sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity

Compare commits

base: sam_oneal:v0.0.16
Branches Tags
sam_oneal:main sam_oneal:debug-image sam_oneal:renovate/major-pulumi sam_oneal:renovate/security sam_oneal:update-pulumi/26579044728-128 sam_oneal:update-pulumi/26229658565-127 sam_oneal:renovate/major-security sam_oneal:update-pulumi/25497905451-125 sam_oneal:update-github-actions-workflows-1172 sam_oneal:update-pulumi/24511459645-122 sam_oneal:update-pulumi/24191344757-121 sam_oneal:update-pulumi/23901444046-120 sam_oneal:update-pulumi/23595431521-119 sam_oneal:update-pulumi/23295872936-118 sam_oneal:update-github-actions-workflows-704 sam_oneal:update-pulumi/23002983312-117 sam_oneal:update-pulumi/22718886647-116 sam_oneal:update-github-actions-workflows-1114 sam_oneal:update-pulumi/22442999542-115 sam_oneal:update-pulumi/22182641498-114 sam_oneal:update-github-actions-workflows-1092 sam_oneal:update-pulumi/21947465199-113 sam_oneal:iwahhbe/update-dotnet-codegen sam_oneal:update-pulumi/21712281897-112 sam_oneal:update-github-actions-workflows-642 sam_oneal:update-pulumi/21478933959-111 sam_oneal:update-pulumi/21249204200-110 sam_oneal:update-pulumi/21031979833-109 sam_oneal:update-pulumi/20817484855-108 sam_oneal:update-pulumi/20638879280-107 sam_oneal:update-pulumi/20505377620-106 sam_oneal:update-pulumi/20337605127-105 sam_oneal:update-github-actions-workflows-1025 sam_oneal:update-github-actions-workflows-1024 sam_oneal:update-github-actions-workflows-568 sam_oneal:update-github-actions-workflows-1023 sam_oneal:update-github-actions-workflows-1022 sam_oneal:update-github-actions-workflows-1021 sam_oneal:update-github-actions-workflows-1020 sam_oneal:update-github-actions-workflows-1019 sam_oneal:update-pulumi/20133762954-104 sam_oneal:update-github-actions-workflows-1016 sam_oneal:update-github-actions-workflows-1015 sam_oneal:update-github-actions-workflows-1014 sam_oneal:update-github-actions-workflows-1013 sam_oneal:update-github-actions-workflows-1012 sam_oneal:update-github-actions-workflows-1011 sam_oneal:update-pulumi/19929659171-103 sam_oneal:update-github-actions-workflows-1010 sam_oneal:update-github-actions-workflows-1009 sam_oneal:update-github-actions-workflows-1008 sam_oneal:update-github-actions-workflows-1007 sam_oneal:update-github-actions-workflows-1006 sam_oneal:update-github-actions-workflows-1005 sam_oneal:update-github-actions-workflows-1004 sam_oneal:update-github-actions-workflows-1003 sam_oneal:update-pulumi/19736920399-102 sam_oneal:update-github-actions-workflows-1002 sam_oneal:update-github-actions-workflows-1001 sam_oneal:update-github-actions-workflows-1000 sam_oneal:update-pulumi/19537526118-101 sam_oneal:update-pulumi/19332198478-100 sam_oneal:update-github-actions-workflows-985 sam_oneal:update-github-actions-workflows-984 sam_oneal:update-github-actions-workflows-983 sam_oneal:pose/fixes/golangci-lint-upgrade-to-v2 sam_oneal:update-github-actions-workflows-982 sam_oneal:update-github-actions-workflows-981 sam_oneal:update-pulumi/19136291852-99 sam_oneal:update-github-actions-workflows-980 sam_oneal:update-github-actions-workflows-979 sam_oneal:update-github-actions-workflows-978 sam_oneal:update-github-actions-workflows-977 sam_oneal:update-github-actions-workflows-976 sam_oneal:update-github-actions-workflows-975 sam_oneal:update-github-actions-workflows-974 sam_oneal:update-pulumi/18941265690-98 sam_oneal:update-github-actions-workflows-973 sam_oneal:update-github-actions-workflows-972 sam_oneal:update-github-actions-workflows-971 sam_oneal:update-github-actions-workflows-970 sam_oneal:update-github-actions-workflows-969 sam_oneal:update-github-actions-workflows-965 sam_oneal:update-pulumi/18748991289-97 sam_oneal:update-pulumi/18561908881-96 sam_oneal:update-pulumi/18376962578-95 sam_oneal:update-pulumi/18193512866-94 sam_oneal:update-github-actions-workflows-552 sam_oneal:update-github-actions-workflows-548 sam_oneal:update-github-actions-workflows-546 sam_oneal:update-pulumi/18008090346-93 sam_oneal:update-pulumi/17829264550-92 