.com/leonklingele/grouper v1.1.2 // indirect
github.com/lib/pq v1.10.9 // indirect
github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
github.com/lufeee/execinquery v1.2.1 // indirect
github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
@@ -299,6 +298,7 @@ require (
github.com/mgechev/revive v1.3.7 // indirect
github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect
github.com/microcosm-cc/bluemonday v1.0.21 // indirect
github.com/miekg/pkcs11 v1.1.1 // indirect
github.com/mitchellh/copystructure v1.2.0 // indirect
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/go-ps v1.0.0 // indirect
@@ -308,14 +308,14 @@ require (
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/moby/docker-image-spec v1.3.1 // indirect
github.com/moby/locker v1.0.1 // indirect
github.com/moby/moby v28.3.3+incompatible // indirect
github.com/moby/spdystream v0.4.0 // indirect
github.com/moby/moby v26.1.0+incompatible // indirect
github.com/moby/spdystream v0.2.0 // indirect
github.com/moby/sys/mountinfo v0.7.2 // indirect
github.com/moby/sys/sequential v0.6.0 // indirect
github.com/moby/sys/signal v0.7.1 // indirect
github.com/moby/sys/user v0.3.0 // indirect
github.com/moby/sys/userns v0.1.0 // indirect
github.com/moby/term v0.5.2 // indirect
github.com/moby/term v0.5.0 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/moricho/tparallel v0.3.1 // indirect
@@ -338,8 +338,8 @@ require (
github.com/opentracing/basictracer-go v1.1.0 // indirect
github.com/opentracing/opentracing-go v1.2.0 // indirect
github.com/pelletier/go-toml v1.9.5 // indirect
github.com/pelletier/go-toml/v2 v2.2.3 // indirect
github.com/pgavlin/aho-corasick v0.5.1 // indirect
github.com/pelletier/go-toml/v2 v2.2.2 // indirect
github.com/petar-dambovaliev/aho-corasick v0.0.0-20230725210150-fb29fc3c913e // indirect
github.com/pgavlin/diff v0.0.0-20230503175810-113847418e2e // indirect
github.com/pgavlin/fx v0.1.6 // indirect
github.com/pgavlin/goldmark v1.1.33-0.20200616210433-b5eb04559386 // indirect
@@ -349,15 +349,15 @@ require (
github.com/pkg/errors v0.9.1 // indirect
github.com/pkg/term v1.1.0 // indirect
github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/polyfloyd/go-errorlint v1.5.2 // indirect
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
github.com/prometheus/client_golang v1.20.5 // indirect
github.com/prometheus/client_golang v1.20.2 // indirect
github.com/prometheus/client_model v0.6.1 // indirect
github.com/prometheus/common v0.55.0 // indirect
github.com/prometheus/procfs v0.15.1 // indirect
github.com/pulumi/appdash v0.0.0-20231130102222-75f619a67231 // indirect
github.com/pulumi/esc v0.17.0 // indirect
github.com/pulumi/esc v0.13.0 // indirect
github.com/pulumi/inflector v0.2.1 // indirect
github.com/quasilyte/go-ruleguard v0.4.2 // indirect
github.com/quasilyte/go-ruleguard/dsl v0.3.22 // indirect
@@ -413,7 +413,7 @@ require (
github.com/tomarrell/wrapcheck/v2 v2.8.3 // indirect
github.com/tommy-muehle/go-mnd/v2 v2.5.1 // indirect
github.com/tonistiigi/dchapes-mode v0.0.0-20241001053921-ca0759fec205 // indirect
github.com/tonistiigi/jaeger-ui-rest v0.0.0-20250211190051-7d4944a45bb6 // indirect
github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4 // indirect
github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea // indirect
github.com/tonistiigi/vt100 v0.0.0-20240514184818-90bafcd6abab // indirect
github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect
@@ -422,7 +422,6 @@ require (
github.com/ultraware/funlen v0.1.0 // indirect
github.com/ultraware/whitespace v0.1.1 // indirect
github.com/uudashr/gocognit v1.1.2 // indirect
github.com/x448/float16 v0.8.4 // indirect
github.com/xanzy/ssh-agent v0.3.3 // indirect
github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
@@ -435,62 +434,62 @@ require (
github.com/yuin/goldmark v1.5.2 // indirect
github.com/yuin/goldmark-emoji v1.0.1 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
github.com/zclconf/go-cty v1.16.3 // indirect
github.com/zclconf/go-cty v1.16.2 // indirect
gitlab.com/bosi/decorder v0.4.2 // indirect
go-simpler.org/musttag v0.12.2 // indirect
go-simpler.org/sloglint v0.7.1 // indirect
go.opencensus.io v0.24.0 // indirect
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.56.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.56.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.56.0 // indirect
go.opentelemetry.io/otel v1.36.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.31.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.31.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.36.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.36.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.31.0 // indirect
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.54.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.54.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.54.0 // indirect
go.opentelemetry.io/otel v1.35.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.29.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.29.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.29.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.29.0 // indirect
go.opentelemetry.io/otel/sdk/metric v1.34.0 // indirect
go.opentelemetry.io/proto/otlp v1.6.0 // indirect
go.opentelemetry.io/proto/otlp v1.5.0 // indirect
go.pennock.tech/tabular v1.1.3 // indirect
go.uber.org/atomic v1.11.0 // indirect
go.uber.org/automaxprocs v1.6.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.27.0 // indirect
gocloud.dev v0.37.0 // indirect
gocloud.dev/secrets/hashivault v0.37.0 // indirect
gocloud.dev v0.39.0 // indirect
gocloud.dev/secrets/hashivault v0.39.0 // indirect
golang.org/x/exp/typeparams v0.0.0-20240314144324-c7f7c6466f7f // indirect
golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.40.0 // indirect
golang.org/x/oauth2 v0.30.0 // indirect
golang.org/x/sync v0.15.0 // indirect
golang.org/x/sys v0.33.0 // indirect
golang.org/x/term v0.32.0 // indirect
golang.org/x/text v0.26.0 // indirect
golang.org/x/mod v0.24.0 // indirect
golang.org/x/net v0.37.0 // indirect
golang.org/x/oauth2 v0.25.0 // indirect
golang.org/x/sync v0.12.0 // indirect
golang.org/x/sys v0.31.0 // indirect
golang.org/x/term v0.30.0 // indirect
golang.org/x/text v0.23.0 // indirect
golang.org/x/time v0.6.0 // indirect
golang.org/x/tools v0.33.0 // indirect
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
google.golang.org/api v0.169.0 // indirect
google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20250519155744-55703ea1f237 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250519155744-55703ea1f237 // indirect
google.golang.org/grpc v1.72.1 // indirect
golang.org/x/tools v0.31.0 // indirect
golang.org/x/xerrors v0.0.0-20240903120638-7835f813f4da // indirect
google.golang.org/api v0.196.0 // indirect
google.golang.org/genproto v0.0.0-20240903143218-8af14fe29dc1 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20250106144421-5f5ef82da422 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250313205543-e70fdf4c4cb4 // indirect
google.golang.org/grpc v1.71.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
honnef.co/go/tools v0.4.7 // indirect
k8s.io/api v0.31.2 // indirect
k8s.io/apimachinery v0.31.2 // indirect
k8s.io/client-go v0.31.2 // indirect
k8s.io/klog/v2 v2.130.1 // indirect
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect
k8s.io/api v0.29.2 // indirect
k8s.io/apimachinery v0.29.2 // indirect
k8s.io/client-go v0.29.2 // indirect
k8s.io/klog/v2 v2.110.1 // indirect
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
lukechampine.com/frand v1.5.1 // indirect
mvdan.cc/gofumpt v0.6.0 // indirect
mvdan.cc/unparam v0.0.0-20240528143540-8a5130ca722f // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
sigs.k8s.io/yaml v1.4.0 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
)

661
go.sum
View File

File diff suppressed because it is too large Load Diff

44
provider/cmd/pulumi-resource-docker-build/schema.json
View File

@@ -155,12 +155,32 @@
]
},
"docker-build:index:CacheFromGitHubActions": {
"description": "Recommended for use with GitHub Actions workflows.\n\nAn action like `crazy-max/ghaction-github-runtime` is recommended to expose\nappropriate credentials to your GitHub workflow.",
"properties": {
"scope": {
"type": "string",
"description": "The scope to use for cache keys. Defaults to `buildkit`.\n\nThis should be set if building and caching multiple images in one\nworkflow, otherwise caches will overwrite each other.",
"default": "buildkit"
},
"token": {
"type": "string",
"description": "The GitHub Actions token to use. This is not a personal access tokens\nand is typically generated automatically as part of each job.\n\nDefaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like\n`crazy-max/ghaction-github-runtime` is recommended to expose this\nenvironment variable to your jobs.",
"default": "",
"defaultInfo": {
"environment": [
"ACTIONS_RUNTIME_TOKEN"
]
},
"secret": true
},
"url": {
"type": "string",
"description": "The cache server URL to use for artifacts.\n\nDefaults to `$ACTIONS_CACHE_URL`, although a separate action like\n`crazy-max/ghaction-github-runtime` is recommended to expose this\nenvironment variable to your jobs.",
"default": "",
"defaultInfo": {
"environment": [
"ACTIONS_CACHE_URL"
]
}
}
},
"type": "object"
@@ -350,7 +370,6 @@
]
},
"docker-build:index:CacheToGitHubActions": {
"description": "Recommended for use with GitHub Actions workflows.\n\nAn action like `crazy-max/ghaction-github-runtime` is recommended to expose\nappropriate credentials to your GitHub workflow.",
"properties": {
"ignoreError": {
"type": "boolean",
@@ -366,6 +385,27 @@
"type": "string",
"description": "The scope to use for cache keys. Defaults to `buildkit`.\n\nThis should be set if building and caching multiple images in one\nworkflow, otherwise caches will overwrite each other.",
"default": "buildkit"
},
"token": {
"type": "string",
"description": "The GitHub Actions token to use. This is not a personal access tokens\nand is typically generated automatically as part of each job.\n\nDefaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like\n`crazy-max/ghaction-github-runtime` is recommended to expose this\nenvironment variable to your jobs.",
"default": "",
"defaultInfo": {
"environment": [
"ACTIONS_RUNTIME_TOKEN"
]
},
"secret": true
},
"url": {
"type": "string",
"description": "The cache server URL to use for artifacts.\n\nDefaults to `$ACTIONS_CACHE_URL`, although a separate action like\n`crazy-max/ghaction-github-runtime` is recommended to expose this\nenvironment variable to your jobs.",
"default": "",
"defaultInfo": {
"environment": [
"ACTIONS_CACHE_URL"
]
}
}
},
"type": "object"

63
provider/internal/cache.go
View File

@@ -17,7 +17,6 @@ package internal
import (
"errors"
"fmt"
"os"
"strings"
controllerapi "github.com/docker/buildx/controller/pb"
@@ -149,20 +148,33 @@ func (c CacheWithOCI) String() string {
// CacheFromGitHubActions pulls cache manifests from the GitHub actions cache.
type CacheFromGitHubActions struct {
URL string `pulumi:"url,optional"`
Token string `pulumi:"token,optional" provider:"secret"`
Scope string `pulumi:"scope,optional"`
}
// Annotate sets docstrings on CacheFromGitHubActions.
func (c *CacheFromGitHubActions) Annotate(a infer.Annotator) {
a.Describe(&c, dedent(`
Recommended for use with GitHub Actions workflows.
An action like "crazy-max/ghaction-github-runtime" is recommended to expose
appropriate credentials to your GitHub workflow.
`))
a.SetDefault(&c.URL, "", "ACTIONS_CACHE_URL")
a.SetDefault(&c.Token, "", "ACTIONS_RUNTIME_TOKEN")
a.SetDefault(&c.Scope, "buildkit")
a.Describe(&c.URL, dedent(`
The cache server URL to use for artifacts.
Defaults to "$ACTIONS_CACHE_URL", although a separate action like
"crazy-max/ghaction-github-runtime" is recommended to expose this
environment variable to your jobs.
`))
a.Describe(&c.Token, dedent(`
The GitHub Actions token to use. This is not a personal access tokens
and is typically generated automatically as part of each job.
Defaults to "$ACTIONS_RUNTIME_TOKEN", although a separate action like
"crazy-max/ghaction-github-runtime" is recommended to expose this
environment variable to your jobs.
`))
a.Describe(&c.Scope, dedent(`
The scope to use for cache keys. Defaults to "buildkit".
@@ -179,12 +191,11 @@ func (c *CacheFromGitHubActions) String() string {
if c.Scope != "" {
parts = append(parts, "scope="+c.Scope)
}
// Preserving backwards compatibility with the old behaviour.
if token := os.Getenv("ACTIONS_RUNTIME_TOKEN"); token != "" {
parts = append(parts, "token="+token)
if c.Token != "" {
parts = append(parts, "token="+c.Token)
}
if url := os.Getenv("ACTIONS_CACHE_URL"); url != "" {
parts = append(parts, "url="+url)
if c.URL != "" {
parts = append(parts, "url="+c.URL)
}
return strings.Join(parts, ",")
}
@@ -461,23 +472,7 @@ func (c CacheFrom) validate(preview bool) (*controllerapi.CacheOptionsEntry, err
// environment variables set. Ignore the cacheFrom entry in this case.
return nil, nil
}
pb := parsed[0].ToPB()
if !isActive(pb) {
pb = nil
}
return pb, nil
}
// isActive checks if the GitHub token is set in the cache entry.
// If it is not a GHA cache entry, it will return true.
// This is to maintain backwards compatibility with the old buildx behaviour.
func isActive(ci *controllerapi.CacheOptionsEntry) bool {
if ci.Type != "gha" {
return true
}
return ci.Attrs["token"] != "" && (ci.Attrs["url"] != "" || ci.Attrs["url_v2"] != "")
return parsed[0], nil
}
// CacheToInline embeds cache information directly into an image.
@@ -685,13 +680,7 @@ func (c CacheTo) validate(preview bool) (*controllerapi.CacheOptionsEntry, error
// environment variables set. Ignore the cacheTo entry in this case.
return nil, nil
}
pb := parsed[0].ToPB()
if !isActive(pb) {
pb = nil
}
return pb, nil
return parsed[0], nil
}
// CacheMode controls the complexity of exported cache manifests.

