Compare commits
1 Commits
v0.0.17
...
update-git
| Author | SHA1 | Date | |
|---|---|---|---|
|
0a71d79599 |
@@ -3,11 +3,12 @@
|
||||
|
||||
[env]
|
||||
_.source = "{{config_root}}/scripts/get-versions.sh"
|
||||
PULUMI_HOME = "{{config_root}}/.pulumi"
|
||||
|
||||
[tools]
|
||||
|
||||
# Runtimes
|
||||
# TODO: we may not need `get_env` once https://github.com/jdx/mise/discussions/6339 is fixed
|
||||
# TODO: we may not need 'get_env' once https://github.com/jdx/mise/discussions/6339 is fixed
|
||||
go = "{{ get_env(name='GO_VERSION_MISE', default='latest') }}"
|
||||
node = '20.19.5'
|
||||
python = '3.11.8'
|
||||
@@ -17,12 +18,15 @@ java = 'corretto-11'
|
||||
|
||||
# Executable tools
|
||||
pulumi = "{{ get_env(name='PULUMI_VERSION_MISE', default='latest') }}"
|
||||
"github:pulumi/pulumictl" = 'latest'
|
||||
"github:pulumi/schema-tools" = "latest"
|
||||
gradle = '7.6'
|
||||
"github:pulumi/pulumictl" = '0.0.50'
|
||||
"github:pulumi/schema-tools" = "0.6.0"
|
||||
"aqua:gradle/gradle-distributions" = '7.6.6'
|
||||
golangci-lint = "1.64.8" # See note about about overrides if you need to customize this.
|
||||
"npm:yarn" = "1.22.22"
|
||||
|
||||
[settings]
|
||||
experimental = true # Required for Go binaries (e.g. pulumictl).
|
||||
lockfile = true
|
||||
lockfile = false
|
||||
|
||||
[plugins]
|
||||
vfox-pulumi = "https://github.com/pulumi/vfox-pulumi"
|
||||
|
||||
8
.github/actions/setup-tools/action.yml
vendored
8
.github/actions/setup-tools/action.yml
vendored
@@ -14,14 +14,16 @@ runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Setup mise
|
||||
uses: jdx/mise-action@d16887ba50704baed7de72bd1e82e04391e4457a # v3
|
||||
uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3
|
||||
env:
|
||||
MISE_FETCH_REMOTE_VERSIONS_TIMEOUT: 30s
|
||||
with:
|
||||
version: 2025.11.6
|
||||
cache_save: ${{ inputs.cache }}
|
||||
github_token: ${{ inputs.github_token }}
|
||||
|
||||
- name: Setup Go Cache
|
||||
uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
|
||||
uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
|
||||
with:
|
||||
cache: ${{ inputs.cache }}
|
||||
cache-dependency-path: |
|
||||
@@ -32,7 +34,7 @@ runs:
|
||||
*.sum
|
||||
|
||||
- name: Setup Node
|
||||
uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6
|
||||
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6
|
||||
with:
|
||||
# we don't set node-version because we install with mise.
|
||||
# this step is needed to setup npm auth
|
||||
|
||||
114
.github/workflows/build.yml
vendored
114
.github/workflows/build.yml
vendored
@@ -47,7 +47,7 @@ jobs:
|
||||
pull-requests: write # For schema check comment.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -122,54 +122,6 @@ jobs:
|
||||
sdk/nodejs/package.json
|
||||
sdk/python/pyproject.toml
|
||||
sdk/java/build.gradle
|
||||
- name: Commit SDK changes for Renovate
|
||||
if: failure() && steps.worktreeClean.outcome == 'failure' &&
|
||||
contains(github.actor, 'renovate') && github.event_name ==
|
||||
'pull_request'
|
||||
shell: bash
|
||||
run: >
|
||||
git diff --quiet -- sdk && echo "no changes to sdk" && exit
|
||||
|
||||
git config --global user.email "bot@pulumi.com"
|
||||
|
||||
git config --global user.name "pulumi-bot"
|
||||
|
||||
# Stash local changes and check out the PR's branch directly.
|
||||
|
||||
git stash
|
||||
|
||||
git fetch
|
||||
|
||||
git checkout "origin/$HEAD_REF"