sam_oneal:update-pulumi/17645108435-91 sam_oneal:update-github-actions-workflows-920 sam_oneal:update-github-actions-workflows-913 sam_oneal:update-github-actions-workflows-912 sam_oneal:update-github-actions-workflows-911 sam_oneal:update-github-actions-workflows-910 sam_oneal:update-pulumi/17296416183-89 sam_oneal:update-pulumi/17127477815-88 sam_oneal:update-github-actions-workflows-889 sam_oneal:update-github-actions-workflows-493 sam_oneal:blampe/json-keys sam_oneal:update-pulumi/16497427062-83 sam_oneal:blampe/go-provider-bracket sam_oneal:update-github-actions-workflows-784 sam_oneal:update-pulumi/14642101166-70 sam_oneal:adopt-ci-mgmt sam_oneal:mise sam_oneal:blampe/gha-token sam_oneal:iwahbe/upgrade-go-provider sam_oneal:ci
sam_oneal:v0.0.19 sam_oneal:sdk/go/dockerbuild/v0.0.18 sam_oneal:v0.0.18 sam_oneal:sdk/go/dockerbuild/v0.0.17 sam_oneal:v0.0.17 sam_oneal:sdk/go/dockerbuild/v0.0.16 sam_oneal:v0.0.16 sam_oneal:sdk/go/dockerbuild/v0.0.15 sam_oneal:v0.0.15 sam_oneal:sdk/go/dockerbuild/v0.0.14 sam_oneal:v0.0.14 sam_oneal:sdk/go/dockerbuild/v0.0.13 sam_oneal:v0.0.13 sam_oneal:sdk/go/dockerbuild/v0.0.12 sam_oneal:v0.0.12 sam_oneal:sdk/go/dockerbuild/v0.0.11 sam_oneal:v0.0.11 sam_oneal:sdk/go/dockerbuild/v0.0.10 sam_oneal:v0.0.10 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.99 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.100 sam_oneal:v0.0.1-alpha.100 sam_oneal:v0.0.1-testwindows.signing sam_oneal:sdk/go/dockerbuild/v0.0.9 sam_oneal:v0.0.9 sam_oneal:sdk/go/dockerbuild/v0.0.8 sam_oneal:v0.0.8 sam_oneal:sdk/go/dockerbuild/v0.0.7 sam_oneal:v0.0.7 sam_oneal:sdk/go/dockerbuild/v0.0.6 sam_oneal:v0.0.6 sam_oneal:sdk/go/dockerbuild/v0.0.5 sam_oneal:v0.0.5 sam_oneal:sdk/go/dockerbuild/v0.0.4 sam_oneal:v0.0.4 sam_oneal:sdk/go/dockerbuild/v0.0.3 sam_oneal:sdk/v0.0.3 sam_oneal:v0.0.3 sam_oneal:v0.0.2 sam_oneal:sdk/v0.0.2 sam_oneal:sdk/v0.0.1 sam_oneal:v0.0.1 sam_oneal:v0.0.1-alpha.3 sam_oneal:v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.1 sam_oneal:v0.0.1-alpha.1
...
compare: sam_oneal:update-github-actions-workflows-1024
Branches Tags
sam_oneal:debug-image sam_oneal:renovate/major-pulumi sam_oneal:renovate/security sam_oneal:main sam_oneal:update-pulumi/26579044728-128 sam_oneal:update-pulumi/26229658565-127 sam_oneal:renovate/major-security sam_oneal:update-pulumi/25497905451-125 sam_oneal:update-github-actions-workflows-1172 sam_oneal:update-pulumi/24511459645-122 sam_oneal:update-pulumi/24191344757-121 sam_oneal:update-pulumi/23901444046-120 sam_oneal:update-pulumi/23595431521-119 sam_oneal:update-pulumi/23295872936-118 sam_oneal:update-github-actions-workflows-704 sam_oneal:update-pulumi/23002983312-117 sam_oneal:update-pulumi/22718886647-116 sam_oneal:update-github-actions-workflows-1114 sam_oneal:update-pulumi/22442999542-115 sam_oneal:update-pulumi/22182641498-114 sam_oneal:update-github-actions-workflows-1092 sam_oneal:update-pulumi/21947465199-113 sam_oneal:iwahhbe/update-dotnet-codegen sam_oneal:update-pulumi/21712281897-112 sam_oneal:update-github-actions-workflows-642 sam_oneal:update-pulumi/21478933959-111 sam_oneal:update-pulumi/21249204200-110 sam_oneal:update-pulumi/21031979833-109 sam_oneal:update-pulumi/20817484855-108 sam_oneal:update-pulumi/20638879280-107 sam_oneal:update-pulumi/20505377620-106 sam_oneal:update-pulumi/20337605127-105 sam_oneal:update-github-actions-workflows-1025 sam_oneal:update-github-actions-workflows-1024 sam_oneal:update-github-actions-workflows-568 sam_oneal:update-github-actions-workflows-1023 sam_oneal:update-github-actions-workflows-1022 sam_oneal:update-github-actions-workflows-1021 sam_oneal:update-github-actions-workflows-1020 sam_oneal:update-github-actions-workflows-1019 sam_oneal:update-pulumi/20133762954-104 sam_oneal:update-github-actions-workflows-1016 sam_oneal:update-github-actions-workflows-1015 sam_oneal:update-github-actions-workflows-1014 sam_oneal:update-github-actions-workflows-1013 sam_oneal:update-github-actions-workflows-1012 sam_oneal:update-github-actions-workflows-1011 