46
provider/internal/cache_test.go
View File

@@ -24,15 +24,14 @@ import (
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
//nolint:paralleltest // We don't call t.Parallel here to prevent environment corruption.
func TestCacheString(t *testing.T) {
t.Parallel()
gzip := Gzip
tests := []struct {
name string
arrange func(t *testing.T)
given fmt.Stringer
want string
name string
given fmt.Stringer
want string
}{
{
name: "s3",
@@ -56,37 +55,7 @@ func TestCacheString(t *testing.T) {
{
name: "gha",
given: CacheTo{GHA: &CacheToGitHubActions{}},
arrange: func(t *testing.T) {
t.Setenv("ACTIONS_CACHE_URL", "")
t.Setenv("ACTIONS_RUNTIME_TOKEN", "")
},
want: "type=gha",
},
{
name: "gha-default-envs",
arrange: func(t *testing.T) {
t.Setenv("ACTIONS_CACHE_URL", "https://example.com")
t.Setenv("ACTIONS_RUNTIME_TOKEN", "token")
},
given: CacheTo{GHA: &CacheToGitHubActions{
CacheFromGitHubActions: CacheFromGitHubActions{
Scope: "scope",
},
}},
want: "type=gha,scope=scope,token=token,url=https://example.com",
},
{
name: "gha-with-scope",
arrange: func(t *testing.T) {
t.Setenv("ACTIONS_CACHE_URL", "")
t.Setenv("ACTIONS_RUNTIME_TOKEN", "")
},
given: CacheTo{GHA: &CacheToGitHubActions{
CacheFromGitHubActions: CacheFromGitHubActions{
Scope: "scope",
},
}},
want: "type=gha,scope=scope",
want: "type=gha",
},
{
name: "from-local",
@@ -152,12 +121,9 @@ func TestCacheString(t *testing.T) {
},
}
//nolint:paralleltest // We don't call t.Parallel here to prevent environment corruption.
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if tt.arrange != nil {
tt.arrange(t)
}
t.Parallel()
actual := tt.given.String()
assert.Equal(t, tt.want, actual)

54
provider/internal/cli.go
View File

@@ -25,7 +25,6 @@ import (
"fmt"
"io"
"os"
"os/exec"
"path/filepath"
"strings"
@@ -57,11 +56,11 @@ type cli struct {
auths map[string]cfgtypes.AuthConfig
host *host
in string // stdin
r, w *os.File // stdout
err bytes.Buffer // stderr
dumplogs bool // if true then tail() will re-log status messages
builder Builder // for mocking build daemon responses
in string // stdin
r, w *os.File // stdout
err bytes.Buffer // stderr
dumplogs bool // if true then tail() will re-log status messages
done chan struct{} // signaled when all logs have been forwarded to the engine.
}
// Cli wraps the Docker interface for mock generation.
@@ -120,12 +119,11 @@ func wrap(host *host, registries ...Registry) (*cli, error) {
}
wrapped := &cli{
Cli: docker,
host: host,
auths: auths,
r: r,
w: w,
builder: defaultBuilder{},
Cli: docker,
host: host,
auths: auths,
r: r,
w: w,
}
return wrapped, nil
@@ -164,6 +162,14 @@ func (c *cli) rc() *regclient.RegClient {
// tail is meant to be called as a goroutine and will pipe output from the CLI
// back to the Pulumi engine. Requires a corresponding call to close.
func (c *cli) tail(ctx context.Context) {
c.done = make(chan struct{}, 1)
defer func() {
c.done <- struct{}{}
if err := recover(); err != nil {
fmt.Fprintf(os.Stderr, "recovered: %s\n", err)
}
}()
b := bytes.Buffer{}
s := bufio.NewScanner(c.r)
@@ -187,13 +193,17 @@ func (c *cli) tail(ctx context.Context) {
// close flushes any outstanding logs and cleans up resources.
func (c *cli) Close() error {
return errors.Join(c.w.Close(), c.r.Close())
err := errors.Join(c.w.Close(), c.r.Close())
if c.done != nil {
<-c.done
}
return err
}
// execBuild performs a build by os.Exec'ing the docker-buildx binary.
// Credentials are communicated to docker-buildx via a temporary directory.
// Secrets are communicated via dynamic environment variables.
func (c *cli) execBuild(ctx context.Context, b Build) (*client.SolveResponse, error) {
func (c *cli) execBuild(b Build) (*client.SolveResponse, error) {
// Setup a temporary directory for auth, and clean it up when we're done.
tmp, err := os.MkdirTemp("", "pulumi-docker-")
if err != nil {
@@ -203,7 +213,7 @@ func (c *cli) execBuild(ctx context.Context, b Build) (*client.SolveResponse, er
opts := b.BuildOptions()
builder, err := c.host.builderFor(ctx, b)
builder, err := c.host.builderFor(b)
if err != nil {
return nil, err
}
@@ -329,7 +339,7 @@ func (c *cli) execBuild(ctx context.Context, b Build) (*client.SolveResponse, er
}
// Invoke docker-buildx.
err = c.exec(ctx, args, env)
err = c.exec(args, env)
if err != nil {
return nil, err
}
@@ -368,7 +378,7 @@ func (c *cli) execBuild(ctx context.Context, b Build) (*client.SolveResponse, er
// exec invokes a Docker plugin binary. The first argument should be the name
// of the plugin's subcommand, e.g. "buildx".
func (c *cli) exec(ctx context.Context, args, extraEnv []string) error {
func (c *cli) exec(args, extraEnv []string) error {
if len(args) == 0 {
return errors.New("args must be non-empty")
}
@@ -385,18 +395,16 @@ func (c *cli) exec(ctx context.Context, args, extraEnv []string) error {
defer contract.IgnoreClose(c.w)
runCmd, err := manager.PluginRunCommand(c, name, root)
cmd, err := manager.PluginRunCommand(c, name, root)
if err != nil {
return err
}
// Create a new command that inherits from ctx.
cmd := exec.CommandContext(ctx, //nolint:gosec // We take the first argument and binary from runCmd.
runCmd.Path, append([]string{runCmd.Args[1]}, args...)...,
)
cmd.Args = append([]string{cmd.Args[0]}, args...)
cmd.Stderr = c.Err()
cmd.Stdout = c.Out()
cmd.Stdin = c.In()
cmd.Env = append(runCmd.Env, extraEnv...) //nolint:gocritic // We are intentionally assigning from runCmd to cmd
cmd.Env = append(cmd.Env, extraEnv...)
return cmd.Run()
}

4
provider/internal/cli_test.go
View File

@@ -28,12 +28,12 @@ import (
func TestExec(t *testing.T) {
t.Parallel()
h, err := newHost(t.Context(), nil)
h, err := newHost(context.Background(), nil)
require.NoError(t, err)
cli, err := wrap(h)
require.NoError(t, err)
err = cli.exec(t.Context(), []string{"buildx", "version"}, nil)
err = cli.exec([]string{"buildx", "version"}, nil)
assert.NoError(t, err)
out, err := io.ReadAll(cli.r)

117
provider/internal/client.go
View File

@@ -12,7 +12,7 @@
// See the License for the specific language governing permissions and
// limitations under the License.
//go:generate go run go.uber.org/mock/mockgen -typed -package internal -source client.go -destination mockclient_test.go --self_package github.com/pulumi/pulumi-docker-build/provider/internal -imports buildx=github.com/docker/buildx/build
//go:generate go run go.uber.org/mock/mockgen -typed -package internal -source client.go -destination mockclient_test.go --self_package github.com/pulumi/pulumi-docker-build/provider/internal
package internal
@@ -26,7 +26,6 @@ import (
"github.com/distribution/reference"
buildx "github.com/docker/buildx/build"
"github.com/docker/buildx/builder"
"github.com/docker/buildx/commands"
controllerapi "github.com/docker/buildx/controller/pb"
"github.com/docker/buildx/util/confutil"
@@ -63,36 +62,6 @@ type Client interface {
SupportsMultipleExports() bool
}
// registryGetter is something that can return a list of [Registry].
type registryGetter interface {
GetRegistries() []Registry
}
// clientF builds a Docker client. The order of registryGetters is significant.
// We typically prefer credentials from args, then provider config, then the
// host. Provide them to this function in order of increasing priority: host,
// config, args.
//
// We ignore state because if its creds differ from those in args then they are
// likely volatile and also likely expired.
type clientF func(context.Context, *host, ...registryGetter) (Client, error)
// RealClientF builds a real Docker client with auth layered on top of the
// host's latent credentials.
func RealClientF(_ context.Context, host *host, getters ...registryGetter) (Client, error) {
auths := []Registry{}
for _, rg := range getters {
auths = append(auths, rg.GetRegistries()...)
}
return wrap(host, auths...)
}
func mockClientF(c Client) clientF {
return func(context.Context, *host, ...registryGetter) (Client, error) {
return c, nil
}
}
// Build encapsulates all of the user-provider build parameters and options.
type Build interface {
BuildOptions() controllerapi.BuildOptions
@@ -137,10 +106,10 @@ func (c *cli) Build(
defer contract.IgnoreClose(c)
if build.ShouldExec() {
return c.execBuild(ctx, build)
return c.execBuild(build)
}
b, err := c.host.builderFor(ctx, build)
b, err := c.host.builderFor(build)
if err != nil {
return nil, err
}
@@ -154,15 +123,9 @@ func (c *cli) Build(
if err != nil {
return nil, fmt.Errorf("creating printer: %w", err)
}
defer func() {
// Wait for logs to flush if the build finished, but not if we're
// exiting early.
if ctx.Err() == nil {
_ = printer.Wait()
}
// Log any warnings we got, separated by newlines.
// Log any warnings when we're done.
_ = printer.Wait()
for _, w := range printer.Warnings() {
b := &bytes.Buffer{}
_, _ = b.Write(w.Short)
@@ -255,46 +218,27 @@ func (c *cli) Build(
Session: []session.Attachable{
ssh,
authprovider.NewDockerAuthProvider(authprovider.DockerAuthProviderConfig{ConfigFile: c.ConfigFile()}),
authprovider.NewDockerAuthProvider(c.ConfigFile(), nil),
build.Secrets(),
},
},
}
resultC := make(chan map[string]*client.SolveResponse)
errC := make(chan error)
// buildx.Build doesn't handle context cancellation, so we monitor it in a
// goroutine. cli.Close cleans up our file descriptors, so if we do exit
// early the remote build should terminate as soon as it sees the pipe has
// broken.
go func() {
defer close(resultC)
defer close(errC)
results, err := c.builder.Build(
ctx,
b.nodes,
payload,
dockerutil.NewClient(c),
confutil.NewConfig(c),
printer,
)
if err != nil {
errC <- err
return
}
resultC <- results
}()
select {
case results := <-resultC:
return results[target], nil
case err := <-errC:
// Perform the build.
results, err := buildx.Build(
ctx,
b.nodes,
payload,
dockerutil.NewClient(c),
confutil.NewConfig(c),
printer,
)
if err != nil {
c.dumplogs = true
return nil, err
case <-ctx.Done():
return nil, ctx.Err()
}
return results[target], err
}
// BuildKitEnabled returns true if the client supports buildkit.
@@ -410,31 +354,6 @@ func (c *cli) Delete(ctx context.Context, r string) error {
return nil
}
// Builder allows injecting mock responses from the build daemon.
type Builder interface {
Build(
ctx context.Context,
nodes []builder.Node,
opts map[string]buildx.Options,
docker *dockerutil.Client,
cfg *confutil.Config,
w progress.Writer,
) (resp map[string]*client.SolveResponse, err error)
}
type defaultBuilder struct{}
func (defaultBuilder) Build(
ctx context.Context,
nodes []builder.Node,
opts map[string]buildx.Options,
docker *dockerutil.Client,
cfg *confutil.Config,
w progress.Writer,
) (resp map[string]*client.SolveResponse, err error) {
return buildx.Build(ctx, nodes, opts, docker, cfg, w)
}
func normalizeReference(ref string) (reference.Named, error) {
namedRef, err := reference.ParseNormalizedNamed(ref)
if err != nil {

37
provider/internal/client_test.go
View File

@@ -17,23 +17,15 @@ package internal
import (
"bytes"
"context"
"errors"
"io"
"log/slog"
"os"
"path/filepath"
"testing"
buildx "github.com/docker/buildx/build"
"github.com/docker/buildx/builder"
"github.com/docker/buildx/util/confutil"
"github.com/docker/buildx/util/dockerutil"
"github.com/docker/buildx/util/progress"
"github.com/docker/docker/api/types/registry"
"github.com/moby/buildkit/client"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"go.uber.org/mock/gomock"
)
func TestAuth(t *testing.T) {
@@ -440,35 +432,6 @@ func TestBuildExecError(t *testing.T) {
}
}
func TestBuildCancelation(t *testing.T) {
t.Parallel()
cli := testcli(t, true)
ctrl := gomock.NewController(t)
ctx, cancel := context.WithCancel(context.Background())
b := NewMockBuilder(ctrl)
b.EXPECT().Build(
gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any(),
).DoAndReturn(func(
_ context.Context,
_ []builder.Node,
_ map[string]buildx.Options,
_ *dockerutil.Client,
_ *confutil.Config,
_ progress.Writer,
) (map[string]*client.SolveResponse, error) {
cancel()
return nil, errors.New("cancel wasn't respected")
})
cli.builder = b
resp, err := cli.Build(ctx, &build{})
assert.ErrorIs(t, err, context.Canceled)
assert.Nil(t, resp)
}
// testcli returns a new standalone CLI instance. Set ping to true if a live
// daemon is required -- the test will be skipped if the daemon is not available.
func testcli(t *testing.T, ping bool, auths ...Registry) *cli {

191
provider/internal/deprecated/configencoding.go Normal file
View File

@@ -0,0 +1,191 @@
// Copyright 2024, Pulumi Corporation.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package deprecated
import (
"encoding/json"
"fmt"
"github.com/pulumi/pulumi/pkg/v3/codegen/schema"
"github.com/pulumi/pulumi/sdk/v3/go/common/resource"
"github.com/pulumi/pulumi/sdk/v3/go/common/resource/plugin"
)
// ConfigEncoding handles unmarshaling legacy JSON provider config.
type ConfigEncoding struct {
schema schema.ConfigSpec
}
// New constructs a new config encoder for the provided spec.
func New(s schema.ConfigSpec) *ConfigEncoding {
return &ConfigEncoding{schema: s}
}
func (*ConfigEncoding) tryUnwrapSecret(encoded any) (any, bool) {
m, ok := encoded.(map[string]any)
if !ok {
return nil, false
}
sig, ok := m["4dabf18193072939515e22adb298388d"]
if !ok {
return nil, false
}
ss, ok := sig.(string)
if !ok {
return nil, false
}
if ss != "1b47061264138c4ac30d75fd1eb44270" {
return nil, false
}
value, ok := m["value"]
return value, ok
}
func (enc *ConfigEncoding) convertStringToPropertyValue(s string, prop schema.PropertySpec) (
resource.PropertyValue, error,
) {
// If the schema expects a string, we can just return this as-is.
if prop.Type == "string" {
return resource.NewStringProperty(s), nil
}
// Otherwise, we will attempt to deserialize the input string as JSON and convert the result into a Pulumi
// property. If the input string is empty, we will return an appropriate zero value.
if s == "" {
return enc.zeroValue(prop.Type), nil
}
var jsonValue interface{}
if err := json.Unmarshal([]byte(s), &jsonValue); err != nil {
return resource.PropertyValue{}, err
}
opts := enc.unmarshalOpts()
// Instead of using resource.NewPropertyValue, specialize it to detect nested json-encoded secrets.
var replv func(encoded any) (resource.PropertyValue, bool)
replv = func(encoded any) (resource.PropertyValue, bool) {
encodedSecret, isSecret := enc.tryUnwrapSecret(encoded)
if !isSecret {
return resource.NewNullProperty(), false
}
v := resource.NewPropertyValueRepl(encodedSecret, nil, replv)
if opts.KeepSecrets {
v = resource.MakeSecret(v)
}
return v, true
}
return resource.NewPropertyValueRepl(jsonValue, nil, replv), nil
}
func (*ConfigEncoding) zeroValue(typ string) resource.PropertyValue {
switch typ {
case "boolean":
return resource.NewPropertyValue(false)
case "integer", "number":
return resource.NewPropertyValue(0)
case "array":
return resource.NewPropertyValue([]interface{}{})
default:
return resource.NewPropertyValue(map[string]interface{}{})
}
}
func (enc *ConfigEncoding) unmarshalOpts() plugin.MarshalOptions {
return plugin.MarshalOptions{
Label: "config",
KeepUnknowns: true,
KeepSecrets: true,
SkipNulls: true,
RejectAssets: true,
}
}
// Like plugin.UnmarshalPropertyValue but overrides string parsing with convertStringToPropertyValue.
func (enc *ConfigEncoding) unmarshalPropertyValue(key resource.PropertyKey,
pv resource.PropertyValue,
) (resource.PropertyValue, error) {
opts := enc.unmarshalOpts()
prop, ok := enc.schema.Variables[string(key)]
// Only apply JSON-encoded recognition for known fields.
if !ok {
return pv, nil
}
var (
jsonString string
jsonStringDetected, jsonStringSecret bool
)
if pv.IsString() {
jsonString = pv.StringValue()
jsonStringDetected = true
}
if opts.KeepSecrets && pv.IsSecret() && pv.SecretValue().Element.IsString() {
jsonString = pv.SecretValue().Element.StringValue()
jsonStringDetected = true
jsonStringSecret = true
}
if jsonStringDetected {
v, err := enc.convertStringToPropertyValue(jsonString, prop)
if err != nil {
return resource.PropertyValue{}, fmt.Errorf("error unmarshalling property %q: %w", key, err)
}
if jsonStringSecret {
return resource.MakeSecret(v), nil
}
return v, nil
}
// Computed sentinels are coming in as always having an empty string, but the encoding coerces them to a zero
// value of the appropriate type.
if pv.IsComputed() {
el := pv.V.(resource.Computed).Element
if el.IsString() && el.StringValue() == "" {
res := resource.MakeComputed(enc.zeroValue(prop.Type))
return res, nil
}
}
return pv, nil
}
// UnmarshalProperties is copied from plugin.UnmarshalProperties substituting plugin.UnmarshalPropertyValue.
func (enc *ConfigEncoding) UnmarshalProperties(
props resource.PropertyMap,
) (resource.PropertyMap, error) {
result := make(resource.PropertyMap)
// First sort the keys so we enumerate them in order (in case errors happen, we want determinism).
keys := props.StableKeys()
// And now unmarshal every field it into the map.
for _, key := range keys {
v, err := enc.unmarshalPropertyValue(key, props[key])
if err != nil {
return resource.PropertyMap{}, err
}
result[key] = v
}
return result, nil
}