|
||||
|
||||
|
||||
# Apply and add our changes, but don't commit any files we expect to
|
||||
|
||||
# always change due to versioning.
|
||||
|
||||
git stash pop
|
||||
|
||||
git add sdk
|
||||
|
||||
git reset sdk/python/*/pulumi-plugin.json \
|
||||
sdk/python/pyproject.toml \
|
||||
sdk/dotnet/pulumi-plugin.json \
|
||||
sdk/dotnet/*.*.csproj \
|
||||
sdk/dotnet/version.txt \
|
||||
sdk/go/*/pulumi-plugin.json \
|
||||
sdk/go/*/internal/pulumiUtilities.go \
|
||||
sdk/nodejs/package.json
|
||||
|
||||
git commit -m 'Commit SDK for Renovate'
|
||||
|
||||
|
||||
# Push with pulumi-bot credentials to trigger a re-run of the
|
||||
|
||||
# workflow. https://github.com/orgs/community/discussions/25702
|
||||
|
||||
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
- run: git status --porcelain
|
||||
- name: Tar provider binaries
|
||||
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
|
||||
@@ -218,7 +170,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -259,54 +211,6 @@ jobs:
|
||||
sdk/nodejs/package.json
|
||||
sdk/python/pyproject.toml
|
||||
sdk/java/build.gradle
|
||||
- name: Commit SDK changes for Renovate
|
||||
if: failure() && steps.worktreeClean.outcome == 'failure' &&
|
||||
contains(github.actor, 'renovate') && github.event_name ==
|
||||
'pull_request'
|
||||
shell: bash
|
||||
run: >
|
||||
git diff --quiet -- sdk && echo "no changes to sdk" && exit
|
||||
|
||||
git config --global user.email "bot@pulumi.com"
|
||||
|
||||
git config --global user.name "pulumi-bot"
|
||||
|
||||
# Stash local changes and check out the PR's branch directly.
|
||||
|
||||
git stash
|
||||
|
||||
git fetch
|
||||
|
||||
git checkout "origin/$HEAD_REF"
|
||||
|
||||
|
||||
# Apply and add our changes, but don't commit any files we expect to
|
||||
|
||||
# always change due to versioning.
|
||||
|
||||
git stash pop
|
||||
|
||||
git add sdk
|
||||
|
||||
git reset sdk/python/*/pulumi-plugin.json \
|
||||
sdk/python/pyproject.toml \
|
||||
sdk/dotnet/pulumi-plugin.json \
|
||||
sdk/dotnet/*.*.csproj \
|
||||
sdk/dotnet/version.txt \
|
||||
sdk/go/*/pulumi-plugin.json \
|
||||
sdk/go/*/internal/pulumiUtilities.go \
|
||||
sdk/nodejs/package.json
|
||||
|
||||
git commit -m 'Commit SDK for Renovate'
|
||||
|
||||
|
||||
# Push with pulumi-bot credentials to trigger a re-run of the
|
||||
|
||||
# workflow. https://github.com/orgs/community/discussions/25702
|
||||
|
||||
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
- run: git status --porcelain
|
||||
- name: Tar SDK folder
|
||||
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
|
||||
@@ -335,7 +239,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -380,7 +284,7 @@ jobs:
|
||||
id-token: write # For ESC secrets and Pulumi access token OIDC.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -477,7 +381,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -510,7 +414,7 @@ jobs:
|
||||
swap-storage: true
|
||||
large-packages: false
|
||||
- name: Configure AWS Credentials
|
||||
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
|
||||
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
|
||||
with:
|
||||
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
|
||||
aws-region: us-east-2
|
||||
@@ -550,7 +454,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -570,7 +474,7 @@ jobs:
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Checkout Scripts Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
path: ci-scripts
|
||||
repository: pulumi/scripts
|
||||
@@ -631,7 +535,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
persist-credentials: false
|
||||
|
||||
5
.github/workflows/command-dispatch.yml
vendored
5
.github/workflows/command-dispatch.yml
vendored
@@ -14,6 +14,7 @@ env:
|
||||
GOOGLE_REGION: us-central1
|
||||
GOOGLE_ZONE: us-central1-a
|
||||
PULUMI_API: https://api.pulumi-staging.io
|
||||