sam_oneal:update-pulumi/19929659171-103 sam_oneal:update-github-actions-workflows-1010 sam_oneal:update-github-actions-workflows-1009 sam_oneal:update-github-actions-workflows-1008 sam_oneal:update-github-actions-workflows-1007 sam_oneal:update-github-actions-workflows-1006 sam_oneal:update-github-actions-workflows-1005 sam_oneal:update-github-actions-workflows-1004 sam_oneal:update-github-actions-workflows-1003 sam_oneal:update-pulumi/19736920399-102 sam_oneal:update-github-actions-workflows-1002 sam_oneal:update-github-actions-workflows-1001 sam_oneal:update-github-actions-workflows-1000 sam_oneal:update-pulumi/19537526118-101 sam_oneal:update-pulumi/19332198478-100 sam_oneal:update-github-actions-workflows-985 sam_oneal:update-github-actions-workflows-984 sam_oneal:update-github-actions-workflows-983 sam_oneal:pose/fixes/golangci-lint-upgrade-to-v2 sam_oneal:update-github-actions-workflows-982 sam_oneal:update-github-actions-workflows-981 sam_oneal:update-pulumi/19136291852-99 sam_oneal:update-github-actions-workflows-980 sam_oneal:update-github-actions-workflows-979 sam_oneal:update-github-actions-workflows-978 sam_oneal:update-github-actions-workflows-977 sam_oneal:update-github-actions-workflows-976 sam_oneal:update-github-actions-workflows-975 sam_oneal:update-github-actions-workflows-974 sam_oneal:update-pulumi/18941265690-98 sam_oneal:update-github-actions-workflows-973 sam_oneal:update-github-actions-workflows-972 sam_oneal:update-github-actions-workflows-971 sam_oneal:update-github-actions-workflows-970 sam_oneal:update-github-actions-workflows-969 sam_oneal:update-github-actions-workflows-965 sam_oneal:update-pulumi/18748991289-97 sam_oneal:update-pulumi/18561908881-96 sam_oneal:update-pulumi/18376962578-95 sam_oneal:update-pulumi/18193512866-94 sam_oneal:update-github-actions-workflows-552 sam_oneal:update-github-actions-workflows-548 sam_oneal:update-github-actions-workflows-546 sam_oneal:update-pulumi/18008090346-93 sam_oneal:update-pulumi/17829264550-92 sam_oneal:update-pulumi/17645108435-91 sam_oneal:update-github-actions-workflows-920 sam_oneal:update-github-actions-workflows-913 sam_oneal:update-github-actions-workflows-912 sam_oneal:update-github-actions-workflows-911 sam_oneal:update-github-actions-workflows-910 sam_oneal:update-pulumi/17296416183-89 sam_oneal:update-pulumi/17127477815-88 sam_oneal:update-github-actions-workflows-889 sam_oneal:update-github-actions-workflows-493 sam_oneal:blampe/json-keys sam_oneal:update-pulumi/16497427062-83 sam_oneal:blampe/go-provider-bracket sam_oneal:update-github-actions-workflows-784 sam_oneal:update-pulumi/14642101166-70 sam_oneal:adopt-ci-mgmt sam_oneal:mise sam_oneal:blampe/gha-token sam_oneal:iwahbe/upgrade-go-provider sam_oneal:ci
sam_oneal:v0.0.19 sam_oneal:sdk/go/dockerbuild/v0.0.18 sam_oneal:v0.0.18 sam_oneal:sdk/go/dockerbuild/v0.0.17 sam_oneal:v0.0.17 sam_oneal:sdk/go/dockerbuild/v0.0.16 sam_oneal:v0.0.16 sam_oneal:sdk/go/dockerbuild/v0.0.15 sam_oneal:v0.0.15 sam_oneal:sdk/go/dockerbuild/v0.0.14 sam_oneal:v0.0.14 sam_oneal:sdk/go/dockerbuild/v0.0.13 sam_oneal:v0.0.13 sam_oneal:sdk/go/dockerbuild/v0.0.12 sam_oneal:v0.0.12 sam_oneal:sdk/go/dockerbuild/v0.0.11 sam_oneal:v0.0.11 sam_oneal:sdk/go/dockerbuild/v0.0.10 sam_oneal:v0.0.10 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.101 sam_oneal:v0.0.1-alpha.99 sam_oneal:sdk/go/dockerbuild/v0.0.1-alpha.100 sam_oneal:v0.0.1-alpha.100 sam_oneal:v0.0.1-testwindows.signing sam_oneal:sdk/go/dockerbuild/v0.0.9 sam_oneal:v0.0.9 sam_oneal:sdk/go/dockerbuild/v0.0.8 sam_oneal:v0.0.8 sam_oneal:sdk/go/dockerbuild/v0.0.7 sam_oneal:v0.0.7 sam_oneal:sdk/go/dockerbuild/v0.0.6 sam_oneal:v0.0.6 sam_oneal:sdk/go/dockerbuild/v0.0.5 sam_oneal:v0.0.5 sam_oneal:sdk/go/dockerbuild/v0.0.4 sam_oneal:v0.0.4 sam_oneal:sdk/go/dockerbuild/v0.0.3 sam_oneal:sdk/v0.0.3 sam_oneal:v0.0.3 sam_oneal:v0.0.2 sam_oneal:sdk/v0.0.2 sam_oneal:sdk/v0.0.1 sam_oneal:v0.0.1 sam_oneal:v0.0.1-alpha.3 sam_oneal:v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.2 sam_oneal:sdk/v0.0.1-alpha.1 sam_oneal:v0.0.1-alpha.1