265
provider/internal/deprecated/configencoding_test.go Normal file
View File

@@ -0,0 +1,265 @@
// Copyright 2024, Pulumi Corporation.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package deprecated
import (
"fmt"
"strconv"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/pulumi/pulumi/pkg/v3/codegen/schema"
"github.com/pulumi/pulumi/sdk/v3/go/common/resource"
)
func TestConfigEncoding(t *testing.T) {
t.Parallel()
type testCase struct {
ty schema.TypeSpec
given resource.PropertyValue
want resource.PropertyValue
}
knownKey := "mykey"
makeEnc := func(typ schema.TypeSpec) *ConfigEncoding {
return New(
schema.ConfigSpec{
Variables: map[string]schema.PropertySpec{
knownKey: {
TypeSpec: typ,
},
},
},
)
}
checkUnmarshal := func(t *testing.T, tc testCase) {
enc := makeEnc(tc.ty)
key := resource.PropertyKey(knownKey)
actual, err := enc.unmarshalPropertyValue(key, tc.given)
require.NoError(t, err)
assert.Equal(t, tc.want, actual)
}
turnaroundTestCases := []testCase{
{
schema.TypeSpec{Type: "boolean"},
resource.NewPropertyValue(`true`),
resource.NewBoolProperty(true),
},
{
schema.TypeSpec{Type: "boolean"},
resource.NewPropertyValue(`false`),
resource.NewBoolProperty(false),
},
{
schema.TypeSpec{Type: "integer"},
resource.NewPropertyValue(`0`),
resource.NewNumberProperty(0),
},
{
schema.TypeSpec{Type: "integer"},
resource.NewPropertyValue(`42`),
resource.NewNumberProperty(42),
},
{
schema.TypeSpec{Type: "number"},
resource.NewPropertyValue(`0`),
resource.NewNumberProperty(0.0),
},
{
schema.TypeSpec{Type: "number"},
resource.NewPropertyValue(`42.5`),
resource.NewNumberProperty(42.5),
},
{
schema.TypeSpec{Type: "string"},
resource.NewStringProperty(""),
resource.NewStringProperty(""),
},
{
schema.TypeSpec{Type: "string"},
resource.NewStringProperty("hello"),
resource.NewStringProperty("hello"),
},
{
schema.TypeSpec{Type: "array"},
resource.NewPropertyValue(`[]`),
resource.NewArrayProperty([]resource.PropertyValue{}),
},
{
schema.TypeSpec{Type: "array"},
resource.NewPropertyValue(`["hello","there"]`),
resource.NewArrayProperty([]resource.PropertyValue{
resource.NewStringProperty("hello"),
resource.NewStringProperty("there"),
}),
},
{
schema.TypeSpec{Type: "object"},
resource.NewPropertyValue(`{}`),
resource.NewObjectProperty(resource.PropertyMap{}),
},
{
schema.TypeSpec{Type: "object"},
resource.NewPropertyValue(`{"key":"value"}`),
resource.NewObjectProperty(resource.PropertyMap{
"key": resource.NewStringProperty("value"),
}),
},
}
t.Run("turnaround", func(t *testing.T) {
for i, tc := range turnaroundTestCases {
t.Run(strconv.Itoa(i), func(t *testing.T) {
t.Parallel()
checkUnmarshal(t, tc)
})
}
})
t.Run("zero_values", func(t *testing.T) {
// Historically the encoding was able to convert empty strings into type-appropriate zero values.
cases := []testCase{
{
schema.TypeSpec{Type: "boolean"},
resource.NewPropertyValue(""),
resource.NewBoolProperty(false),
},
{
schema.TypeSpec{Type: "number"},
resource.NewPropertyValue(""),
resource.NewNumberProperty(0.),
},
{
schema.TypeSpec{Type: "integer"},
resource.NewPropertyValue(""),
resource.NewNumberProperty(0),
},
{
schema.TypeSpec{Type: "string"},
resource.NewPropertyValue(""),
resource.NewStringProperty(""),
},
{
schema.TypeSpec{Type: "object"},
resource.NewPropertyValue(""),
resource.NewObjectProperty(make(resource.PropertyMap)),
},
{
schema.TypeSpec{Type: "array"},
resource.NewPropertyValue(""),
resource.NewArrayProperty([]resource.PropertyValue{}),
},
}
for _, tc := range cases {
t.Run(fmt.Sprintf("%v", tc.ty), func(t *testing.T) {
t.Parallel()
checkUnmarshal(t, tc)
})
}
})
t.Run("computed", func(t *testing.T) {
unk := resource.MakeComputed(resource.NewStringProperty(""))
for i, tc := range turnaroundTestCases {
t.Run(strconv.Itoa(i), func(t *testing.T) {
t.Parallel()
// Unknown sentinel unmarshals to a Computed with a type-appropriate zero value.
checkUnmarshal(t, testCase{
ty: tc.ty,
given: unk,
want: resource.MakeComputed(makeEnc(tc.ty).zeroValue(tc.ty.Type)),
})
})
}
})
t.Run("secret", func(t *testing.T) {
// Unmarshalling happens with KeepSecrets=false, replacing them with the underlying values. This case
// does not need to be tested.
//
// Marhalling however supports sending secrets back to the engine, intending to mark values as secret
// that happen on paths that are declared as secret in the schema. Due to the limitation of the
// JSON-in-proto-encoding, secrets are communicated imprecisely as an approximation: if any nested
// element of a property is secret, the entire property is marshalled as secret.
var secretCases []testCase
for _, tc := range turnaroundTestCases {
secretCases = append(secretCases, testCase{
ty: tc.ty,
given: resource.MakeSecret(tc.given),
want: resource.MakeSecret(tc.want),
})
}
for i, tc := range secretCases {
t.Run(strconv.Itoa(i), func(t *testing.T) {
t.Parallel()
checkUnmarshal(t, tc)
})
}
t.Run("nested secrets", func(t *testing.T) {
checkUnmarshal(t, testCase{
schema.TypeSpec{Type: "object"},
resource.MakeSecret(resource.NewPropertyValue(`{"key":"val"}`)),
resource.MakeSecret(resource.NewObjectProperty(resource.PropertyMap{
"key": resource.NewStringProperty("val"),
})),
})
})
})
regressUnmarshalTestCases := []testCase{
{
schema.TypeSpec{Type: "array"},
resource.NewPropertyValue(`
[
{
"address": "somewhere.org",
"password": {
"4dabf18193072939515e22adb298388d": "1b47061264138c4ac30d75fd1eb44270",
"value": "some-password"
},
"username": "some-user"
}
]`),
resource.NewArrayProperty([]resource.PropertyValue{
resource.NewObjectProperty(resource.PropertyMap{
"address": resource.NewStringProperty("somewhere.org"),
"password": resource.MakeSecret(resource.NewStringProperty("some-password")),
"username": resource.NewStringProperty("some-user"),
}),
}),
},
}
t.Run("regress-unmarshal", func(t *testing.T) {
for i, tc := range regressUnmarshalTestCases {
t.Run(strconv.Itoa(i), func(t *testing.T) {
t.Parallel()
checkUnmarshal(t, tc)
})
}
})
}

19
provider/internal/deprecated/doc.go Normal file
View File

@@ -0,0 +1,19 @@
// Copyright 2024, Pulumi Corporation.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// Package deprecated vendors config parsing from pulumi-terraform-bridge.
//
// Originally taken from here:
// https://github.com/pulumi/pulumi-terraform-bridge/blob/90733a0c7/pkg/tfbridge/config_encoding.go
package deprecated

79
provider/internal/export.go
View File

@@ -22,8 +22,7 @@ import (
"strings"
controllerapi "github.com/docker/buildx/controller/pb"
"github.com/moby/buildkit/client"
"github.com/tonistiigi/go-csvvalue"
"github.com/docker/buildx/util/buildflags"
"github.com/pulumi/pulumi-go-provider/infer"
)
@@ -110,7 +109,7 @@ func (e Export) String() string {
// pushed returns true if the export would result in a registry push.
func (e Export) pushed() bool {
if e.Raw != "" {
exp, err := parseExports([]string{e.Raw.String()})
exp, err := buildflags.ParseExports([]string{e.Raw.String()})
if err != nil {
return false
}
@@ -125,86 +124,14 @@ func (e Export) pushed() bool {
return false
}
// parseExports is forked from docker/buildx@v0.18.0 from util/buildflags/export.go
// to maintain the old logic. This is to get a working version of the provider with
// the latest buildx while maintaining the old behaviour.
//
// TODO: Remove this fork and update existing logic/tests.
func parseExports(inp []string) ([]*controllerapi.ExportEntry, error) {
if len(inp) == 0 {
return nil, nil
}
outs := make([]*controllerapi.ExportEntry, 0, len(inp))
for _, s := range inp {
fields, err := csvvalue.Fields(s, nil)
if err != nil {
return nil, err
}
out := controllerapi.ExportEntry{
Attrs: map[string]string{},
}
if len(fields) == 1 && fields[0] == s && !strings.HasPrefix(s, "type=") {
if s != "-" {
outs = append(outs, &controllerapi.ExportEntry{
Type: client.ExporterLocal,
Destination: s,
})
continue
}
out = controllerapi.ExportEntry{
Type: client.ExporterTar,
Destination: s,
}
}
if out.Type == "" {
for _, field := range fields {
parts := strings.SplitN(field, "=", 2)
if len(parts) != 2 {
return nil, fmt.Errorf("invalid value %s", field)
}
key := strings.TrimSpace(strings.ToLower(parts[0]))
value := parts[1]
switch key {
case "type":
out.Type = value
default:
out.Attrs[key] = value
}
}
}
if out.Type == "" {
return nil, errors.New("type is required for output")
}
if out.Type == "registry" {
out.Type = client.ExporterImage
if _, ok := out.Attrs["push"]; !ok {
out.Attrs["push"] = "true"
}
}
if dest, ok := out.Attrs["dest"]; ok {
out.Destination = dest
delete(out.Attrs, "dest")
}
outs = append(outs, &out)
}
return outs, nil
}
func (e Export) validate(preview bool, tags []string) (*controllerapi.ExportEntry, error) {
if strings.Count(e.String(), "type=") > 1 {
return nil, errors.New("exports should only specify one export type")
}
ee, err := parseExports([]string{e.String()})
ee, err := buildflags.ParseExports([]string{e.String()})
if err != nil {
return nil, err
}
exp := ee[0]
if len(tags) == 0 && isRegistryPush(exp) && exp.Attrs["name"] == "" {
return nil, errors.New(

33
provider/internal/host.go
View File

@@ -16,10 +16,8 @@ package internal
import (
"context"
"errors"
"fmt"
"path/filepath"
"strings"
"sync"
"time"
@@ -70,7 +68,7 @@ func newHost(ctx context.Context, config *Config) (*host, error) {
//
// If the build doesn't specify a builder by name, we will iterate through all
// available builders until we find one that we can connect to.
func (h *host) builderFor(ctx context.Context, build Build) (*cachedBuilder, error) {
func (h *host) builderFor(build Build) (*cachedBuilder, error) {
h.mu.Lock()
defer h.mu.Unlock()
@@ -95,19 +93,6 @@ func (h *host) builderFor(ctx context.Context, build Build) (*cachedBuilder, err
builder.WithContextPathHash(contextPathHash),
builder.WithStore(txn),
)
if err != nil && build.ShouldExec() && strings.HasPrefix(opts.Builder, "cloud-") {
//nolint:revive // Human-readable.
err = errors.Join(err,
errors.New("Make sure you're logged in to Docker (`docker login`) if you're trying to use a cloud builder."),
errors.New("Make sure you have the correct buildx plugin installed (https://github.com/docker/buildx-desktop)."),
)
}
if err != nil && build.ShouldExec() {
//nolint:revive // Human-readable.
err = errors.Join(err, errors.New(
"Make sure your buildx plugin is executable (`docker buildx version`)"),
)
}
if err != nil {
return nil, fmt.Errorf("new builder: %w", err)
}
@@ -131,7 +116,7 @@ func (h *host) builderFor(ctx context.Context, build Build) (*cachedBuilder, err
if bb.Err() != nil {
continue
}
nodes, err := bb.LoadNodes(ctx)
nodes, err := bb.LoadNodes(context.Background())
if err != nil {
continue
}
@@ -140,7 +125,7 @@ func (h *host) builderFor(ctx context.Context, build Build) (*cachedBuilder, err
if n.Driver == nil {
continue nextbuilder
}
if _, err := n.Driver.Dial(ctx); err != nil {
if _, err := n.Driver.Dial(context.Background()); err != nil {
continue nextbuilder
}
// TODO: Confirm the builder supports the requested platforms.
@@ -154,7 +139,7 @@ func (h *host) builderFor(ctx context.Context, build Build) (*cachedBuilder, err
// If we STILL don't have a builder, create a docker-container instance.
b, err = builder.Create(
ctx,
context.Background(),
txn,
h.cli,
builder.CreateOpts{Driver: "docker-container"},
@@ -162,7 +147,7 @@ func (h *host) builderFor(ctx context.Context, build Build) (*cachedBuilder, err
if err != nil {
return nil, fmt.Errorf("creating builder: %w", err)
}
ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
if _, err := b.Boot(ctx); err != nil {
return nil, fmt.Errorf("booting builder: %w", err)
@@ -172,14 +157,8 @@ func (h *host) builderFor(ctx context.Context, build Build) (*cachedBuilder, err
// Attempt to load nodes in order to determine the builder's driver. Ignore
// errors for "exec" builds because it's possible to request builders with
// drivers that are unknown to us.
nodes, err := b.LoadNodes(ctx, builder.WithData())
nodes, err := b.LoadNodes(context.Background(), builder.WithData())
if err != nil && !build.ShouldExec() {
if strings.Contains(err.Error(), "failed to find driver") {
//nolint:revive // Human-readable.
err = errors.Join(err, errors.New(
"Use `exec: true` if you're trying to use Docker Build Cloud or other custom drivers.",
))
}
return nil, fmt.Errorf("loading nodes: %w", err)
}
// Attempt to determine our builder's buildkit version.

