sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity
Files
0b52de65438fd3e1f3c6a38b67850aeea152bc60
pulumi-docker-build/.github/workflows/build.yml
pulumi-provider-automation[bot] 0b52de6543 Update GitHub Actions workflows. (#816) 
This PR was triggered by @t0yv0 generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit
[b05dbe61dbea8fb6ea0c4cde662bde1101961819](b05dbe61db).

Co-authored-by: Pulumi Bot <bot@pulumi.com>
2026-04-16 06:16:23 +00:00

563 lines
23 KiB
YAML
Raw Blame History

# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
name: main # For consistency with bridged providers.
on:
push:
branches:
- master
- main
- feature-**
paths-ignore:
- CHANGELOG.md
tags-ignore:
- v*
- sdk/*
- "**"
workflow_dispatch: {}
env:
PROVIDER: docker-build
TRAVIS_OS_NAME: linux
GOVERSION: "1.21.x"
NODEVERSION: "20.x"
PYTHONVERSION: "3.11.8"
DOTNETVERSION: "8.0.x"
JAVAVERSION: "11"
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT: pulumi-ci-gcp-provider
GOOGLE_PROJECT_NUMBER: "895284651812"
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
TF_APPEND_USER_AGENT: pulumi
jobs:
prerequisites:
runs-on: ubuntu-latest
name: prerequisites
permissions:
id-token: write # For ESC secrets.
pull-requests: write # For schema check comment.
steps:
- name: Checkout Repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
cache: 'true'
github_token: ${{ secrets.GITHUB_TOKEN }}
- if: github.event_name == 'pull_request'
name: Install Schema Tools
uses: jaxxstorm/action-install-gh-release@25e24d2d23ae098373794ef1d6faecb48ee52da8 # v3.0.0
with:
repo: pulumi/schema-tools
- name: Build codegen binaries
run: make codegen
- name: Build Schema
run: make generate_schema
- if: github.event_name == 'pull_request'
name: Check Schema is Valid
run: >-
{
echo 'SCHEMA_CHANGES<<EOF';
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json;
echo 'EOF';
} >> "$GITHUB_ENV"
env:
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
with:
message: |
${{ env.SCHEMA_CHANGES }}
comment-tag: schemaCheck
github-token: ${{ secrets.GITHUB_TOKEN }}
- if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') &&
github.actor == 'pulumi-bot'
name: Add label if no breaking changes
uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3
with:
labels: impact/no-changelog-required
number: ${{ github.event.issue.number }}
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Build Provider
run: make provider
- name: Check worktree clean
id: worktreeClean
uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- run: git status --porcelain
- name: Tar provider binaries
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
pulumi-gen-${{ env.PROVIDER}}
- name: Upload artifacts
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
- name: Test Provider Library
run: make test_provider
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
env:
CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
with:
author_name: Failure in building provider prerequisites
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
build_sdks:
needs: prerequisites
runs-on: pulumi-ubuntu-8core
strategy:
fail-fast: ${{ ! contains(github.actor, 'renovate') }}
matrix:
language:
- nodejs
- python
- dotnet
- go
- java
name: build_sdks
permissions:
pull-requests: write # For Renovate SDK updates.
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Generate SDK
run: make generate_${{ matrix.language }}
- name: Build SDK
run: make build_${{ matrix.language }}
- name: Check worktree clean
id: worktreeClean
uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1
with:
allowed-changes: |-
sdk/**/pulumi-plugin.json
sdk/dotnet/*.*.csproj
sdk/dotnet/version.txt
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
sdk/java/build.gradle
- run: git status --porcelain
- name: Tar SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
- name: Upload artifacts
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
retention-days: 30
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
with:
author_name: Failure while building SDKs
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
tag_release_if_labeled_needs_release:
name: Tag release if labeled as needs-release
needs: publish
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- name: check if this commit needs release
if: ${{ env.RELEASE_BOT_ENDPOINT != '' }}
uses: pulumi/action-release-by-pr-label@main
with:
command: "release-if-needed"
repo: ${{ github.repository }}
commit: ${{ github.sha }}
slack_channel: C02MGR8JVST
env:
RELEASE_BOT_ENDPOINT: ${{ steps.esc-secrets.outputs.RELEASE_BOT_ENDPOINT }}
RELEASE_BOT_KEY: ${{ steps.esc-secrets.outputs.RELEASE_BOT_KEY }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
test:
runs-on: pulumi-ubuntu-8core
needs:
- build_sdks
strategy:
fail-fast: true
matrix:
language:
- nodejs
- python
- dotnet
- go
- java
- yaml
name: test
permissions:
contents: read
id-token: write # For ESC secrets and Pulumi access token OIDC.
steps:
- name: Checkout Repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download Provider Binary
uses: ./.github/actions/download-provider
- name: Download SDK
if: ${{ matrix.language != 'yaml' }}
uses: ./.github/actions/download-sdk
with:
language: ${{ matrix.language }}
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
- name: Install Node dependencies
run: yarn global add typescript
- run: dotnet nuget add source ${{ github.workspace }}/nuget
- name: Install Python deps
run: |-
pip3 install virtualenv==20.0.23
pip3 install pipenv
- name: Install dependencies
if: ${{ matrix.language != 'yaml' }}
run: make install_${{ matrix.language}}_sdk
- name: Generate Pulumi Access Token
