From 2995ed3d280ae4457e7ca1f606ee943e68dfc08b Mon Sep 17 00:00:00 2001 From: Pulumi Bot <30351955+pulumi-bot@users.noreply.github.com> Date: Fri, 21 Jun 2024 22:41:44 -0700 Subject: [PATCH] Update GitHub Actions workflows. (#527) This PR was automatically generated by the update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt repo, from commit 13b894e0e3ea580291d037ee7dbd563fb57b67df. --- .github/workflows/prerelease.yml | 14 ++++++ .github/workflows/release.yml | 19 ++++++-- .github/workflows/verify-release.yml | 70 ++++++++++++++++++++++++++++ scripts/upstream.sh | 2 +- 4 files changed, 101 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/verify-release.yml diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index f4cf0658..f98492a4 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -282,6 +282,20 @@ jobs: - dotnet - go - java + verify-release: + name: verify-release + needs: + - prerequisites + - publish + - publish_sdk + - publish_go_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ needs.prerequisites.outputs.version }} + # Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. + enableMacosRunner: false + name: prerelease on: push: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 840c85ff..afa1fd19 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -42,7 +42,7 @@ jobs: create_docs_build: name: create_docs_build - needs: tag_sdk + needs: publish_go_sdk runs-on: ubuntu-latest steps: - name: Dispatch Metadata build @@ -150,8 +150,8 @@ jobs: if: failure() name: Send Publish Failure To Slack uses: rtCamp/action-slack-notify@v2 - tag_sdk: - name: tag_sdk + publish_go_sdk: + name: publish_go_sdk needs: - prerequisites - publish_sdk @@ -315,6 +315,19 @@ jobs: - dotnet - go - java + verify-release: + name: verify-release + needs: + - prerequisites + - publish + - publish_sdk + - publish_go_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ needs.prerequisites.outputs.version }} + enableMacosRunner: true + name: release on: push: diff --git a/.github/workflows/verify-release.yml b/.github/workflows/verify-release.yml new file mode 100644 index 00000000..ba6d6256 --- /dev/null +++ b/.github/workflows/verify-release.yml @@ -0,0 +1,70 @@ +name: "Verify Release" + +on: + workflow_dispatch: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacRunner: + description: "Enable the MacOS runner in addition to Linux and Windows. Defaults to 'false'." + required: false + type: boolean + workflow_call: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacosRunner: + description: "Enable the macos-latest runner in addition to ubuntu-latest and windows-latest. Defaults to 'false'." + required: false + type: boolean + default: false + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + KEYCLOAK_CLIENT_ID: terraform + KEYCLOAK_CLIENT_SECRET: 884e0f95-0f42-4a63-9b1f-94274655669e + KEYCLOAK_PASSWORD: password + KEYCLOAK_URL: http://localhost:8080 + KEYCLOAK_USER: keycloak + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + verify-release: + name: verify-release + # We don't have any release verification configurations, so we never run this workflow. + # Configure your .ci-mgmt.yaml files to include the release verification configurations e.g. + # releaseVerification: + # nodejs: path/to/nodejs/project + # python: path/to/python/project + # dotnet: path/to/dotnet/project + # go: path/to/go/project + if: false + strategy: + matrix: + # We don't have any release verification configurations, so we only run on Linux to print warnings to help users configure the release verification. + runner: ["ubuntu-latest"] + runs-on: ${{ matrix.runner }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + - name: Setup tools + uses: ./.github/actions/setup-tools diff --git a/scripts/upstream.sh b/scripts/upstream.sh index d35932e0..fdbdecbe 100755 --- a/scripts/upstream.sh +++ b/scripts/upstream.sh @@ -91,7 +91,7 @@ start_rebase() { for patch in ../patches/*.patch; do echo "Applying $patch" - if ! git am --3way "$patch"; then + if ! git am --3way "$patch" --allow-empty; then echo echo "Failed to apply ${patch}. Please run 'make upstream.rebase FROM=$TAG' where '$TAG' allows the patch set to apply cleanly" echo