157
provider/internal/image.go
View File

@@ -38,7 +38,7 @@ import (
provider "github.com/pulumi/pulumi-go-provider"
"github.com/pulumi/pulumi-go-provider/infer"
"github.com/pulumi/pulumi/sdk/v3/go/property"
"github.com/pulumi/pulumi/sdk/v3/go/common/resource"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
@@ -61,10 +61,7 @@ var _imageExamples string
var _migration string
// Image is a Docker image build using buildkit.
type Image struct {
clientF clientF
config *Config
}
type Image struct{}
// Annotate provides a description of the Image resource.
func (i *Image) Annotate(a infer.Annotator) {
@@ -284,11 +281,6 @@ func (ia *ImageArgs) Annotate(a infer.Annotator) {
a.SetDefault(&ia.Network, Default)
}
// GetRegistries returns the image's registries, if any.
func (ia ImageArgs) GetRegistries() []Registry {
return ia.Registries
}
// ImageState is serialized to the program's state file.
type ImageState struct {
ImageArgs
@@ -337,25 +329,38 @@ func (is *ImageState) Annotate(a infer.Annotator) {
// client produces a CLI client scoped to this resource and layered on top of
// any host-level credentials.
func (i *Image) client(ctx context.Context, args ImageArgs) (Client, error) {
return i.clientF(ctx, i.config.getHost(), i.config, args)
func (i *Image) client(ctx context.Context, state ImageState, args ImageArgs) (Client, error) {
cfg := infer.GetConfig[Config](ctx)
if cli, ok := ctx.Value(_mockClientKey).(Client); ok {
return cli, nil
}
// We prefer auth from args, the provider, and state in that order. We
// build a slice in reverse order because wrap() will overwrite earlier
// entries with later ones.
auths := []Registry{}
auths = append(auths, cfg.Registries...)
auths = append(auths, args.Registries...)
return wrap(cfg.host, auths...)
}
// Check validates ImageArgs, sets defaults, and ensures our client is
// authenticated.
func (i *Image) Check(
ctx context.Context,
req infer.CheckRequest,
) (infer.CheckResponse[ImageArgs], error) {
args, failures, err := infer.DefaultCheck[ImageArgs](ctx, req.NewInputs)
_ string,
_ resource.PropertyMap,
news resource.PropertyMap,
) (ImageArgs, []provider.CheckFailure, error) {
args, failures, err := infer.DefaultCheck[ImageArgs](ctx, news)
if err != nil || len(failures) != 0 {
return infer.CheckResponse[ImageArgs]{Failures: failures, Inputs: args}, err
return args, failures, err
}
// If the inputs aren't fully resolved we perform a weaker validation, for
// example we might not be able to check the Dockerfile for syntactic
// correctness.
preview := property.New(req.NewInputs).HasComputed()
// :(
preview := news.ContainsUnknowns()
cfg := infer.GetConfig[Config](ctx)
supportsMultipleExports := true
@@ -371,7 +376,7 @@ func (i *Image) Check(
}
}
return infer.CheckResponse[ImageArgs]{Failures: failures, Inputs: args}, err
return args, failures, err
}
type checkFailure struct {
@@ -678,11 +683,12 @@ func (ia *ImageArgs) validate(supportsMultipleExports, preview bool) (controller
// Create builds an image using buildkit.
func (i *Image) Create(
ctx context.Context,
req infer.CreateRequest[ImageArgs],
) (infer.CreateResponse[ImageState], error) {
input := req.Inputs
name string,
input ImageArgs,
preview bool,
) (string, ImageState, error) {
state := ImageState{ImageArgs: input}
id := req.Name
id := name
// Default our ref to one of our tags.
for _, tag := range state.Tags {
@@ -693,31 +699,22 @@ func (i *Image) Create(
break
}
cli, err := i.client(ctx, input)
cli, err := i.client(ctx, state, input)
if err != nil {
return infer.CreateResponse[ImageState]{ID: id, Output: state}, err
return id, state, err
}
ok, err := cli.BuildKitEnabled()
if err != nil {
return infer.CreateResponse[ImageState]{
ID: id,
Output: state,
}, fmt.Errorf("checking buildkit compatibility: %w", err)
return id, state, fmt.Errorf("checking buildkit compatibility: %w", err)
}
if !ok {
return infer.CreateResponse[ImageState]{
ID: id,
Output: state,
}, errors.New("buildkit is not supported on this host")
return id, state, errors.New("buildkit is not supported on this host")
}
build, err := input.toBuild(ctx, cli.SupportsMultipleExports(), req.DryRun)
build, err := input.toBuild(ctx, cli.SupportsMultipleExports(), preview)
if err != nil {
return infer.CreateResponse[ImageState]{
ID: id,
Output: state,
}, fmt.Errorf("preparing: %w", err)
return id, state, fmt.Errorf("preparing: %w", err)
}
hash, err := hashBuildContext(
@@ -726,24 +723,21 @@ func (i *Image) Create(
input.Context.Named.Map(),
)
if err != nil {
return infer.CreateResponse[ImageState]{
ID: id,
Output: state,
}, fmt.Errorf("hashing build context: %w", err)
return id, state, fmt.Errorf("hashing build context: %w", err)
}
state.ContextHash = hash
if req.DryRun && !input.shouldBuildOnPreview() {
return infer.CreateResponse[ImageState]{ID: id, Output: state}, nil
if preview && !input.shouldBuildOnPreview() {
return id, state, nil
}
if req.DryRun && !input.buildable() {
if preview && !input.buildable() {
provider.GetLogger(ctx).Warning("Skipping preview build because some inputs are unknown.")
return infer.CreateResponse[ImageState]{ID: id, Output: state}, nil
return id, state, nil
}
result, err := cli.Build(ctx, build)
if err != nil {
return infer.CreateResponse[ImageState]{ID: id, Output: state}, err
return id, state, err
}
if d, ok := result.ExporterResponse[exptypes.ExporterImageDigestKey]; ok {
@@ -753,7 +747,7 @@ func (i *Image) Create(
if state.Digest == "" {
// Can't construct a ref, nothing else to do.
return infer.CreateResponse[ImageState]{ID: id, Output: state}, nil
return id, state, nil
}
// Take the first registry tag we find and add a digest to it. That becomes
@@ -768,7 +762,7 @@ func (i *Image) Create(
break
}
return infer.CreateResponse[ImageState]{ID: id, Output: state}, nil
return id, state, nil
}
// Update builds a new image. Normally we create-replace resources, but for
@@ -776,41 +770,36 @@ func (i *Image) Create(
// updates and simply re-build the image without deleting anything.
func (i *Image) Update(
ctx context.Context,
req infer.UpdateRequest[ImageArgs, ImageState],
) (infer.UpdateResponse[ImageState], error) {
resp, err := i.Create(ctx,
infer.CreateRequest[ImageArgs]{Name: req.ID, Inputs: req.Inputs, DryRun: req.DryRun},
)
return infer.UpdateResponse[ImageState]{Output: resp.Output}, err
name string,
_ ImageState,
input ImageArgs,
preview bool,
) (ImageState, error) {
_, state, err := i.Create(ctx, name, input, preview)
return state, err
}
// Read attempts to read manifests from an image's exports. An image without
// exports will have no manifests.
func (i *Image) Read(
ctx context.Context,
req infer.ReadRequest[ImageArgs, ImageState],
name string,
input ImageArgs,
state ImageState,
) (
infer.ReadResponse[ImageArgs, ImageState],
string, // id
ImageArgs, // normalized inputs
ImageState, // normalized state
error,
) {
state, input := req.State, req.Inputs
cli, err := i.client(ctx, input)
cli, err := i.client(ctx, state, input)
if err != nil {
return infer.ReadResponse[ImageArgs, ImageState]{
ID: req.ID,
Inputs: input,
State: state,
}, err
return name, input, state, err
}
if !state.isExported() {
// Nothing was pushed -- all done.
return infer.ReadResponse[ImageArgs, ImageState]{
ID: req.ID,
Inputs: input,
State: state,
}, nil
return name, input, state, nil
}
tagsToKeep := []string{}
@@ -846,29 +835,29 @@ func (i *Image) Read(
// If we couldn't find the tags we expected then return an empty ID to
// delete the resource.
if len(input.Tags) > 0 && len(tagsToKeep) == 0 {
return infer.ReadResponse[ImageArgs, ImageState]{ID: "", Inputs: input, State: state}, nil
return "", input, state, nil
}
state.Tags = tagsToKeep
return infer.ReadResponse[ImageArgs, ImageState]{ID: req.ID, Inputs: input, State: state}, nil
return name, input, state, nil
}
// Delete deletes an Image. If the Image was already deleted out-of-band it is
// treated as a success.
func (i *Image) Delete(
ctx context.Context,
req infer.DeleteRequest[ImageState],
) (infer.DeleteResponse, error) {
state := req.State
cli, err := i.client(ctx, state.ImageArgs)
_ string,
state ImageState,
) error {
cli, err := i.client(ctx, state, state.ImageArgs)
if err != nil {
return infer.DeleteResponse{}, err
return err
}
if state.Digest == "" {
// Nothing was exported. Just try to delete the local image.
return infer.DeleteResponse{}, cli.Delete(ctx, state.Ref)
return cli.Delete(ctx, state.Ref)
}
digests := []string{}
@@ -896,17 +885,17 @@ func (i *Image) Delete(
multierr = errors.Join(multierr, err)
}
return infer.DeleteResponse{}, multierr
return multierr
}
// Diff re-implements most of the default diff behavior, with the exception of
// ignoring "password" changes on registry inputs.
func (*Image) Diff(
_ context.Context,
req infer.DiffRequest[ImageArgs, ImageState],
_ string,
olds ImageState,
news ImageArgs,
) (provider.DiffResponse, error) {
olds, news := req.State, req.Inputs
diff := map[string]provider.PropertyDiff{}
update := provider.PropertyDiff{Kind: provider.Update}

