# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt name: weekly-pulumi-update on: schedule: - cron: 35 12 * * 4 workflow_dispatch: {} env: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} PROVIDER: docker-build TRAVIS_OS_NAME: linux GOVERSION: "1.21.x" NODEVERSION: "20.x" PYTHONVERSION: "3.11.8" DOTNETVERSION: "8.0.x" JAVAVERSION: "11" GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget PULUMI_PULUMI_ENABLE_JOURNALING: "true" TF_APPEND_USER_AGENT: pulumi jobs: weekly-pulumi-update: runs-on: ubuntu-latest permissions: write-all steps: - name: Checkout Repo uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: lfs: true - env: ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }} ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false" ESC_ACTION_OIDC_AUTH: "true" ESC_ACTION_OIDC_ORGANIZATION: pulumi ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization id: esc-secrets name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 id: app-auth with: app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }} private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }} owner: ${{ github.repository_owner }} - name: Setup Tools uses: ./.github/actions/setup-tools with: github_token: ${{ steps.app-auth.outputs.token }} - name: Update Pulumi/Pulumi id: gomod run: >- git config --local user.email 'bot@pulumi.com' git config --local user.name 'pulumi-bot' git checkout -b update-pulumi/${{ github.run_id }}-${{ github.run_number }} gh repo view pulumi/pulumi --json latestRelease --jq .latestRelease.tagName | sed 's/^v//' > .pulumi.version VERSION=$(cat .pulumi.version) find . -name go.mod -execdir sh -c 'go get github.com/pulumi/pulumi/pkg/v3@v${VERSION} github.com/pulumi/pulumi/sdk/v3@v${VERSION}; go mod tidy' \; git update-index -q --refresh if ! git diff-files --quiet; then echo changes=1 >> "$GITHUB_OUTPUT"; fi - name: Provider with Pulumi Upgrade if: steps.gomod.outputs.changes != 0 run: >- make codegen && make local_generate git add sdk/nodejs git commit -m "Regenerating Node.js SDK based on updated modules" || echo "ignore commit failure, may be empty" git add sdk/python git commit -m "Regenerating Python SDK based on updated modules" || echo "ignore commit failure, may be empty" git add sdk/dotnet git commit -m "Regenerating .NET SDK based on updated modules" || echo "ignore commit failure, may be empty" git add sdk/go* git commit -m "Regenerating Go SDK based on updated modules" || echo "ignore commit failure, may be empty" git add sdk/java* git commit -m "Regenerating Java SDK based on updated modules" || echo "ignore commit failure, may be empty" git add . git commit -m "Updated modules" || echo "ignore commit failure, may be empty" git push origin update-pulumi/${{ github.run_id }}-${{ github.run_number }} - name: Create PR id: create-pr if: steps.gomod.outputs.changes != 0 run: > ver=$(cat .pulumi.version) msg="Automated upgrade: bump pulumi/pulumi to ${ver}" gh pr create -t "$msg" -b "$msg" env: GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }} name: weekly-pulumi-update