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
|
||||
|
||||
jobs:
|
||||
command-dispatch-for-testing:
|
||||
@@ -24,7 +25,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
- env:
|
||||
@@ -36,7 +37,7 @@ jobs:
|
||||
id: esc-secrets
|
||||
name: Fetch secrets from ESC
|
||||
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
|
||||
- uses: peter-evans/slash-command-dispatch@13bc09769d122a64f75aa5037256f6f2d78be8c4 # v4
|
||||
- uses: peter-evans/slash-command-dispatch@5c11dc7efead556e3bdabf664302212f79eb26fa # v5
|
||||
with:
|
||||
commands: |
|
||||
run-acceptance-tests
|
||||
|
||||
2
.github/workflows/community-moderation.yml
vendored
2
.github/workflows/community-moderation.yml
vendored
@@ -6,7 +6,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
- id: schema_changed
|
||||
|
||||
2
.github/workflows/export-repo-secrets.yml
vendored
2
.github/workflows/export-repo-secrets.yml
vendored
@@ -8,7 +8,7 @@ jobs:
|
||||
steps:
|
||||
- name: Generate a GitHub token
|
||||
id: generate-token
|
||||
uses: actions/create-github-app-token@v1
|
||||
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2
|
||||
with:
|
||||
app-id: 1256780 # Export Secrets GitHub App
|
||||
private-key: ${{ secrets.EXPORT_SECRETS_PRIVATE_KEY }}
|
||||
|
||||
114
.github/workflows/prerelease.yml
vendored
114
.github/workflows/prerelease.yml
vendored
@@ -36,7 +36,7 @@ jobs:
|
||||
name: prerequisites
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -111,54 +111,6 @@ jobs:
|
||||
sdk/nodejs/package.json
|
||||
sdk/python/pyproject.toml
|
||||
sdk/java/build.gradle
|
||||
- name: Commit SDK changes for Renovate
|
||||
if: failure() && steps.worktreeClean.outcome == 'failure' &&
|
||||
contains(github.actor, 'renovate') && github.event_name ==
|
||||
'pull_request'
|
||||
shell: bash
|
||||
run: >
|
||||
git diff --quiet -- sdk && echo "no changes to sdk" && exit
|
||||
|
||||
git config --global user.email "bot@pulumi.com"
|
||||
|
||||
git config --global user.name "pulumi-bot"
|
||||
|
||||
# Stash local changes and check out the PR's branch directly.
|
||||
|
||||
git stash
|
||||
|
||||
git fetch
|
||||
|
||||
git checkout "origin/$HEAD_REF"
|
||||
|
||||
|
||||
# Apply and add our changes, but don't commit any files we expect to
|
||||
|
||||
# always change due to versioning.
|
||||
|
||||
git stash pop
|
||||
|
||||
git add sdk
|
||||
|
||||
git reset sdk/python/*/pulumi-plugin.json \
|
||||
sdk/python/pyproject.toml \
|
||||
sdk/dotnet/pulumi-plugin.json \
|
||||
sdk/dotnet/*.*.csproj \
|
||||
sdk/dotnet/version.txt \
|
||||
sdk/go/*/pulumi-plugin.json \
|
||||
sdk/go/*/internal/pulumiUtilities.go \
|
||||
sdk/nodejs/package.json
|
||||
|
||||
git commit -m 'Commit SDK for Renovate'
|
||||
|
||||
|
||||
# Push with pulumi-bot credentials to trigger a re-run of the
|
||||
|
||||
# workflow. https://github.com/orgs/community/discussions/25702
|
||||
|
||||
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
- run: git status --porcelain
|
||||
- name: Tar provider binaries
|
||||
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
|
||||
@@ -207,7 +159,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -248,54 +200,6 @@ jobs:
|
||||
sdk/nodejs/package.json
|
||||
sdk/python/pyproject.toml
|
||||
sdk/java/build.gradle
|
||||
- name: Commit ${{ matrix.language }} SDK changes for Renovate
|
||||
if: failure() && steps.worktreeClean.outcome == 'failure' &&
|
||||
contains(github.actor, 'renovate') && github.event_name ==
|
||||
'pull_request'
|
||||
shell: bash
|
||||
run: >
|
||||
git diff --quiet -- sdk && echo "no changes to sdk" && exit
|
||||
|
||||
git config --global user.email "bot@pulumi.com"
|
||||
|
||||
git config --global user.name "pulumi-bot"
|
||||
|
||||
# Stash local changes and check out the PR's branch directly.
|
||||
|
||||
git stash
|
||||
|
||||
git fetch
|
||||
|
||||
git checkout "origin/$HEAD_REF"