451
provider/internal/image_test.go
View File

@@ -35,11 +35,9 @@ import (
"go.uber.org/mock/gomock"
provider "github.com/pulumi/pulumi-go-provider"
"github.com/pulumi/pulumi-go-provider/infer"
"github.com/pulumi/pulumi-go-provider/integration"
"github.com/pulumi/pulumi/sdk/v3/go/common/resource"
"github.com/pulumi/pulumi/sdk/v3/go/common/util/mapper"
"github.com/pulumi/pulumi/sdk/v3/go/property"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
@@ -86,44 +84,46 @@ func TestImageLifecycle(t *testing.T) {
},
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"push": property.New(false),
"tags": property.New(
[]property.Value{
property.New("docker.io/pulumibot/buildkit-e2e"),
property.New("docker.io/pulumibot/buildkit-e2e:main"),
Inputs: resource.PropertyMap{
"push": resource.NewBoolProperty(false),
"tags": resource.NewArrayProperty(
[]resource.PropertyValue{
resource.NewStringProperty("docker.io/pulumibot/buildkit-e2e"),
resource.NewStringProperty("docker.io/pulumibot/buildkit-e2e:main"),
},
),
"platforms": property.New(
[]property.Value{
property.New("linux/arm64"),
property.New("linux/amd64"),
"platforms": resource.NewArrayProperty(
[]resource.PropertyValue{
resource.NewStringProperty("linux/arm64"),
resource.NewStringProperty("linux/amd64"),
},
),
"context": property.New(map[string]property.Value{
"location": property.New("testdata/noop"),
"context": resource.NewObjectProperty(resource.PropertyMap{
"location": resource.NewStringProperty("testdata/noop"),
}),
"dockerfile": property.New(map[string]property.Value{
"location": property.New("testdata/noop/Dockerfile"),
"dockerfile": resource.NewObjectProperty(resource.PropertyMap{
"location": resource.NewStringProperty("testdata/noop/Dockerfile"),
}),
"exports": property.New(
[]property.Value{
property.New(map[string]property.Value{
"raw": property.New("type=registry"),
"exports": resource.NewArrayProperty(
[]resource.PropertyValue{
resource.NewObjectProperty(resource.PropertyMap{
"raw": resource.NewStringProperty("type=registry"),
},
),
},
),
"registries": property.New(
[]property.Value{
property.New(map[string]property.Value{
"address": property.New("fakeaddress"),
"username": property.New("fakeuser"),
"password": property.New("password").WithSecret(true),
"registries": resource.NewArrayProperty(
[]resource.PropertyValue{
resource.NewObjectProperty(resource.PropertyMap{
"address": resource.NewStringProperty("fakeaddress"),
"username": resource.NewStringProperty("fakeuser"),
"password": resource.MakeSecret(
resource.NewStringProperty("password"),
),
}),
},
),
}),
},
}
},
},
@@ -132,20 +132,20 @@ func TestImageLifecycle(t *testing.T) {
client: noClient,
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"push": property.New(false),
"tags": property.New([]property.Value{}),
"context": property.New(map[string]property.Value{
"location": property.New("testdata/noop"),
Inputs: resource.PropertyMap{
"push": resource.NewBoolProperty(false),
"tags": resource.NewArrayProperty([]resource.PropertyValue{}),
"context": resource.NewObjectProperty(resource.PropertyMap{
"location": resource.NewStringProperty("testdata/noop"),
}),
"exports": property.New(
[]property.Value{
property.New(map[string]property.Value{
"raw": property.New("type=registry"),
"exports": resource.NewArrayProperty(
[]resource.PropertyValue{
resource.NewObjectProperty(resource.PropertyMap{
"raw": resource.NewStringProperty("type=registry"),
}),
},
),
}),
},
ExpectFailure: true,
CheckFailures: []provider.CheckFailure{
{
@@ -161,19 +161,19 @@ func TestImageLifecycle(t *testing.T) {
client: noClient,
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"push": property.New(false),
"tags": property.New(
[]property.Value{property.New("invalid-exports")},
Inputs: resource.PropertyMap{
"push": resource.NewBoolProperty(false),
"tags": resource.NewArrayProperty(
[]resource.PropertyValue{resource.NewStringProperty("invalid-exports")},
),
"exports": property.New(
[]property.Value{
property.New(map[string]property.Value{
"raw": property.New("type="),
"exports": resource.NewArrayProperty(
[]resource.PropertyValue{
resource.NewObjectProperty(resource.PropertyMap{
"raw": resource.NewStringProperty("type="),
}),
},
),
}),
},
ExpectFailure: true,
CheckFailures: []provider.CheckFailure{{
Property: "exports[0]",
@@ -194,15 +194,15 @@ func TestImageLifecycle(t *testing.T) {
},
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"push": property.New(false),
"tags": property.New(
[]property.Value{property.New("foo")},
Inputs: resource.PropertyMap{
"push": resource.NewBoolProperty(false),
"tags": resource.NewArrayProperty(
[]resource.PropertyValue{resource.NewStringProperty("foo")},
),
"context": property.New(map[string]property.Value{
"location": property.New("testdata/noop"),
"context": resource.NewObjectProperty(resource.PropertyMap{
"location": resource.NewStringProperty("testdata/noop"),
}),
}),
},
ExpectFailure: true,
}
},
@@ -221,15 +221,15 @@ func TestImageLifecycle(t *testing.T) {
},
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"push": property.New(false),
"tags": property.New(
[]property.Value{property.New("foo")},
Inputs: resource.PropertyMap{
"push": resource.NewBoolProperty(false),
"tags": resource.NewArrayProperty(
[]resource.PropertyValue{resource.NewStringProperty("foo")},
),
"context": property.New(map[string]property.Value{
"location": property.New("testdata/noop"),
"context": resource.NewObjectProperty(resource.PropertyMap{
"location": resource.NewStringProperty("testdata/noop"),
}),
}),
},
ExpectFailure: true,
}
},
@@ -254,24 +254,24 @@ func TestImageLifecycle(t *testing.T) {
},
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"push": property.New(false),
"tags": property.New(
[]property.Value{
property.New("default-dockerfile"),
Inputs: resource.PropertyMap{
"push": resource.NewBoolProperty(false),
"tags": resource.NewArrayProperty(
[]resource.PropertyValue{
resource.NewStringProperty("default-dockerfile"),
},
),
"context": property.New(map[string]property.Value{
"location": property.New("testdata/noop"),
"context": resource.NewObjectProperty(resource.PropertyMap{
"location": resource.NewStringProperty("testdata/noop"),
}),
}),
Hook: func(_, output property.Map) {
dockerfile := output.Get("dockerfile")
},
Hook: func(_, output resource.PropertyMap) {
dockerfile := output["dockerfile"]
require.NotNil(t, dockerfile)
require.True(t, dockerfile.IsMap())
location := dockerfile.AsMap().Get("location")
require.True(t, dockerfile.IsObject())
location := dockerfile.ObjectValue()["location"]
require.True(t, location.IsString())
assert.Equal(t, "testdata/noop/Dockerfile", location.AsString())
assert.Equal(t, "testdata/noop/Dockerfile", location.StringValue())
},
}
},
@@ -296,25 +296,25 @@ func TestImageLifecycle(t *testing.T) {
},
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"push": property.New(false),
"tags": property.New(
[]property.Value{
property.New("inline-dockerfile"),
Inputs: resource.PropertyMap{
"push": resource.NewBoolProperty(false),
"tags": resource.NewArrayProperty(
[]resource.PropertyValue{
resource.NewStringProperty("inline-dockerfile"),
},
),
"buildOnPreview": property.New(true),
"dockerfile": property.New(map[string]property.Value{
"inline": property.New("FROM alpine:latest"),
"buildOnPreview": resource.NewBoolProperty(true),
"dockerfile": resource.NewObjectProperty(resource.PropertyMap{
"inline": resource.NewStringProperty("FROM alpine:latest"),
}),
}),
Hook: func(_, output property.Map) {
context := output.Get("context")
},
Hook: func(_, output resource.PropertyMap) {
context := output["context"]
require.NotNil(t, context)
require.True(t, context.IsMap())
location := context.AsMap().Get("location")
require.True(t, context.IsObject())
location := context.ObjectValue()["location"]
require.True(t, location.IsString())
assert.Equal(t, ".", location.AsString())
assert.Equal(t, ".", location.StringValue())
},
}
},
@@ -328,7 +328,7 @@ func TestImageLifecycle(t *testing.T) {
Resource: "docker-build:index:Image",
Create: tt.op(t),
}
s := newServer(t.Context(), t, mockClientF(tt.client(t)))
s := newServer(tt.client(t))
err := s.Configure(provider.ConfigureRequest{})
require.NoError(t, err)
@@ -353,16 +353,21 @@ func TestDelete(t *testing.T) {
Delete(gomock.Any(), "docker.io/pulumi/test@sha256:foo").
Return(errNotFound{})
i := &Image{clientF: mockClientF(client)}
s := newServer(client)
err := s.Configure(provider.ConfigureRequest{})
require.NoError(t, err)
_, err := i.Delete(t.Context(), infer.DeleteRequest[ImageState]{
ID: "foo,bar",
State: ImageState{
ImageArgs: ImageArgs{
Tags: []string{"docker.io/pulumi/test:foo"},
Push: true,
},
Digest: "sha256:foo",
err = s.Delete(provider.DeleteRequest{
ID: "foo,bar",
Urn: _fakeURN,
Properties: resource.PropertyMap{
"tags": resource.NewArrayProperty([]resource.PropertyValue{
resource.NewStringProperty("docker.io/pulumi/test:foo"),
}),
"push": resource.NewBoolProperty(true),
"digest": resource.NewStringProperty("sha256:foo"),
"contextHash": resource.NewStringProperty(""),
"ref": resource.NewStringProperty(""),
},
})
assert.NoError(t, err)
@@ -386,21 +391,27 @@ func TestRead(t *testing.T) {
},
}, nil)
i := &Image{clientF: mockClientF(client)}
s := newServer(client)
err := s.Configure(provider.ConfigureRequest{})
require.NoError(t, err)
resp, err := i.Read(t.Context(), infer.ReadRequest[ImageArgs, ImageState]{
ID: "my-image",
State: ImageState{
ImageArgs: ImageArgs{
Exports: []Export{{Raw: "type=registry"}},
Tags: []string{tag},
},
Digest: digest,
resp, err := s.Read(provider.ReadRequest{
ID: "my-image",
Urn: _fakeURN,
Properties: resource.PropertyMap{
"exports": resource.NewArrayProperty([]resource.PropertyValue{
resource.NewObjectProperty(resource.PropertyMap{
"raw": resource.NewStringProperty("type=registry"),
}),
}),
"tags": resource.NewArrayProperty([]resource.PropertyValue{
resource.NewStringProperty(tag),
}),
"digest": resource.NewStringProperty(digest),
},
})
require.NoError(t, err)
assert.Equal(t, []string{tag}, resp.State.Tags)
assert.NotNil(t, resp.Properties["exports"].ArrayValue()[0].ObjectValue()["manifest"])
}
func TestImageDiff(t *testing.T) {
@@ -421,21 +432,21 @@ func TestImageDiff(t *testing.T) {
}
tests := []struct {
name string
state func(*testing.T, ImageState) ImageState
inputs func(*testing.T, ImageArgs) ImageArgs
name string
olds func(*testing.T, ImageState) ImageState
news func(*testing.T, ImageArgs) ImageArgs
wantChanges bool
}{
{
name: "no diff if build context is unchanged",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(*testing.T, ImageArgs) ImageArgs { return baseArgs },
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(*testing.T, ImageArgs) ImageArgs { return baseArgs },
wantChanges: false,
},
{
name: "no diff if registry password changes",
state: func(_ *testing.T, s ImageState) ImageState {
olds: func(_ *testing.T, s ImageState) ImageState {
s.Registries = []Registry{{
Address: "foo",
Username: "foo",
@@ -443,7 +454,7 @@ func TestImageDiff(t *testing.T) {
}}
return s
},
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Registries = []Registry{{
Address: "foo",
Username: "foo",
@@ -455,11 +466,11 @@ func TestImageDiff(t *testing.T) {
},
{
name: "no diff if pull=true but no exports",
state: func(_ *testing.T, is ImageState) ImageState {
olds: func(_ *testing.T, is ImageState) ImageState {
is.Pull = true
return is
},
inputs: func(t *testing.T, ia ImageArgs) ImageArgs {
news: func(t *testing.T, ia ImageArgs) ImageArgs {
ia.Pull = true
return ia
},
@@ -467,12 +478,12 @@ func TestImageDiff(t *testing.T) {
},
{
name: "diff if pull=true with exports",
state: func(_ *testing.T, is ImageState) ImageState {
olds: func(_ *testing.T, is ImageState) ImageState {
is.Pull = true
is.Load = true
return is
},
inputs: func(t *testing.T, ia ImageArgs) ImageArgs {
news: func(t *testing.T, ia ImageArgs) ImageArgs {
ia.Pull = true
ia.Load = true
return ia
@@ -480,9 +491,9 @@ func TestImageDiff(t *testing.T) {
wantChanges: true,
},
{
name: "diff if build context changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(t *testing.T, a ImageArgs) ImageArgs {
name: "diff if build context changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(t *testing.T, a ImageArgs) ImageArgs {
tmp := filepath.Join(a.Context.Location, "tmp")
err := os.WriteFile(tmp, []byte{}, 0o600)
require.NoError(t, err)
@@ -492,9 +503,9 @@ func TestImageDiff(t *testing.T) {
wantChanges: true,
},
{
name: "diff if registry added",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if registry added",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Registries = []Registry{{}}
return a
},
@@ -502,7 +513,7 @@ func TestImageDiff(t *testing.T) {
},
{
name: "diff if registry user changes",
state: func(_ *testing.T, s ImageState) ImageState {
olds: func(_ *testing.T, s ImageState) ImageState {
s.Registries = []Registry{{
Address: "foo",
Username: "foo",
@@ -510,7 +521,7 @@ func TestImageDiff(t *testing.T) {
}}
return s
},
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Registries = []Registry{{
Address: "DIFFERENT USER",
Username: "foo",
@@ -521,9 +532,9 @@ func TestImageDiff(t *testing.T) {
wantChanges: true,
},
{
name: "diff if buildArgs changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if buildArgs changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.BuildArgs = map[string]string{
"foo": "bar",
}
@@ -532,36 +543,36 @@ func TestImageDiff(t *testing.T) {
wantChanges: true,
},
{
name: "diff if pull changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(t *testing.T, ia ImageArgs) ImageArgs {
name: "diff if pull changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(t *testing.T, ia ImageArgs) ImageArgs {
ia.Pull = true
return ia
},
wantChanges: true,
},
{
name: "diff if load changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(t *testing.T, ia ImageArgs) ImageArgs {
name: "diff if load changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(t *testing.T, ia ImageArgs) ImageArgs {
ia.Load = true
return ia
},
wantChanges: true,
},
{
name: "diff if push changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(t *testing.T, ia ImageArgs) ImageArgs {
name: "diff if push changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(t *testing.T, ia ImageArgs) ImageArgs {
ia.Push = true
return ia
},
wantChanges: true,
},
{
name: "diff if buildOnPreview doesn't change",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(t *testing.T, ia ImageArgs) ImageArgs {
name: "diff if buildOnPreview doesn't change",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(t *testing.T, ia ImageArgs) ImageArgs {
val := true
ia.BuildOnPreview = &val
return ia
@@ -569,9 +580,9 @@ func TestImageDiff(t *testing.T) {
wantChanges: true,
},
{
name: "diff if buildOnPreview changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(t *testing.T, ia ImageArgs) ImageArgs {
name: "diff if buildOnPreview changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(t *testing.T, ia ImageArgs) ImageArgs {
val := false
ia.BuildOnPreview = &val
return ia
@@ -579,171 +590,171 @@ func TestImageDiff(t *testing.T) {
wantChanges: true,
},
{
name: "diff if ssh changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(t *testing.T, ia ImageArgs) ImageArgs {
name: "diff if ssh changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(t *testing.T, ia ImageArgs) ImageArgs {
ia.SSH = []SSH{{ID: "default"}}
return ia
},
wantChanges: true,
},
{
name: "diff if hosts change",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(t *testing.T, ia ImageArgs) ImageArgs {
name: "diff if hosts change",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(t *testing.T, ia ImageArgs) ImageArgs {
ia.AddHosts = []string{"localhost"}
return ia
},
wantChanges: true,
},
{
name: "diff if cacheFrom changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if cacheFrom changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.CacheFrom = []CacheFrom{{Raw: "a"}}
return a
},
wantChanges: true,
},
{
name: "diff if cacheTo changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if cacheTo changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.CacheTo = []CacheTo{{Raw: "a"}}
return a
},
wantChanges: true,
},
{
name: "diff if context changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if context changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Context = &BuildContext{Context: Context{Location: "testdata/ignores"}}
return a
},
wantChanges: true,
},
{
name: "diff if named context changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if named context changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Context = &BuildContext{Named: NamedContexts{"foo": Context{Location: "bar"}}}
return a
},
wantChanges: true,
},
{
name: "diff if network changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if network changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Network = &host
return a
},
wantChanges: true,
},
{
name: "diff if dockerfile location changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if dockerfile location changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Dockerfile = &Dockerfile{Location: "testdata/ignores/basedir/Dockerfile"}
return a
},
wantChanges: true,
},
{
name: "diff if dockerfile inline changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if dockerfile inline changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Dockerfile = &Dockerfile{Inline: "FROM scratch"}
return a
},
wantChanges: true,
},
{
name: "diff if platforms change",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if platforms change",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Platforms = []Platform{"linux/amd64"}
return a
},
wantChanges: true,
},
{
name: "diff if pull changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if pull changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Pull = true
return a
},
wantChanges: true,
},
{
name: "diff if builder changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if builder changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Builder = &BuilderConfig{Name: "foo"}
return a
},
wantChanges: true,
},
{
name: "diff if tags change",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if tags change",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Tags = []string{"foo"}
return a
},
wantChanges: true,
},
{
name: "diff if exports change",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if exports change",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Exports = []Export{{Raw: "foo"}}
return a
},
wantChanges: true,
},
{
name: "diff if target changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if target changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Target = "foo"
return a
},
wantChanges: true,
},
{
name: "diff if pulling",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if pulling",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Pull = true
return a
},
wantChanges: true,
},
{
name: "diff if noCache changes",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if noCache changes",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.NoCache = true
return a
},
wantChanges: true,
},
{
name: "diff if labels change",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if labels change",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Labels = map[string]string{"foo": "bar"}
return a
},
wantChanges: true,
},
{
name: "diff if secrets change",
state: func(*testing.T, ImageState) ImageState { return baseState },
inputs: func(_ *testing.T, a ImageArgs) ImageArgs {
name: "diff if secrets change",
olds: func(*testing.T, ImageState) ImageState { return baseState },
news: func(_ *testing.T, a ImageArgs) ImageArgs {
a.Secrets = map[string]string{"foo": "bar"}
return a
},
@@ -751,13 +762,13 @@ func TestImageDiff(t *testing.T) {
},
{
name: "diff if local export doesn't exist",
state: func(t *testing.T, state ImageState) ImageState {
olds: func(t *testing.T, state ImageState) ImageState {
state.Exports = []Export{
{Local: &ExportLocal{Dest: "not-real"}},
}
return state
},
inputs: func(_ *testing.T, args ImageArgs) ImageArgs {
news: func(_ *testing.T, args ImageArgs) ImageArgs {
args.Exports = []Export{
{Local: &ExportLocal{Dest: "not-real"}},
}
@@ -767,13 +778,13 @@ func TestImageDiff(t *testing.T) {
},
{
name: "diff if tar export doesn't exist",
state: func(t *testing.T, state ImageState) ImageState {
olds: func(t *testing.T, state ImageState) ImageState {
state.Exports = []Export{
{Tar: &ExportTar{ExportLocal: ExportLocal{Dest: "not-real"}}},
}
return state
},
inputs: func(_ *testing.T, args ImageArgs) ImageArgs {
news: func(_ *testing.T, args ImageArgs) ImageArgs {
args.Exports = []Export{
{Tar: &ExportTar{ExportLocal: ExportLocal{Dest: "not-real"}}},
}
@@ -783,12 +794,12 @@ func TestImageDiff(t *testing.T) {
},
}
s := newServer(t.Context(), t, nil)
s := newServer(nil)
encode := func(t *testing.T, x any) property.Map {
encode := func(t *testing.T, x any) resource.PropertyMap {
raw, err := mapper.New(&mapper.Opts{IgnoreMissing: true}).Encode(x)
require.NoError(t, err)
return resource.FromResourcePropertyMap(resource.NewPropertyMapFromMap(raw))
return resource.NewPropertyMapFromMap(raw)
}
for _, tt := range tests {
@@ -797,9 +808,9 @@ func TestImageDiff(t *testing.T) {
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
resp, err := s.Diff(provider.DiffRequest{
Urn: _fakeURN,
State: encode(t, tt.state(t, baseState)),
Inputs: encode(t, tt.inputs(t, baseArgs)),
Urn: _fakeURN,
Olds: encode(t, tt.olds(t, baseState)),
News: encode(t, tt.news(t, baseArgs)),
})
assert.NoError(t, err)
assert.Equal(t, tt.wantChanges, resp.HasChanges, resp.DetailedDiff)
@@ -917,10 +928,8 @@ func TestValidateImageArgs(t *testing.T) {
{
name: "gha environment",
envs: map[string]string{
"ACTIONS_CACHE_URL": "test-cache-url",
"ACTIONS_RUNTIME_TOKEN": "test-runtime-token",
"ACTIONS_RESULTS_URL": "test-results-url",
"ACTIONS_CACHE_SERVICE_V2": "true",
"ACTIONS_CACHE_URL": "test-cache-url",
"ACTIONS_RUNTIME_TOKEN": "test-runtime-token",
},
args: ImageArgs{
Context: &BuildContext{Context: Context{Location: "testdata/noop"}},
@@ -932,17 +941,15 @@ func TestValidateImageArgs(t *testing.T) {
wantCacheFrom: &pb.CacheOptionsEntry{
Type: "gha",
Attrs: map[string]string{
"token": "test-runtime-token",
"url": "test-cache-url",
"url_v2": "test-results-url",
"token": "test-runtime-token",
"url": "test-cache-url",
},
},
wantCacheTo: &pb.CacheOptionsEntry{
Type: "gha",
Attrs: map[string]string{
"token": "test-runtime-token",
"url": "test-cache-url",
"url_v2": "test-results-url",
"token": "test-runtime-token",
"url": "test-cache-url",
},
},
},