id: generate_pulumi_token
uses: pulumi/auth-actions@1c89817aab0c66407723cdef72b05266e7376640 # v1.0.1
with:
organization: pulumi
requested-token-type: urn:pulumi:token-type:access_token:organization
export-environment-variables: false
- name: Export AWS Credentials
uses: pulumi/esc-action@9840934db12128a33f6afb60b17d9de8f7ec5519
env:
PULUMI_ACCESS_TOKEN: ${{ steps.generate_pulumi_token.outputs.pulumi-access-token }}
with:
environment: logins/pulumi-ci
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
with:
install_components: gke-gcloud-auth-plugin
- name: Install gotestfmt
uses: GoTestTools/gotestfmt-action@v2
with:
version: v2.5.0
token: ${{ secrets.GITHUB_TOKEN }}
- name: Run tests
run: >-
set -euo pipefail
cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
with:
author_name: Failure in SDK tests
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish:
runs-on: ubuntu-latest
needs: test
name: publish
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ steps.app-auth.outputs.token }}
- name: Clear GitHub Actions Ubuntu runner disk space
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
with:
tool-cache: false
dotnet: false
android: true
haskell: true
swap-storage: true
large-packages: false
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0
with:
aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
aws-secret-access-key: ${{ steps.esc-secrets.outputs.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-external-id: upload-pulumi-release
role-to-assume: ${{ steps.esc-secrets.outputs.AWS_UPLOAD_ROLE_ARN }}
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
env:
GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
AZURE_SIGNING_CLIENT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID }}
AZURE_SIGNING_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET }}
AZURE_SIGNING_TENANT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID }}
AZURE_SIGNING_ACCOUNT_ENDPOINT: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_ACCOUNT_ENDPOINT }}
AZURE_SIGNING_ACCOUNT_NAME: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_ACCOUNT_NAME }}
AZURE_SIGNING_CERT_PROFILE_NAME: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CERT_PROFILE_NAME }}
SKIP_SIGNING: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET == '' && steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_ACCOUNT_ENDPOINT == '' && steps.esc-secrets.outputs.AZURE_SIGNING_ACCOUNT_NAME == '' && steps.esc-secrets.outputs.AZURE_SIGNING_CERT_PROFILE_NAME == '' }}
GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
with:
args: -p 3 -f .goreleaser.prerelease.yml --clean --skip=validate --timeout 60m0s
version: latest
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
with:
author_name: Failure in publishing binaries
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
publish_sdk:
runs-on: ubuntu-latest
needs: publish
name: publish_sdk
permissions:
contents: read
id-token: write # For ESC secrets.
steps:
- name: Checkout Repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
lfs: true
- env:
ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
ESC_ACTION_OIDC_AUTH: "true"
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
id: esc-secrets
name: Fetch secrets from ESC
uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
- uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
id: app-auth
with:
app-id: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_APP_ID }}
private-key: ${{ steps.esc-secrets.outputs.PULUMI_PROVIDER_AUTOMATION_PRIVATE_KEY }}
owner: ${{ github.repository_owner }}
- id: version
name: Set Provider Version
uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
with:
set-env: PROVIDER_VERSION
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Checkout Scripts Repo
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
path: ci-scripts
repository: pulumi/scripts
- run: echo "ci-scripts" >> .git/info/exclude
- name: Setup Tools
uses: ./.github/actions/setup-tools
with:
github_token: ${{ steps.app-auth.outputs.token }}
- name: Download python SDK
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: python-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress python SDK
run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
${{github.workspace}}/sdk/python
- name: Download dotnet SDK
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: dotnet-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress dotnet SDK
run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
${{github.workspace}}/sdk/dotnet
- name: Download nodejs SDK
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress nodejs SDK
run: tar -zxf ${{github.workspace}}/sdk/nodejs.tar.gz -C
${{github.workspace}}/sdk/nodejs
- name: Install Twine
run: python -m pip install twine==5.0.0
- name: Publish SDKs
run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
env:
NUGET_PUBLISH_KEY: ${{ steps.esc-secrets.outputs.NUGET_PUBLISH_KEY }}
NODE_AUTH_TOKEN: ${{ steps.esc-secrets.outputs.NPM_TOKEN }}
PYPI_PUBLISH_ARTIFACTS: all
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ steps.esc-secrets.outputs.PYPI_API_TOKEN }}
SIGNING_KEY_ID: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ steps.esc-secrets.outputs.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ steps.esc-secrets.outputs.OSSRH_PASSWORD }}
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
with:
author_name: Failure in publishing SDK
fields: repo,commit,author,action
status: ${{ job.status }}
env:
SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
lint:
name: lint
uses: ./.github/workflows/lint.yml
secrets: inherit
View Git Blame Copy Permalink