2 Commits
v0.0.16 ... update-git

Author SHA1 Message Date
Bryce Lampe
eec0ed83ee ignore .pulumi 2025-12-15 13:29:21 -08:00
Pulumi Bot
36a78a53ff [internal] Update GitHub Actions workflow files 2025-12-15 05:33:17 +00:00
14 changed files with 220 additions and 362 deletions
Expand all files Collapse all files

14
.config/mise.toml
View File

@@ -3,11 +3,12 @@
[env]
_.source = "{{config_root}}/scripts/get-versions.sh"
PULUMI_HOME = "{{config_root}}/.pulumi"
[tools]
# Runtimes
# TODO: we may not need `get_env` once https://github.com/jdx/mise/discussions/6339 is fixed
# TODO: we may not need 'get_env' once https://github.com/jdx/mise/discussions/6339 is fixed
go = "{{ get_env(name='GO_VERSION_MISE', default='latest') }}"
node = '20.19.5'
python = '3.11.8'
@@ -17,12 +18,15 @@ java = 'corretto-11'
# Executable tools
pulumi = "{{ get_env(name='PULUMI_VERSION_MISE', default='latest') }}"
"github:pulumi/pulumictl" = 'latest'
"github:pulumi/schema-tools" = "latest"
gradle = '7.6'
"github:pulumi/pulumictl" = '0.0.50'
"github:pulumi/schema-tools" = "0.6.0"
"aqua:gradle/gradle-distributions" = '7.6.6'
golangci-lint = "1.64.8" # See note about about overrides if you need to customize this.
"npm:yarn" = "1.22.22"
[settings]
experimental = true # Required for Go binaries (e.g. pulumictl).
lockfile = true
lockfile = false
[plugins]
vfox-pulumi = "https://github.com/pulumi/vfox-pulumi"