152
provider/internal/index.go
View File

@@ -28,6 +28,7 @@ import (
provider "github.com/pulumi/pulumi-go-provider"
"github.com/pulumi/pulumi-go-provider/infer"
"github.com/pulumi/pulumi/sdk/v3/go/common/resource"
)
var (
@@ -46,10 +47,7 @@ var (
var _indexExamples string
// Index is an OCI index or manifest list on a remote registry.
type Index struct {
clientF clientF
config *Config
}
type Index struct{}
// IndexArgs instantiate an Index.
type IndexArgs struct {
@@ -66,14 +64,6 @@ func (i IndexArgs) isPushed() bool {
return *i.Push
}
// GetRegistries returns the index's registry.
func (i IndexArgs) GetRegistries() []Registry {
if i.Registry == nil {
return nil
}
return []Registry{*i.Registry}
}
// IndexState captures the state of an Index.
type IndexState struct {
IndexArgs
@@ -142,82 +132,66 @@ func (i *IndexState) Annotate(a infer.Annotator) {
// Create is a passthrough to Update.
func (i *Index) Create(
ctx context.Context,
req infer.CreateRequest[IndexArgs],
) (infer.CreateResponse[IndexState], error) {
resp, err := i.Update(ctx,
infer.UpdateRequest[IndexArgs, IndexState]{
ID: req.Name,
State: IndexState{},
Inputs: req.Inputs,
DryRun: req.DryRun,
},
)
return infer.CreateResponse[IndexState]{ID: req.Name, Output: resp.Output}, err
name string,
input IndexArgs,
preview bool,
) (string, IndexState, error) {
state, err := i.Update(ctx, name, IndexState{}, input, preview)
return name, state, err
}
// Update performs `buildx imagetools create` to create a new OCI index /
// manifest list.
func (i *Index) Update(
ctx context.Context,
req infer.UpdateRequest[IndexArgs, IndexState],
) (infer.UpdateResponse[IndexState], error) {
state, input := req.State, req.Inputs
name string,
state IndexState,
input IndexArgs,
preview bool,
) (IndexState, error) {
state.IndexArgs = input
state.Ref = input.Tag
cli, err := i.client(ctx, input)
cli, err := i.client(ctx, state, input)
if err != nil {
return infer.UpdateResponse[IndexState]{Output: state}, err
return state, err
}
if req.DryRun {
return infer.UpdateResponse[IndexState]{Output: state}, nil
if preview {
return state, nil
}
provider.GetLogger(ctx).
Debugf("creating index with tag %s and sources %s", input.Tag, input.Sources)
provider.GetLogger(ctx).Debugf("creating index with tag %s and sources %s", input.Tag, input.Sources)
err = cli.ManifestCreate(ctx, input.isPushed(), input.Tag, input.Sources...)
if err != nil {
return infer.UpdateResponse[IndexState]{Output: state}, fmt.Errorf("creating: %w", err)
return state, fmt.Errorf("creating: %w", err)
}
// Read remote manifest information, if it exists.
live, err := i.Read(ctx,
infer.ReadRequest[IndexArgs, IndexState]{ID: req.ID, Inputs: input, State: state},
)
_, _, state, err = i.Read(ctx, name, input, state)
if err != nil {
return infer.UpdateResponse[IndexState]{Output: state}, fmt.Errorf("reading: %w", err)
return state, fmt.Errorf("reading: %w", err)
}
return infer.UpdateResponse[IndexState]{Output: live.State}, nil
return state, nil
}
func (i *Index) Read(
ctx context.Context,
req infer.ReadRequest[IndexArgs, IndexState],
) (infer.ReadResponse[IndexArgs, IndexState], error) {
state, input := req.State, req.Inputs
name string,
input IndexArgs,
state IndexState,
) (string, IndexArgs, IndexState, error) {
state.IndexArgs = input
state.Ref = input.Tag
if !input.isPushed() {
provider.GetLogger(ctx).Debug("skipping read because index was not pushed")
return infer.ReadResponse[IndexArgs, IndexState]{
ID: req.ID,
Inputs: input,
State: state,
}, nil // Nothing to read.
return name, input, state, nil // Nothing to read.
}
cli, err := i.client(ctx, input)
cli, err := i.client(ctx, state, input)
if err != nil {
return infer.ReadResponse[IndexArgs, IndexState]{
ID: req.ID,
Inputs: input,
State: state,
}, err
return name, input, state, err
}
provider.GetLogger(ctx).Debug("reading index with tag " + input.Tag)
@@ -225,29 +199,21 @@ func (i *Index) Read(
digest, err := cli.ManifestInspect(ctx, input.Tag)
if errors.Is(err, errs.ErrNotFound) {
// A remote tag was expected but isn't there -- delete the resource.
return infer.ReadResponse[IndexArgs, IndexState]{ID: "", Inputs: input, State: state}, nil
return "", input, state, nil
}
if errors.Is(err, errs.ErrHTTPUnauthorized) {
provider.GetLogger(ctx).Warning("invalid credentials, skipping")
return infer.ReadResponse[IndexArgs, IndexState]{
ID: req.ID,
Inputs: input,
State: state,
}, nil
return name, input, state, nil
}
if err != nil {
return infer.ReadResponse[IndexArgs, IndexState]{
ID: req.ID,
Inputs: input,
State: state,
}, err
return name, input, state, err
}
if ref, ok := addDigest(input.Tag, digest); ok {
state.Ref = ref
}
return infer.ReadResponse[IndexArgs, IndexState]{ID: req.ID, Inputs: input, State: state}, nil
return name, input, state, nil
}
// Check confirms the Index's tag and source refs are all valid. This doesn't
@@ -256,11 +222,13 @@ func (i *Index) Read(
// cases for now.
func (i *Index) Check(
ctx context.Context,
req infer.CheckRequest,
) (infer.CheckResponse[IndexArgs], error) {
args, failures, err := infer.DefaultCheck[IndexArgs](ctx, req.NewInputs)
_ string,
_ resource.PropertyMap,
news resource.PropertyMap,
) (IndexArgs, []provider.CheckFailure, error) {
args, failures, err := infer.DefaultCheck[IndexArgs](ctx, news)
if err != nil {
return infer.CheckResponse[IndexArgs]{Failures: failures, Inputs: args}, err
return args, failures, err
}
if _, err := normalizeReference(args.Tag); args.Tag != "" && err != nil {
@@ -285,31 +253,27 @@ func (i *Index) Check(
}
}
return infer.CheckResponse[IndexArgs]{Failures: failures, Inputs: args}, nil
return args, failures, nil
}
// Delete attempts to delete the remote manifest.
func (i *Index) Delete(
ctx context.Context,
req infer.DeleteRequest[IndexState],
) (infer.DeleteResponse, error) {
state := req.State
func (i *Index) Delete(ctx context.Context, _ string, state IndexState) error {
if !state.isPushed() {
return infer.DeleteResponse{}, nil // Nothing to delete.
return nil // Nothing to delete.
}
cli, err := i.client(ctx, state.IndexArgs)
cli, err := i.client(ctx, state, state.IndexArgs)
if err != nil {
return infer.DeleteResponse{}, err
return err
}
err = cli.ManifestDelete(ctx, state.Ref)
// TODO: Upstream buildx swallows the error types we'd like to test for
// here.
if err != nil && strings.Contains(err.Error(), "No such manifest:") {
return infer.DeleteResponse{}, nil
return nil
}
return infer.DeleteResponse{}, err
return err
}
// Diff returns a diff of proposed changes against current state. Ideally we
@@ -318,10 +282,10 @@ func (i *Index) Delete(
// change all the time due to short-lived AWS credentials).
func (i *Index) Diff(
_ context.Context,
req infer.DiffRequest[IndexArgs, IndexState],
_ string,
olds IndexState,
news IndexArgs,
) (provider.DiffResponse, error) {
olds, news := req.State, req.Inputs
diff := map[string]provider.PropertyDiff{}
update := provider.PropertyDiff{Kind: provider.Update}
replace := provider.PropertyDiff{Kind: provider.UpdateReplace}
@@ -359,7 +323,23 @@ func (i *Index) Diff(
// any host-level credentials.
func (i *Index) client(
ctx context.Context,
_ IndexState,
args IndexArgs,
) (Client, error) {
return i.clientF(ctx, i.config.getHost(), i.config, args)
cfg := infer.GetConfig[Config](ctx)
if cli, ok := ctx.Value(_mockClientKey).(Client); ok {
return cli, nil
}
// We prefer auth from args, the provider, and state in that order. We
// build a slice in reverse order because wrap() will overwrite earlier
// entries with later ones.
auths := []Registry{}
auths = append(auths, cfg.Registries...)
if args.Registry != nil {
auths = append(auths, *args.Registry)
}
return wrap(cfg.host, auths...)
}

119
provider/internal/index_test.go
View File

@@ -27,35 +27,34 @@ import (
"github.com/pulumi/pulumi-go-provider/integration"
"github.com/pulumi/pulumi/sdk/v3/go/common/resource"
"github.com/pulumi/pulumi/sdk/v3/go/common/util/mapper"
"github.com/pulumi/pulumi/sdk/v3/go/property"
)
func TestIndexLifecycle(t *testing.T) {
t.Parallel()
realClient := func(t *testing.T) clientF { return RealClientF }
realClient := func(t *testing.T) Client { return nil }
tests := []struct {
name string
skip bool
op func(t *testing.T) integration.Operation
client func(t *testing.T) clientF
client func(t *testing.T) Client
}{
{
name: "not pushed",
client: realClient,
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"tag": property.New(
Inputs: resource.PropertyMap{
"tag": resource.NewStringProperty(
"docker.io/pulumibot/buildkit-e2e:manifest-unit",
),
"sources": property.New([]property.Value{
property.New("docker.io/pulumibot/buildkit-e2e:arm64"),
property.New("docker.io/pulumibot/buildkit-e2e:amd64"),
"sources": resource.NewArrayProperty([]resource.PropertyValue{
resource.NewStringProperty("docker.io/pulumibot/buildkit-e2e:arm64"),
resource.NewStringProperty("docker.io/pulumibot/buildkit-e2e:amd64"),
}),
"push": property.New(false),
}),
"push": resource.NewBoolProperty(false),
},
}
},
},
@@ -65,51 +64,59 @@ func TestIndexLifecycle(t *testing.T) {
client: realClient,
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"tag": property.New(
Inputs: resource.PropertyMap{
"tag": resource.NewStringProperty(
"docker.io/pulumibot/buildkit-e2e:manifest",
),
"sources": property.New([]property.Value{
property.New("docker.io/pulumibot/buildkit-e2e:arm64"),
property.New("docker.io/pulumibot/buildkit-e2e:amd64"),
"sources": resource.NewArrayProperty([]resource.PropertyValue{
resource.NewStringProperty("docker.io/pulumibot/buildkit-e2e:arm64"),
resource.NewStringProperty("docker.io/pulumibot/buildkit-e2e:amd64"),
}),
"push": property.New(true),
"registry": property.New(map[string]property.Value{
"address": property.New("docker.io"),
"username": property.New("pulumibot"),
"password": property.New(os.Getenv("DOCKER_HUB_PASSWORD")).WithSecret(true),
"push": resource.NewBoolProperty(true),
"registry": resource.NewObjectProperty(resource.PropertyMap{
"address": resource.NewStringProperty("docker.io"),
"username": resource.NewStringProperty("pulumibot"),
"password": resource.NewSecretProperty(&resource.Secret{
Element: resource.NewStringProperty(
os.Getenv("DOCKER_HUB_PASSWORD"),
),
}),
}),
}),
},
}
},
},
{
name: "expired credentials",
client: func(t *testing.T) clientF {
client: func(t *testing.T) Client {
ctrl := gomock.NewController(t)
c := NewMockClient(ctrl)
c.EXPECT().ManifestCreate(gomock.Any(), true, gomock.Any(), gomock.Any())
c.EXPECT().ManifestInspect(gomock.Any(), gomock.Any()).Return("", errs.ErrHTTPUnauthorized)
c.EXPECT().ManifestDelete(gomock.Any(), gomock.Any()).Return(nil)
return mockClientF(c)
return c
},
op: func(t *testing.T) integration.Operation {
return integration.Operation{
Inputs: property.NewMap(map[string]property.Value{
"tag": property.New(
Inputs: resource.PropertyMap{
"tag": resource.NewStringProperty(
"docker.io/pulumibot/buildkit-e2e:manifest",
),
"sources": property.New([]property.Value{
property.New("docker.io/pulumibot/buildkit-e2e:arm64"),
property.New("docker.io/pulumibot/buildkit-e2e:amd64"),
"sources": resource.NewArrayProperty([]resource.PropertyValue{
resource.NewStringProperty("docker.io/pulumibot/buildkit-e2e:arm64"),
resource.NewStringProperty("docker.io/pulumibot/buildkit-e2e:amd64"),
}),
"push": property.New(true),
"registry": property.New(map[string]property.Value{
"address": property.New("docker.io"),
"username": property.New("pulumibot"),
"password": property.New(os.Getenv("DOCKER_HUB_PASSWORD")).WithSecret(true),
"push": resource.NewBoolProperty(true),
"registry": resource.NewObjectProperty(resource.PropertyMap{
"address": resource.NewStringProperty("docker.io"),
"username": resource.NewStringProperty("pulumibot"),
"password": resource.NewSecretProperty(&resource.Secret{
Element: resource.NewStringProperty(
os.Getenv("DOCKER_HUB_PASSWORD"),
),
}),
}),
}),
},
}
},
},
@@ -125,7 +132,7 @@ func TestIndexLifecycle(t *testing.T) {
Resource: "docker-build:index:Index",
Create: tt.op(t),
}
s := newServer(t.Context(), t, tt.client(t))
s := newServer(tt.client(t))
err := s.Configure(provider.ConfigureRequest{})
require.NoError(t, err)
@@ -142,22 +149,22 @@ func TestIndexDiff(t *testing.T) {
baseState := IndexState{IndexArgs: baseArgs}
tests := []struct {
name string
state func(*testing.T, IndexState) IndexState
inputs func(*testing.T, IndexArgs) IndexArgs
name string
olds func(*testing.T, IndexState) IndexState
news func(*testing.T, IndexArgs) IndexArgs
wantChanges bool
}{
{
name: "no diff if no changes",
state: func(*testing.T, IndexState) IndexState { return baseState },
inputs: func(*testing.T, IndexArgs) IndexArgs { return baseArgs },
olds: func(*testing.T, IndexState) IndexState { return baseState },
news: func(*testing.T, IndexArgs) IndexArgs { return baseArgs },
wantChanges: false,
},
{
name: "diff if tag changes",
state: func(*testing.T, IndexState) IndexState { return baseState },
inputs: func(t *testing.T, a IndexArgs) IndexArgs {
name: "diff if tag changes",
olds: func(*testing.T, IndexState) IndexState { return baseState },
news: func(t *testing.T, a IndexArgs) IndexArgs {
a.Tag = "new-tag"
return a
},
@@ -165,7 +172,7 @@ func TestIndexDiff(t *testing.T) {
},
{
name: "no diff if registry password changes",
state: func(_ *testing.T, s IndexState) IndexState {
olds: func(_ *testing.T, s IndexState) IndexState {
s.Registry = &Registry{
Address: "foo",
Username: "foo",
@@ -173,7 +180,7 @@ func TestIndexDiff(t *testing.T) {
}
return s
},
inputs: func(_ *testing.T, a IndexArgs) IndexArgs {
news: func(_ *testing.T, a IndexArgs) IndexArgs {
a.Registry = &Registry{
Address: "foo",
Username: "foo",
@@ -184,9 +191,9 @@ func TestIndexDiff(t *testing.T) {
wantChanges: false,
},
{
name: "diff if registry added",
state: func(*testing.T, IndexState) IndexState { return baseState },
inputs: func(_ *testing.T, a IndexArgs) IndexArgs {
name: "diff if registry added",
olds: func(*testing.T, IndexState) IndexState { return baseState },
news: func(_ *testing.T, a IndexArgs) IndexArgs {
a.Registry = &Registry{Address: "foo.com", Username: "foo", Password: "foo"}
return a
},
@@ -194,7 +201,7 @@ func TestIndexDiff(t *testing.T) {
},
{
name: "diff if registry user changes",
state: func(_ *testing.T, s IndexState) IndexState {
olds: func(_ *testing.T, s IndexState) IndexState {
s.Registry = &Registry{
Address: "foo",
Username: "foo",
@@ -202,7 +209,7 @@ func TestIndexDiff(t *testing.T) {
}
return s
},
inputs: func(_ *testing.T, a IndexArgs) IndexArgs {
news: func(_ *testing.T, a IndexArgs) IndexArgs {
a.Registry = &Registry{
Address: "DIFFERENT USER",
Username: "foo",
@@ -214,21 +221,21 @@ func TestIndexDiff(t *testing.T) {
},
}
s := newServer(t.Context(), t, nil)
s := newServer(nil)
encode := func(t *testing.T, x any) property.Map {
encode := func(t *testing.T, x any) resource.PropertyMap {
raw, err := mapper.New(&mapper.Opts{IgnoreMissing: true}).Encode(x)
require.NoError(t, err)
return resource.FromResourcePropertyMap(resource.NewPropertyMapFromMap(raw))
return resource.NewPropertyMapFromMap(raw)
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
t.Parallel()
resp, err := s.Diff(provider.DiffRequest{
Urn: urn,
State: encode(t, tt.state(t, baseState)),
Inputs: encode(t, tt.inputs(t, baseArgs)),
Urn: urn,
Olds: encode(t, tt.olds(t, baseState)),
News: encode(t, tt.news(t, baseArgs)),
})
assert.NoError(t, err)
assert.Equal(t, tt.wantChanges, resp.HasChanges, resp.DetailedDiff)