|
||||
|
||||
|
||||
# Apply and add our changes, but don't commit any files we expect to
|
||||
|
||||
# always change due to versioning.
|
||||
|
||||
git stash pop
|
||||
|
||||
git add sdk
|
||||
|
||||
git reset sdk/python/*/pulumi-plugin.json \
|
||||
sdk/python/pyproject.toml \
|
||||
sdk/dotnet/pulumi-plugin.json \
|
||||
sdk/dotnet/*.*.csproj \
|
||||
sdk/dotnet/version.txt \
|
||||
sdk/go/*/pulumi-plugin.json \
|
||||
sdk/go/*/internal/pulumiUtilities.go \
|
||||
sdk/nodejs/package.json
|
||||
|
||||
git commit -m 'Commit ${{ matrix.language }} SDK for Renovate'
|
||||
|
||||
|
||||
# Push with pulumi-bot credentials to trigger a re-run of the
|
||||
|
||||
# workflow. https://github.com/orgs/community/discussions/25702
|
||||
|
||||
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
- run: git status --porcelain
|
||||
- name: Tar SDK folder
|
||||
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
|
||||
@@ -333,7 +237,7 @@ jobs:
|
||||
id-token: write # For ESC secrets and Pulumi access token OIDC.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -430,7 +334,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -463,7 +367,7 @@ jobs:
|
||||
swap-storage: true
|
||||
large-packages: false
|
||||
- name: Configure AWS Credentials
|
||||
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
|
||||
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
|
||||
with:
|
||||
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
|
||||
aws-region: us-east-2
|
||||
@@ -503,7 +407,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -523,7 +427,7 @@ jobs:
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Checkout Scripts Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
path: ci-scripts
|
||||
repository: pulumi/scripts
|
||||
@@ -585,7 +489,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -635,7 +539,7 @@ jobs:
|
||||
needs: publish_sdk
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- id: version
|
||||
|
||||
2
.github/workflows/pull-request.yml
vendored
2
.github/workflows/pull-request.yml
vendored
@@ -10,7 +10,7 @@ jobs:
|
||||
name: comment-on-pr
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- name: Comment PR
|
||||
|
||||
128
.github/workflows/release.yml
vendored
128
.github/workflows/release.yml
vendored
@@ -39,7 +39,7 @@ jobs:
|
||||
pull-requests: write # For schema check comment.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -62,7 +62,7 @@ jobs:
|
||||
uses: ./.github/actions/setup-tools
|
||||
with:
|
||||
cache: 'true'
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
|
||||
- if: github.event_name == 'pull_request'
|
||||
name: Install Schema Tools
|
||||
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
|
||||
@@ -114,54 +114,6 @@ jobs:
|
||||
sdk/nodejs/package.json
|
||||
sdk/python/pyproject.toml
|
||||
sdk/java/build.gradle
|
||||
- name: Commit SDK changes for Renovate
|
||||
if: failure() && steps.worktreeClean.outcome == 'failure' &&
|
||||
contains(github.actor, 'renovate') && github.event_name ==
|
||||
'pull_request'
|
||||
shell: bash
|
||||
run: >
|
||||
git diff --quiet -- sdk && echo "no changes to sdk" && exit
|
||||
|
||||
git config --global user.email "bot@pulumi.com"
|
||||
|
||||
git config --global user.name "pulumi-bot"
|
||||
|
||||
# Stash local changes and check out the PR's branch directly.
|
||||
|
||||
git stash
|
||||
|
||||
git fetch
|
||||
|
||||
git checkout "origin/$HEAD_REF"