8
.github/actions/setup-tools/action.yml vendored
View File

@@ -14,14 +14,16 @@ runs:
using: "composite"
steps:
- name: Setup mise
uses: jdx/mise-action@d16887ba50704baed7de72bd1e82e04391e4457a # v3
uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3
env:
MISE_FETCH_REMOTE_VERSIONS_TIMEOUT: 30s
with:
version: 2025.11.6
cache_save: ${{ inputs.cache }}
github_token: ${{ inputs.github_token }}
- name: Setup Go Cache
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
with:
cache: ${{ inputs.cache }}
cache-dependency-path: |
@@ -32,7 +34,7 @@ runs:
*.sum
- name: Setup Node
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6
with:
# we don't set node-version because we install with mise.
# this step is needed to setup npm auth

154
.github/workflows/build.yml vendored
View File

@@ -47,7 +47,7 @@ jobs:
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -59,6 +59,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -122,54 +128,6 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar provider binaries
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
@@ -218,7 +176,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -230,6 +188,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -240,7 +204,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Generate SDK
@@ -259,54 +223,6 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
@@ -335,7 +251,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -380,7 +296,7 @@ jobs:
id-token: write # For ESC secrets and Pulumi access token OIDC.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -392,6 +308,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -402,7 +324,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Download SDK
@@ -477,7 +399,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -489,6 +411,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -499,7 +427,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Clear GitHub Actions Ubuntu runner disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
with:
@@ -510,7 +438,7 @@ jobs:
swap-storage: true
large-packages: false
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
@@ -550,7 +478,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -562,6 +490,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -570,7 +504,7 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
path: ci-scripts
repository: pulumi/scripts
@@ -578,7 +512,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download python SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
@@ -631,7 +565,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false
@@ -639,7 +573,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Disarm go:embed directives to enable linters that compile source code
run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i
's/go:embed/ goembed/g'

5
.github/workflows/command-dispatch.yml vendored
View File

@@ -14,6 +14,7 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
jobs:
command-dispatch-for-testing:
@@ -24,7 +25,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
- env:
@@ -36,7 +37,7 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: peter-evans/slash-command-dispatch@13bc09769d122a64f75aa5037256f6f2d78be8c4 # v4
- uses: peter-evans/slash-command-dispatch@5c11dc7efead556e3bdabf664302212f79eb26fa # v5
with:
commands: |
run-acceptance-tests

2
.github/workflows/community-moderation.yml vendored
View File

@@ -6,7 +6,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
- id: schema_changed

2
.github/workflows/export-repo-secrets.yml vendored
View File

@@ -8,7 +8,7 @@ jobs:
steps:
- name: Generate a GitHub token
id: generate-token
uses: actions/create-github-app-token@v1
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2
with:
app-id: 1256780 # Export Secrets GitHub App
private-key: ${{ secrets.EXPORT_SECRETS_PRIVATE_KEY }}

160
.github/workflows/prerelease.yml vendored
View File

@@ -36,7 +36,7 @@ jobs:
name: prerequisites
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -48,6 +48,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -111,54 +117,6 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar provider binaries
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
@@ -207,7 +165,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -219,6 +177,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -229,7 +193,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Generate SDK
@@ -248,54 +212,6 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit ${{ matrix.language }} SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
@@ -333,7 +249,7 @@ jobs:
id-token: write # For ESC secrets and Pulumi access token OIDC.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -345,6 +261,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -355,7 +277,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Download SDK
@@ -430,7 +352,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -442,6 +364,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -452,7 +380,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Clear GitHub Actions Ubuntu runner disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
with:
@@ -463,7 +391,7 @@ jobs:
swap-storage: true
large-packages: false
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
@@ -503,7 +431,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -515,6 +443,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -523,7 +457,7 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
path: ci-scripts
repository: pulumi/scripts
@@ -531,7 +465,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download python SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
@@ -585,7 +519,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -597,6 +531,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -607,7 +547,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download java SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
@@ -635,7 +575,7 @@ jobs:
needs: publish_sdk
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- id: version

2
.github/workflows/pull-request.yml vendored
View File

@@ -10,7 +10,7 @@ jobs:
name: comment-on-pr
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- name: Comment PR