131
provider/internal/mockcli_test.go generated
View File

@@ -16,8 +16,12 @@ import (
configfile "github.com/docker/cli/cli/config/configfile"
docker "github.com/docker/cli/cli/context/docker"
store "github.com/docker/cli/cli/context/store"
store0 "github.com/docker/cli/cli/manifest/store"
client "github.com/docker/cli/cli/registry/client"
streams "github.com/docker/cli/cli/streams"
client "github.com/docker/docker/client"
trust "github.com/docker/cli/cli/trust"
client0 "github.com/docker/docker/client"
client1 "github.com/theupdateframework/notary/client"
metric "go.opentelemetry.io/otel/metric"
resource "go.opentelemetry.io/otel/sdk/resource"
trace "go.opentelemetry.io/otel/trace"
@@ -130,10 +134,10 @@ func (c *MockCliBuildKitEnabledCall) DoAndReturn(f func() (bool, error)) *MockCl
}
// Client mocks base method.
func (m *MockCli) Client() client.APIClient {
func (m *MockCli) Client() client0.APIClient {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Client")
ret0, _ := ret[0].(client.APIClient)
ret0, _ := ret[0].(client0.APIClient)
return ret0
}
@@ -150,19 +154,19 @@ type MockCliClientCall struct {
}
// Return rewrite *gomock.Call.Return
func (c *MockCliClientCall) Return(arg0 client.APIClient) *MockCliClientCall {
func (c *MockCliClientCall) Return(arg0 client0.APIClient) *MockCliClientCall {
c.Call = c.Call.Return(arg0)
return c
}
// Do rewrite *gomock.Call.Do
func (c *MockCliClientCall) Do(f func() client.APIClient) *MockCliClientCall {
func (c *MockCliClientCall) Do(f func() client0.APIClient) *MockCliClientCall {
c.Call = c.Call.Do(f)
return c
}
// DoAndReturn rewrite *gomock.Call.DoAndReturn
func (c *MockCliClientCall) DoAndReturn(f func() client.APIClient) *MockCliClientCall {
func (c *MockCliClientCall) DoAndReturn(f func() client0.APIClient) *MockCliClientCall {
c.Call = c.Call.DoAndReturn(f)
return c
}
@@ -509,6 +513,44 @@ func (c *MockCliInCall) DoAndReturn(f func() *streams.In) *MockCliInCall {
return c
}
// ManifestStore mocks base method.
func (m *MockCli) ManifestStore() store0.Store {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "ManifestStore")
ret0, _ := ret[0].(store0.Store)
return ret0
}
// ManifestStore indicates an expected call of ManifestStore.
func (mr *MockCliMockRecorder) ManifestStore() *MockCliManifestStoreCall {
mr.mock.ctrl.T.Helper()
call := mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ManifestStore", reflect.TypeOf((*MockCli)(nil).ManifestStore))
return &MockCliManifestStoreCall{Call: call}
}
// MockCliManifestStoreCall wrap *gomock.Call
type MockCliManifestStoreCall struct {
*gomock.Call
}
// Return rewrite *gomock.Call.Return
func (c *MockCliManifestStoreCall) Return(arg0 store0.Store) *MockCliManifestStoreCall {
c.Call = c.Call.Return(arg0)
return c
}
// Do rewrite *gomock.Call.Do
func (c *MockCliManifestStoreCall) Do(f func() store0.Store) *MockCliManifestStoreCall {
c.Call = c.Call.Do(f)
return c
}
// DoAndReturn rewrite *gomock.Call.DoAndReturn
func (c *MockCliManifestStoreCall) DoAndReturn(f func() store0.Store) *MockCliManifestStoreCall {
c.Call = c.Call.DoAndReturn(f)
return c
}
// MeterProvider mocks base method.
func (m *MockCli) MeterProvider() metric.MeterProvider {
m.ctrl.T.Helper()
@@ -547,6 +589,45 @@ func (c *MockCliMeterProviderCall) DoAndReturn(f func() metric.MeterProvider) *M
return c
}
// NotaryClient mocks base method.
func (m *MockCli) NotaryClient(imgRefAndAuth trust.ImageRefAndAuth, actions []string) (client1.Repository, error) {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "NotaryClient", imgRefAndAuth, actions)
ret0, _ := ret[0].(client1.Repository)
ret1, _ := ret[1].(error)
return ret0, ret1
}
// NotaryClient indicates an expected call of NotaryClient.
func (mr *MockCliMockRecorder) NotaryClient(imgRefAndAuth, actions any) *MockCliNotaryClientCall {
mr.mock.ctrl.T.Helper()
call := mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "NotaryClient", reflect.TypeOf((*MockCli)(nil).NotaryClient), imgRefAndAuth, actions)
return &MockCliNotaryClientCall{Call: call}
}
// MockCliNotaryClientCall wrap *gomock.Call
type MockCliNotaryClientCall struct {
*gomock.Call
}
// Return rewrite *gomock.Call.Return
func (c *MockCliNotaryClientCall) Return(arg0 client1.Repository, arg1 error) *MockCliNotaryClientCall {
c.Call = c.Call.Return(arg0, arg1)
return c
}
// Do rewrite *gomock.Call.Do
func (c *MockCliNotaryClientCall) Do(f func(trust.ImageRefAndAuth, []string) (client1.Repository, error)) *MockCliNotaryClientCall {
c.Call = c.Call.Do(f)
return c
}
// DoAndReturn rewrite *gomock.Call.DoAndReturn
func (c *MockCliNotaryClientCall) DoAndReturn(f func(trust.ImageRefAndAuth, []string) (client1.Repository, error)) *MockCliNotaryClientCall {
c.Call = c.Call.DoAndReturn(f)
return c
}
// Out mocks base method.
func (m *MockCli) Out() *streams.Out {
m.ctrl.T.Helper()
@@ -585,6 +666,44 @@ func (c *MockCliOutCall) DoAndReturn(f func() *streams.Out) *MockCliOutCall {
return c
}
// RegistryClient mocks base method.
func (m *MockCli) RegistryClient(arg0 bool) client.RegistryClient {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "RegistryClient", arg0)
ret0, _ := ret[0].(client.RegistryClient)
return ret0
}
// RegistryClient indicates an expected call of RegistryClient.
func (mr *MockCliMockRecorder) RegistryClient(arg0 any) *MockCliRegistryClientCall {
mr.mock.ctrl.T.Helper()
call := mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "RegistryClient", reflect.TypeOf((*MockCli)(nil).RegistryClient), arg0)
return &MockCliRegistryClientCall{Call: call}
}
// MockCliRegistryClientCall wrap *gomock.Call
type MockCliRegistryClientCall struct {
*gomock.Call
}
// Return rewrite *gomock.Call.Return
func (c *MockCliRegistryClientCall) Return(arg0 client.RegistryClient) *MockCliRegistryClientCall {
c.Call = c.Call.Return(arg0)
return c
}
// Do rewrite *gomock.Call.Do
func (c *MockCliRegistryClientCall) Do(f func(bool) client.RegistryClient) *MockCliRegistryClientCall {
c.Call = c.Call.Do(f)
return c
}
// DoAndReturn rewrite *gomock.Call.DoAndReturn
func (c *MockCliRegistryClientCall) DoAndReturn(f func(bool) client.RegistryClient) *MockCliRegistryClientCall {
c.Call = c.Call.DoAndReturn(f)
return c
}
// Resource mocks base method.
func (m *MockCli) Resource() *resource.Resource {
m.ctrl.T.Helper()

70
provider/internal/mockclient_test.go generated
View File

@@ -3,7 +3,7 @@
//
// Generated by this command:
//
// mockgen -typed -package internal -source client.go -destination mockclient_test.go --self_package github.com/pulumi/pulumi-docker-build/provider/internal -imports buildx=github.com/docker/buildx/build
// mockgen -typed -package internal -source client.go -destination mockclient_test.go --self_package github.com/pulumi/pulumi-docker-build/provider/internal
//
// Package internal is a generated GoMock package.
@@ -13,12 +13,7 @@ import (
context "context"
reflect "reflect"
buildx "github.com/docker/buildx/build"
builder "github.com/docker/buildx/builder"
pb "github.com/docker/buildx/controller/pb"
confutil "github.com/docker/buildx/util/confutil"
dockerutil "github.com/docker/buildx/util/dockerutil"
progress "github.com/docker/buildx/util/progress"
client "github.com/moby/buildkit/client"
session "github.com/moby/buildkit/session"
descriptor "github.com/regclient/regclient/types/descriptor"
@@ -537,66 +532,3 @@ func (c *MockBuildShouldExecCall) DoAndReturn(f func() bool) *MockBuildShouldExe
c.Call = c.Call.DoAndReturn(f)
return c
}
// MockBuilder is a mock of Builder interface.
type MockBuilder struct {
ctrl *gomock.Controller
recorder *MockBuilderMockRecorder
isgomock struct{}
}
// MockBuilderMockRecorder is the mock recorder for MockBuilder.
type MockBuilderMockRecorder struct {
mock *MockBuilder
}
// NewMockBuilder creates a new mock instance.
func NewMockBuilder(ctrl *gomock.Controller) *MockBuilder {
mock := &MockBuilder{ctrl: ctrl}
mock.recorder = &MockBuilderMockRecorder{mock}
return mock
}
// EXPECT returns an object that allows the caller to indicate expected use.
func (m *MockBuilder) EXPECT() *MockBuilderMockRecorder {
return m.recorder
}
// Build mocks base method.
func (m *MockBuilder) Build(ctx context.Context, nodes []builder.Node, opts map[string]buildx.Options, docker *dockerutil.Client, cfg *confutil.Config, w progress.Writer) (map[string]*client.SolveResponse, error) {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Build", ctx, nodes, opts, docker, cfg, w)
ret0, _ := ret[0].(map[string]*client.SolveResponse)
ret1, _ := ret[1].(error)
return ret0, ret1
}
// Build indicates an expected call of Build.
func (mr *MockBuilderMockRecorder) Build(ctx, nodes, opts, docker, cfg, w any) *MockBuilderBuildCall {
mr.mock.ctrl.T.Helper()
call := mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Build", reflect.TypeOf((*MockBuilder)(nil).Build), ctx, nodes, opts, docker, cfg, w)
return &MockBuilderBuildCall{Call: call}
}
// MockBuilderBuildCall wrap *gomock.Call
type MockBuilderBuildCall struct {
*gomock.Call
}
// Return rewrite *gomock.Call.Return
func (c *MockBuilderBuildCall) Return(resp map[string]*client.SolveResponse, err error) *MockBuilderBuildCall {
c.Call = c.Call.Return(resp, err)
return c
}
// Do rewrite *gomock.Call.Do
func (c *MockBuilderBuildCall) Do(f func(context.Context, []builder.Node, map[string]buildx.Options, *dockerutil.Client, *confutil.Config, progress.Writer) (map[string]*client.SolveResponse, error)) *MockBuilderBuildCall {
c.Call = c.Call.Do(f)
return c
}
// DoAndReturn rewrite *gomock.Call.DoAndReturn
func (c *MockBuilderBuildCall) DoAndReturn(f func(context.Context, []builder.Node, map[string]buildx.Options, *dockerutil.Client, *confutil.Config, progress.Writer) (map[string]*client.SolveResponse, error)) *MockBuilderBuildCall {
c.Call = c.Call.DoAndReturn(f)
return c
}