|
||||
|
||||
|
||||
# Apply and add our changes, but don't commit any files we expect to
|
||||
|
||||
# always change due to versioning.
|
||||
|
||||
git stash pop
|
||||
|
||||
git add sdk
|
||||
|
||||
git reset sdk/python/*/pulumi-plugin.json \
|
||||
sdk/python/pyproject.toml \
|
||||
sdk/dotnet/pulumi-plugin.json \
|
||||
sdk/dotnet/*.*.csproj \
|
||||
sdk/dotnet/version.txt \
|
||||
sdk/go/*/pulumi-plugin.json \
|
||||
sdk/go/*/internal/pulumiUtilities.go \
|
||||
sdk/nodejs/package.json
|
||||
|
||||
git commit -m 'Commit SDK for Renovate'
|
||||
|
||||
|
||||
# Push with pulumi-bot credentials to trigger a re-run of the
|
||||
|
||||
# workflow. https://github.com/orgs/community/discussions/25702
|
||||
|
||||
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
- run: git status --porcelain
|
||||
- name: Tar provider binaries
|
||||
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
|
||||
@@ -210,7 +162,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -232,7 +184,7 @@ jobs:
|
||||
- name: Setup Tools
|
||||
uses: ./.github/actions/setup-tools
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
|
||||
- name: Download Provider Binary
|
||||
uses: ./.github/actions/download-provider
|
||||
- name: Generate SDK
|
||||
@@ -251,54 +203,6 @@ jobs:
|
||||
sdk/nodejs/package.json
|
||||
sdk/python/pyproject.toml
|
||||
sdk/java/build.gradle
|
||||
- name: Commit SDK changes for Renovate
|
||||
if: failure() && steps.worktreeClean.outcome == 'failure' &&
|
||||
contains(github.actor, 'renovate') && github.event_name ==
|
||||
'pull_request'
|
||||
shell: bash
|
||||
run: >
|
||||
git diff --quiet -- sdk && echo "no changes to sdk" && exit
|
||||
|
||||
git config --global user.email "bot@pulumi.com"
|
||||
|
||||
git config --global user.name "pulumi-bot"
|
||||
|
||||
# Stash local changes and check out the PR's branch directly.
|
||||
|
||||
git stash
|
||||
|
||||
git fetch
|
||||
|
||||
git checkout "origin/$HEAD_REF"
|
||||
|
||||
|
||||
# Apply and add our changes, but don't commit any files we expect to
|
||||
|
||||
# always change due to versioning.
|
||||
|
||||
git stash pop
|
||||
|
||||
git add sdk
|
||||
|
||||
git reset sdk/python/*/pulumi-plugin.json \
|
||||
sdk/python/pyproject.toml \
|
||||
sdk/dotnet/pulumi-plugin.json \
|
||||
sdk/dotnet/*.*.csproj \
|
||||
sdk/dotnet/version.txt \
|
||||
sdk/go/*/pulumi-plugin.json \
|
||||
sdk/go/*/internal/pulumiUtilities.go \
|
||||
sdk/nodejs/package.json
|
||||
|
||||
git commit -m 'Commit SDK for Renovate'
|
||||
|
||||
|
||||
# Push with pulumi-bot credentials to trigger a re-run of the
|
||||
|
||||
# workflow. https://github.com/orgs/community/discussions/25702
|
||||
|
||||
git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
|
||||
env:
|
||||
HEAD_REF: ${{ github.head_ref }}
|
||||
- run: git status --porcelain
|
||||
- name: Tar SDK folder
|
||||
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
|
||||
@@ -336,7 +240,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -358,7 +262,7 @@ jobs:
|
||||
- name: Setup Tools
|
||||
uses: ./.github/actions/setup-tools
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
|
||||
- name: Download Provider Binary
|
||||
uses: ./.github/actions/download-provider
|
||||
- name: Download SDK
|
||||
@@ -433,7 +337,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -455,7 +359,7 @@ jobs:
|
||||
- name: Setup Tools
|
||||
uses: ./.github/actions/setup-tools
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
|
||||
- name: Clear GitHub Actions Ubuntu runner disk space
|
||||
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
|
||||
with:
|
||||
@@ -466,7 +370,7 @@ jobs:
|
||||
swap-storage: true
|
||||
large-packages: false
|
||||
- name: Configure AWS Credentials
|
||||
uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 # v5.1.0
|
||||
uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
|
||||
with:
|
||||
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
|
||||
aws-region: us-east-2
|
||||
@@ -506,7 +410,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -526,7 +430,7 @@ jobs:
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
- name: Checkout Scripts Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
path: ci-scripts
|
||||
repository: pulumi/scripts
|
||||
@@ -534,7 +438,7 @@ jobs:
|
||||
- name: Setup Tools
|
||||
uses: ./.github/actions/setup-tools
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
|
||||
- name: Download python SDK
|
||||
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
|
||||
with:
|
||||
@@ -588,7 +492,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
@@ -610,7 +514,7 @@ jobs:
|
||||
- name: Setup Tools
|
||||
uses: ./.github/actions/setup-tools