170
.github/workflows/release.yml vendored
View File

@@ -39,7 +39,7 @@ jobs:
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -51,6 +51,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -62,7 +68,7 @@ jobs:
uses: ./.github/actions/setup-tools
with:
cache: 'true'
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
@@ -114,54 +120,6 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar provider binaries
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
@@ -210,7 +168,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -222,6 +180,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -232,7 +196,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Generate SDK
@@ -251,54 +215,6 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
run: >
git diff --quiet -- sdk && echo "no changes to sdk" && exit
git config --global user.email "bot@pulumi.com"
git config --global user.name "pulumi-bot"
# Stash local changes and check out the PR's branch directly.
git stash
git fetch
git checkout "origin/$HEAD_REF"
# Apply and add our changes, but don't commit any files we expect to
# always change due to versioning.
git stash pop
git add sdk
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
sdk/dotnet/pulumi-plugin.json \
sdk/dotnet/*.*.csproj \
sdk/dotnet/version.txt \
sdk/go/*/pulumi-plugin.json \
sdk/go/*/internal/pulumiUtilities.go \
sdk/nodejs/package.json
git commit -m 'Commit SDK for Renovate'
# Push with pulumi-bot credentials to trigger a re-run of the
# workflow. https://github.com/orgs/community/discussions/25702
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
env:
HEAD_REF: ${{ github.head_ref }}
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
@@ -336,7 +252,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -348,6 +264,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -358,7 +280,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Download SDK
@@ -433,7 +355,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -445,6 +367,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -455,7 +383,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Clear GitHub Actions Ubuntu runner disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
with:
@@ -466,7 +394,7 @@ jobs:
swap-storage: true
large-packages: false
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
@@ -506,7 +434,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -518,6 +446,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -526,7 +460,7 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
path: ci-scripts
repository: pulumi/scripts
@@ -534,7 +468,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download python SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
@@ -588,7 +522,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -600,6 +534,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -610,7 +550,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download java SDK
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
@@ -638,7 +578,7 @@ jobs:
needs: publish_sdk
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- id: version
@@ -674,7 +614,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -686,6 +626,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
with:

2
.github/workflows/release_command.yml vendored
View File

@@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
- env:

50
.github/workflows/run-acceptance-tests.yml vendored
View File

@@ -32,6 +32,7 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }}
jobs:
comment-notification:
@@ -40,7 +41,7 @@ jobs:
name: comment-notification
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false
@@ -65,7 +66,7 @@ jobs:
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false
@@ -79,6 +80,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -90,7 +97,7 @@ jobs:
uses: ./.github/actions/setup-tools
with:
cache: 'true'
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
@@ -142,8 +149,12 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
# This worktree check is a safeguard against someone forgetting to
# re-build and commit locally, but we handle that commit automatically in
# the case of dependency bumps.
continue-on-error: ${{ contains(github.actor, 'renovate') }}
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
if: steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
@@ -169,7 +180,7 @@ jobs:
git stash pop
git add sdk
git add sdk provider/cmd/docker-build/schema.json
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
@@ -240,7 +251,7 @@ jobs:
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false
@@ -254,6 +265,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -264,7 +281,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download provider
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
@@ -292,8 +309,9 @@ jobs:
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
continue-on-error: ${{ contains(github.actor, 'renovate') }}
- name: Commit SDK changes for Renovate
if: failure() && steps.worktreeClean.outcome == 'failure' &&
if: steps.worktreeClean.outcome == 'failure' &&
contains(github.actor, 'renovate') && github.event_name ==
'pull_request'
shell: bash
@@ -319,7 +337,7 @@ jobs:
git stash pop
git add sdk
git add sdk provider/cmd/docker-build/schema.json
git reset sdk/python/*/pulumi-plugin.json \
sdk/python/pyproject.toml \
@@ -379,7 +397,7 @@ jobs:
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false
@@ -393,6 +411,12 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
@@ -403,7 +427,7 @@ jobs:
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download provider
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
with:
@@ -490,7 +514,7 @@ jobs:
name: sentinel
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false
@@ -525,7 +549,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
persist-credentials: false

11
.github/workflows/weekly-pulumi-update.yml vendored
View File

@@ -29,6 +29,7 @@ env:
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
jobs:
weekly-pulumi-update:
@@ -36,7 +37,7 @@ jobs:
permissions: write-all
steps:
- name: Checkout Repo
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
lfs: true
- env:
@@ -48,10 +49,16 @@ jobs:
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
github_token: ${{ steps.app-auth.outputs.token }}
- name: Update Pulumi/Pulumi
id: gomod
run: >-

1
.gitignore vendored
View File

@@ -7,6 +7,7 @@
**/.ionide
**/.vscode
*.swp
.pulumi
Pulumi.*.yaml
yarn.lock
ci-scripts

1
.goreleaser.yml
View File

@@ -1,5 +1,4 @@
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
project_name: pulumi-docker-build
builds:
- id: build-provider