47
provider/internal/provider.go
View File

@@ -45,6 +45,9 @@ type Config struct {
host *host
}
// _mockClientKey is used by tests to inject a mock Docker client.
var _mockClientKey any = "mock-client"
// Annotate provides user-facing descriptions and defaults for Config's fields.
func (c *Config) Annotate(a infer.Annotator) {
a.Describe(&c.Host, "The build daemon's address.")
@@ -61,23 +64,8 @@ func (c *Config) Configure(ctx context.Context) error {
return nil
}
// GetRegistries returns the config's registries, if any.
func (c Config) GetRegistries() []Registry {
return c.Registries
}
// getHost returns the config's host, or nil if the config is also nil.
func (c *Config) getHost() *host {
if c == nil {
return nil
}
return c.host
}
// NewBuildxProvider returns a new buildx provider.
func NewBuildxProvider(clientF clientF) provider.Provider {
config := &Config{}
func NewBuildxProvider() provider.Provider {
prov := infer.Provider(
infer.Options{
Metadata: pschema.Metadata{
@@ -125,22 +113,41 @@ func NewBuildxProvider(clientF clientF) provider.Provider {
},
},
Resources: []infer.InferredResource{
infer.Resource(&Image{clientF: clientF, config: config}),
infer.Resource(&Index{clientF: clientF, config: config}),
infer.Resource[*Image](),
infer.Resource[*Index](),
},
ModuleMap: map[tokens.ModuleName]tokens.ModuleName{
"internal": "index",
},
Config: infer.Config(config),
Config: infer.Config[*Config](),
},
)
prov.DiffConfig = diffConfigIgnoreInternal(prov.DiffConfig)
return prov
}
// TODO(pulumi/pulumi-docker-build#404): Remove this function once the bug is fixed in either
// upstream pu/pu or pulumi-go-provider.
// diffConfigInternalIgnore is a custom DiffConfig implementation for the buildx provider. This is required to
// circumvent the bug identified in https://github.com/pulumi/pulumi-docker-build/issues/404.
// Since `__internal` is currently populated in new inputs, but stripped in old state, we need to
// ignore this field in the diff. There is no easy way to override DiffConfig to compare inputs only.
func diffConfigIgnoreInternal(
diffConfig func(ctx context.Context, req provider.DiffRequest) (provider.DiffResponse, error),
) func(ctx context.Context, req provider.DiffRequest) (provider.DiffResponse, error) {
return func(ctx context.Context, req provider.DiffRequest) (provider.DiffResponse, error) {
delete(req.News, "__internal")
return diffConfig(ctx, req)
}
}
// Schema returns our package specification.
func Schema(ctx context.Context, version string) schema.PackageSpec {
p := NewBuildxProvider(nil)
p := NewBuildxProvider()
spec, err := provider.GetSchema(ctx, "docker-build", version, p)
contract.AssertNoErrorf(err, "missing schema")
return spec

28
provider/internal/provider_test.go
View File

@@ -20,18 +20,18 @@ import (
"github.com/blang/semver"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
provider "github.com/pulumi/pulumi-go-provider"
"github.com/pulumi/pulumi-go-provider/infer"
"github.com/pulumi/pulumi-go-provider/integration"
mwcontext "github.com/pulumi/pulumi-go-provider/middleware/context"
"github.com/pulumi/pulumi/sdk/v3/go/common/tokens"
)
func TestConfigure(t *testing.T) {
t.Parallel()
s := newServer(t.Context(), t, nil)
s := newServer(nil)
err := s.Configure(
provider.ConfigureRequest{},
@@ -60,7 +60,7 @@ func TestAnnotate(t *testing.T) {
func TestSchema(t *testing.T) {
t.Parallel()
s := newServer(t.Context(), t, nil)
s := newServer(nil)
_, err := s.GetSchema(provider.GetSchemaRequest{Version: 0})
assert.NoError(t, err)
@@ -68,27 +68,21 @@ func TestSchema(t *testing.T) {
type annotator struct{}
func (annotator) Deprecate(_ any, _ string) {}
func (annotator) Describe(_ any, _ string) {}
func (annotator) SetDefault(_, _ any, _ ...string) {}
func (annotator) SetToken(tokens.ModuleName, tokens.TypeName) {}
func (annotator) AddAlias(tokens.ModuleName, tokens.TypeName) {}
func (annotator) SetResourceDeprecationMessage(_ string) {}
func newServer(ctx context.Context, t *testing.T, clientF clientF) integration.Server {
t.Helper()
func newServer(client Client) integration.Server {
p := NewBuildxProvider()
if clientF == nil {
clientF = RealClientF
// Inject a mock client if provided.
if client != nil {
p = mwcontext.Wrap(p, func(ctx context.Context) context.Context {
return context.WithValue(ctx, _mockClientKey, client)
})
}
p := NewBuildxProvider(clientF)
s, err := integration.NewServer(
ctx,
"docker-build", semver.Version{Major: 0},
integration.WithProvider(p),
)
require.NoError(t, err)
return s
return integration.NewServer("docker-build", semver.Version{Major: 0}, p)
}

39
provider/provider.go
View File

@@ -15,8 +15,13 @@
package provider
import (
"context"
"encoding/json"
"github.com/pulumi/pulumi-docker-build/provider/internal"
"github.com/pulumi/pulumi-docker-build/provider/internal/deprecated"
gp "github.com/pulumi/pulumi-go-provider"
"github.com/pulumi/pulumi/pkg/v3/codegen/schema"
"github.com/pulumi/pulumi/pkg/v3/resource/provider"
rpc "github.com/pulumi/pulumi/sdk/v3/proto/go"
)
@@ -34,5 +39,37 @@ func Serve() error {
// New creates a new provider.
func New(host *provider.HostClient) (rpc.ResourceProviderServer, error) {
return gp.RawServer(Name, Version, internal.NewBuildxProvider(internal.RealClientF))(host)
return gp.RawServer(Name, Version, configurableProvider(internal.NewBuildxProvider()))(host)
}
// configurableProvider is a workaround for
// https://github.com/pulumi/pulumi-go-provider/issues/171 and
// In short, our SDKs send provider Configure requests as simple strings
// instead of rich objects. We don't want to preserve this behavior in
// pulumi-go-provider, but we also haven't updated SDKs yet to send rich types.
//
// If you find yourself in a position where you need to copy this -- STOP!
// https://github.com/pulumi/pulumi/pull/15032 should be merged with this fix.
func configurableProvider(p gp.Provider) gp.Provider {
configure := p.Configure
p.Configure = func(ctx context.Context, req gp.ConfigureRequest) error {
r, err := p.GetSchema(ctx, gp.GetSchemaRequest{Version: 0})
if err != nil {
return err
}
spec := schema.PackageSpec{}
err = json.Unmarshal([]byte(r.Schema), &spec)
if err != nil {
return err
}
ce := deprecated.New(spec.Config)
if props, err := ce.UnmarshalProperties(req.Args); err == nil {
req.Args = props
}
return configure(ctx, req)
}
return p
}

29
provider/provider_test.go
View File

@@ -22,8 +22,37 @@ import (
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
emptypb "google.golang.org/protobuf/types/known/emptypb"
"google.golang.org/protobuf/types/known/structpb"
"github.com/pulumi/pulumi-docker-build/provider/internal"
provider "github.com/pulumi/pulumi-go-provider"
"github.com/pulumi/pulumi-go-provider/integration"
"github.com/pulumi/pulumi/sdk/v3/go/common/resource/plugin"
)
// TestConfigure checks backwards-compatibility with SDKs that still send
// provider config as JSON-encoded strings. This test can be removed once we
// upgrade to a version of pulumi that no longer generates SDKs with that
// behavior.
func TestConfigure(t *testing.T) {
t.Parallel()
p := configurableProvider(internal.NewBuildxProvider())
args, err := structpb.NewStruct(map[string]any{
"registries": `[{"address": "docker.io"}]`,
})
require.NoError(t, err)
argsMap, err := plugin.UnmarshalProperties(args, plugin.MarshalOptions{})
require.NoError(t, err)
s := integration.NewServer("docker-build", semver.Version{Major: 0}, p)
err = s.Configure(provider.ConfigureRequest{
Args: argsMap,
})
assert.NoError(t, err)
}
func TestVersion(t *testing.T) {
t.Parallel()

23
renovate.json5
View File

@@ -1,23 +0,0 @@
{
$schema: 'https://docs.renovatebot.com/renovate-schema.json',
extends: [
'github>pulumi/renovate-config//default.json5',
],
packageRules: [
{
matchDatasources: [
'go',
],
matchPackageNames: [
'github.com/pulumi/pulumi-dotnet/pulumi-language-dotnet/v3',
'github.com/pulumi/pulumi/sdk/go/pulumi-language-go/v3',
'github.com/pulumi/pulumi/sdk/nodejs/cmd/pulumi-language-nodejs/v3',
'github.com/pulumi/pulumi/sdk/python/cmd/pulumi-language-python/v3',
],
matchUpdateTypes: [
'pin',
'digest',
],
},
],
}

55
scripts/get-versions.sh
View File

@@ -1,55 +0,0 @@
#!/usr/bin/env bash
set -euo pipefail
# This script can be simplified to use go when https://github.com/jdx/mise/discussions/6374 is fixed
# e.g. go list -m -f '{{.GoVersion}}'
module_path="github.com/pulumi/pulumi/pkg/v3"
go_mod_path="."
gomod="go.mod"
if [[ "$go_mod_path" != "" && "$go_mod_path" != "." ]]; then
gomod="$go_mod_path/$gomod"
fi
if [[ ! -f "$gomod" ]]; then
echo "missing $gomod" >&2
exit 1
fi
raw_version=$(awk -v module="$module_path" '
$1 == module || $2 == module {
for (i = 1; i <= NF; i++) {
if ($i ~ /^v[0-9]/) {
sub(/^v/, "", $i)
print $i
exit
}
}
}
' "$gomod")
if [[ -z "${raw_version:-}" ]]; then
echo "failed to determine Pulumi version from $gomod" >&2
exit 1
fi
echo "PULUMI_VERSION_MISE=$raw_version"
export PULUMI_VERSION_MISE=$raw_version
# Prefer the toolchain directive if present, otherwise fall back to the `go` version line
go_toolchain=$(awk '/^toolchain[[:space:]]+go[0-9]/{ print $2; exit }' "$gomod")
if [[ -n "${go_toolchain:-}" ]]; then
go_version=${go_toolchain#go}
else
go_version=$(awk '/^go[[:space:]]+[0-9]/{ print $2; exit }' "$gomod")
fi
if [[ -z "${go_version:-}" ]]; then
echo "failed to determine Go version from $gomod" >&2
exit 1
fi
echo "GO_VERSION_MISE=$go_version"
export GO_VERSION_MISE=$go_version

2
sdk/dotnet/Config/Config.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Enums.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Image.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Index.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/BuildContextArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/BuilderConfigArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/CacheFromArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/CacheFromAzureBlobArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

41
sdk/dotnet/Inputs/CacheFromGitHubActionsArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;
@@ -10,12 +10,6 @@ using Pulumi.Serialization;
namespace Pulumi.DockerBuild.Inputs
{
/// <summary>
/// Recommended for use with GitHub Actions workflows.
///
/// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
/// appropriate credentials to your GitHub workflow.
/// </summary>
public sealed class CacheFromGitHubActionsArgs : global::Pulumi.ResourceArgs
{
/// <summary>
@@ -27,9 +21,42 @@ namespace Pulumi.DockerBuild.Inputs
[Input("scope")]
public Input<string>? Scope { get; set; }
[Input("token")]
private Input<string>? _token;
/// <summary>
/// The GitHub Actions token to use. This is not a personal access tokens
/// and is typically generated automatically as part of each job.
///
/// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public Input<string>? Token
{
get => _token;
set
{
var emptySecret = Output.CreateSecret(0);
_token = Output.Tuple<Input<string>?, int>(value, emptySecret).Apply(t => t.Item1);
}
}
/// <summary>
/// The cache server URL to use for artifacts.
///
/// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
[Input("url")]
public Input<string>? Url { get; set; }
public CacheFromGitHubActionsArgs()
{
Scope = "buildkit";
Token = Utilities.GetEnv("ACTIONS_RUNTIME_TOKEN") ?? "";
Url = Utilities.GetEnv("ACTIONS_CACHE_URL") ?? "";
}
public static new CacheFromGitHubActionsArgs Empty => new CacheFromGitHubActionsArgs();
}

2
sdk/dotnet/Inputs/CacheFromLocalArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/CacheFromRegistryArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/CacheFromS3Args.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/CacheToArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/CacheToAzureBlobArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

41
sdk/dotnet/Inputs/CacheToGitHubActionsArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;
@@ -10,12 +10,6 @@ using Pulumi.Serialization;
namespace Pulumi.DockerBuild.Inputs
{
/// <summary>
/// Recommended for use with GitHub Actions workflows.
///
/// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
/// appropriate credentials to your GitHub workflow.
/// </summary>
public sealed class CacheToGitHubActionsArgs : global::Pulumi.ResourceArgs
{
/// <summary>
@@ -39,11 +33,44 @@ namespace Pulumi.DockerBuild.Inputs
[Input("scope")]
public Input<string>? Scope { get; set; }
[Input("token")]
private Input<string>? _token;
/// <summary>
/// The GitHub Actions token to use. This is not a personal access tokens
/// and is typically generated automatically as part of each job.
///
/// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public Input<string>? Token
{
get => _token;
set
{
var emptySecret = Output.CreateSecret(0);
_token = Output.Tuple<Input<string>?, int>(value, emptySecret).Apply(t => t.Item1);
}
}
/// <summary>
/// The cache server URL to use for artifacts.
///
/// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
[Input("url")]
public Input<string>? Url { get; set; }
public CacheToGitHubActionsArgs()
{
IgnoreError = false;
Mode = Pulumi.DockerBuild.CacheMode.Min;
Scope = "buildkit";
Token = Utilities.GetEnv("ACTIONS_RUNTIME_TOKEN") ?? "";
Url = Utilities.GetEnv("ACTIONS_CACHE_URL") ?? "";
}
public static new CacheToGitHubActionsArgs Empty => new CacheToGitHubActionsArgs();
}

2
sdk/dotnet/Inputs/CacheToInlineArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/CacheToLocalArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/CacheToRegistryArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/CacheToS3Args.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/ContextArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/DockerfileArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/ExportArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/ExportCacheOnlyArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/ExportDockerArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/ExportImageArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/ExportLocalArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/ExportOCIArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/ExportRegistryArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/ExportTarArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/RegistryArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Inputs/SSHArgs.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Outputs/BuildContext.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Outputs/BuilderConfig.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Outputs/CacheFrom.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Outputs/CacheFromAzureBlob.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

34
sdk/dotnet/Outputs/CacheFromGitHubActions.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;
@@ -10,12 +10,6 @@ using Pulumi.Serialization;
namespace Pulumi.DockerBuild.Outputs
{
/// <summary>
/// Recommended for use with GitHub Actions workflows.
///
/// An action like `crazy-max/ghaction-github-runtime` is recommended to expose
/// appropriate credentials to your GitHub workflow.
/// </summary>
[OutputType]
public sealed class CacheFromGitHubActions
{
@@ -26,11 +20,35 @@ namespace Pulumi.DockerBuild.Outputs
/// workflow, otherwise caches will overwrite each other.
/// </summary>
public readonly string? Scope;
/// <summary>
/// The GitHub Actions token to use. This is not a personal access tokens
/// and is typically generated automatically as part of each job.
///
/// Defaults to `$ACTIONS_RUNTIME_TOKEN`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public readonly string? Token;
/// <summary>
/// The cache server URL to use for artifacts.
///
/// Defaults to `$ACTIONS_CACHE_URL`, although a separate action like
/// `crazy-max/ghaction-github-runtime` is recommended to expose this
/// environment variable to your jobs.
/// </summary>
public readonly string? Url;
[OutputConstructor]
private CacheFromGitHubActions(string? scope)
private CacheFromGitHubActions(
string? scope,
string? token,
string? url)
{
Scope = scope;
Token = token;
Url = url;
}
}
}

2
sdk/dotnet/Outputs/CacheFromLocal.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Outputs/CacheFromRegistry.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Outputs/CacheFromS3.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

2
sdk/dotnet/Outputs/CacheTo.cs generated
View File

@@ -1,4 +1,4 @@
// *** WARNING: this file was generated by pulumi-language-dotnet. ***
// *** WARNING: this file was generated by pulumi. ***
// *** Do not edit by hand unless you're certain you know what you are doing! ***
using System;

Some files were not shown because too many files have changed in this diff Show More