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
|
||||
- name: Download java SDK
|
||||
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
|
||||
with:
|
||||
@@ -638,7 +542,7 @@ jobs:
|
||||
needs: publish_sdk
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- id: version
|
||||
@@ -674,7 +578,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
|
||||
2
.github/workflows/release_command.yml
vendored
2
.github/workflows/release_command.yml
vendored
@@ -11,7 +11,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
persist-credentials: false
|
||||
- env:
|
||||
|
||||
28
.github/workflows/run-acceptance-tests.yml
vendored
28
.github/workflows/run-acceptance-tests.yml
vendored
@@ -32,6 +32,7 @@ env:
|
||||
GOOGLE_REGION: us-central1
|
||||
GOOGLE_ZONE: us-central1-a
|
||||
PULUMI_API: https://api.pulumi-staging.io
|
||||
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
|
||||
PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }}
|
||||
jobs:
|
||||
comment-notification:
|
||||
@@ -40,7 +41,7 @@ jobs:
|
||||
name: comment-notification
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
persist-credentials: false
|
||||
@@ -65,7 +66,7 @@ jobs:
|
||||
pull-requests: write # For schema check comment.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
persist-credentials: false
|
||||
@@ -90,7 +91,7 @@ jobs:
|
||||
uses: ./.github/actions/setup-tools
|
||||
with:
|
||||
cache: 'true'
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
|
||||
- if: github.event_name == 'pull_request'
|
||||
name: Install Schema Tools
|
||||
uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
|
||||
@@ -142,8 +143,12 @@ jobs:
|
||||
sdk/nodejs/package.json
|
||||
sdk/python/pyproject.toml
|
||||
sdk/java/build.gradle
|
||||
# This worktree check is a safeguard against someone forgetting to
|
||||
# re-build and commit locally, but we handle that commit automatically in
|
||||
# the case of dependency bumps.
|
||||
continue-on-error: ${{ contains(github.actor, 'renovate') }}
|
||||
- name: Commit SDK changes for Renovate
|
||||
if: failure() && steps.worktreeClean.outcome == 'failure' &&
|
||||
if: steps.worktreeClean.outcome == 'failure' &&
|
||||
contains(github.actor, 'renovate') && github.event_name ==
|
||||
'pull_request'
|
||||
shell: bash
|
||||
@@ -240,7 +245,7 @@ jobs:
|
||||
id-token: write # For ESC secrets.
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
persist-credentials: false
|
||||
@@ -264,7 +269,7 @@ jobs:
|
||||
- name: Setup Tools
|
||||
uses: ./.github/actions/setup-tools
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
|
||||
- name: Download provider
|
||||
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
|
||||
with:
|
||||
@@ -292,8 +297,9 @@ jobs:
|
||||
sdk/nodejs/package.json
|
||||
sdk/python/pyproject.toml
|
||||
sdk/java/build.gradle
|
||||
continue-on-error: ${{ contains(github.actor, 'renovate') }}
|
||||
- name: Commit SDK changes for Renovate
|
||||
if: failure() && steps.worktreeClean.outcome == 'failure' &&
|
||||
if: steps.worktreeClean.outcome == 'failure' &&
|
||||
contains(github.actor, 'renovate') && github.event_name ==
|
||||
'pull_request'
|
||||
shell: bash
|
||||
@@ -379,7 +385,7 @@ jobs:
|
||||
id-token: write
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
persist-credentials: false
|
||||
@@ -403,7 +409,7 @@ jobs:
|
||||
- name: Setup Tools
|
||||
uses: ./.github/actions/setup-tools
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
github_token: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
|
||||
- name: Download provider
|
||||
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
|
||||
with:
|
||||
@@ -490,7 +496,7 @@ jobs:
|
||||
name: sentinel
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
persist-credentials: false
|
||||
@@ -525,7 +531,7 @@ jobs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
persist-credentials: false
|
||||
|
||||
3
.github/workflows/weekly-pulumi-update.yml
vendored
3
.github/workflows/weekly-pulumi-update.yml
vendored
@@ -29,6 +29,7 @@ env:
|
||||
GOOGLE_REGION: us-central1
|
||||
GOOGLE_ZONE: us-central1-a
|
||||
PULUMI_API: https://api.pulumi-staging.io
|
||||
PULUMI_PULUMI_ENABLE_JOURNALING: "true"
|
||||
|
||||
jobs:
|
||||
weekly-pulumi-update:
|
||||
@@ -36,7 +37,7 @@ jobs:
|
||||
permissions: write-all
|
||||
steps:
|
||||
- name: Checkout Repo
|
||||
uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
|
||||
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
||||
with:
|
||||
lfs: true
|
||||
- env:
|
||||
|
||||
@@ -1,5 +1,4 @@
|
||||
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
|
||||
|
||||
project_name: pulumi-docker-build
|
||||
builds:
|
||||
- id: build-provider
|
||||
|
||||
Reference in New Issue
Block a user