-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update GitHub Actions workflows. (#537)
This PR was automatically generated by the update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt repo, from commit 57219950805273c97b591da6e009acfbf6a74430.
- Loading branch information
1 parent
2fcfcbf
commit afd7aa6
Showing
5 changed files
with
202 additions
and
278 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -92,63 +92,16 @@ jobs: | |
- prerequisites | ||
- test | ||
- license_check | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Free Disk Space (Ubuntu) | ||
uses: jlumbroso/[email protected] | ||
with: | ||
# this might remove tools that are actually needed, | ||
# if set to "true" but frees about 6 GB | ||
tool-cache: false | ||
swap-storage: false | ||
- name: Checkout Repo | ||
uses: actions/checkout@v4 | ||
- name: Setup tools | ||
uses: ./.github/actions/setup-tools | ||
with: | ||
tools: pulumictl, pulumicli, go | ||
- name: Configure AWS Credentials | ||
uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
aws-region: us-east-2 | ||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
role-duration-seconds: 7200 | ||
role-external-id: upload-pulumi-release | ||
role-session-name: keycloak@githubActions | ||
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} | ||
- name: Run GoReleaser | ||
uses: goreleaser/goreleaser-action@v5 | ||
env: | ||
GORELEASER_CURRENT_TAG: v${{ needs.prerequisites.outputs.version }} | ||
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | ||
with: | ||
args: -p 3 -f .goreleaser.prerelease.yml --rm-dist --skip-validate --timeout | ||
60m0s | ||
version: latest | ||
|
||
publish_sdk: | ||
name: publish_sdk | ||
needs: | ||
- prerequisites | ||
- publish | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout Repo | ||
uses: actions/checkout@v4 | ||
- name: Setup tools | ||
uses: ./.github/actions/setup-tools | ||
with: | ||
tools: pulumicli, pulumictl, go, node, dotnet, python, java | ||
- name: Publish SDKs | ||
uses: pulumi/[email protected] | ||
with: | ||
sdk: all | ||
version: ${{ needs.prerequisites.outputs.version }} | ||
uses: ./.github/workflows/publish.yml | ||
secrets: inherit | ||
with: | ||
version: ${{ needs.prerequisites.outputs.version }} | ||
isPrerelease: true | ||
skipGoSdk: true | ||
|
||
tag_release_if_labeled_needs_release: | ||
name: Tag release if labeled as needs-release | ||
needs: publish_sdk | ||
needs: publish | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: check if this commit needs release | ||
|
@@ -222,6 +175,7 @@ jobs: | |
- java | ||
name: master | ||
on: | ||
workflow_dispatch: {} | ||
push: | ||
branches: | ||
- master | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -55,89 +55,12 @@ jobs: | |
- prerequisites | ||
- test | ||
- license_check | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Free Disk Space (Ubuntu) | ||
uses: jlumbroso/[email protected] | ||
with: | ||
# this might remove tools that are actually needed, | ||
# if set to "true" but frees about 6 GB | ||
tool-cache: false | ||
swap-storage: false | ||
- name: Checkout Repo | ||
uses: actions/checkout@v4 | ||
- name: Setup tools | ||
uses: ./.github/actions/setup-tools | ||
with: | ||
tools: pulumictl, pulumicli, go | ||
- name: Configure AWS Credentials | ||
uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
aws-region: us-east-2 | ||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
role-duration-seconds: 7200 | ||
role-external-id: upload-pulumi-release | ||
role-session-name: keycloak@githubActions | ||
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} | ||
- name: Run GoReleaser | ||
uses: goreleaser/goreleaser-action@v5 | ||
env: | ||
GORELEASER_CURRENT_TAG: v${{ needs.prerequisites.outputs.version }} | ||
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | ||
with: | ||
args: -p 3 -f .goreleaser.prerelease.yml --rm-dist --skip-validate --timeout | ||
60m0s | ||
version: latest | ||
publish_sdk: | ||
name: publish_sdk | ||
needs: | ||
- prerequisites | ||
- publish | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout Repo | ||
uses: actions/checkout@v4 | ||
- name: Setup tools | ||
uses: ./.github/actions/setup-tools | ||
with: | ||
tools: pulumicli, pulumictl, go, node, dotnet, python, java | ||
- name: Publish SDKs | ||
uses: pulumi/[email protected] | ||
with: | ||
sdk: all | ||
version: ${{ needs.prerequisites.outputs.version }} | ||
publish_go_sdk: | ||
name: publish_go_sdk | ||
needs: | ||
- prerequisites | ||
- publish_sdk | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout Repo | ||
uses: actions/checkout@v4 | ||
- name: Download Go SDK | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: go-sdk.tar.gz | ||
path: ${{ github.workspace }}/sdk/ | ||
- name: Uncompress Go SDK | ||
run: tar -zxf ${{ github.workspace }}/sdk/go.tar.gz -C | ||
${{ github.workspace }}/sdk/go | ||
shell: bash | ||
- uses: pulumi/publish-go-sdk-action@v1 | ||
with: | ||
repository: ${{ github.repository }} | ||
base-ref: ${{ github.sha }} | ||
source: sdk | ||
path: sdk | ||
version: ${{ needs.prerequisites.outputs.version }} | ||
additive: false | ||
# Avoid including other language SDKs & artifacts in the commit | ||
files: | | ||
go.* | ||
go/** | ||
!*.tar.gz | ||
uses: ./.github/workflows/publish.yml | ||
secrets: inherit | ||
with: | ||
version: ${{ needs.prerequisites.outputs.version }} | ||
isPrerelease: true | ||
|
||
test: | ||
name: test | ||
needs: | ||
|
@@ -195,19 +118,6 @@ jobs: | |
- dotnet | ||
- go | ||
- java | ||
verify-release: | ||
name: verify-release | ||
needs: | ||
- prerequisites | ||
- publish | ||
- publish_sdk | ||
- publish_go_sdk | ||
uses: ./.github/workflows/verify-release.yml | ||
secrets: inherit | ||
with: | ||
providerVersion: ${{ needs.prerequisites.outputs.version }} | ||
# Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. | ||
enableMacosRunner: false | ||
|
||
name: prerelease | ||
on: | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,178 @@ | ||
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt | ||
name: Publish | ||
|
||
on: | ||
workflow_call: | ||
inputs: | ||
version: | ||
required: true | ||
type: string | ||
isPrerelease: | ||
required: true | ||
type: boolean | ||
skipGoSdk: | ||
default: false | ||
type: boolean | ||
description: Skip publishing & verifying the Go SDK | ||
|
||
env: | ||
IS_PRERELEASE: ${{ inputs.isPrerelease }} | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
KEYCLOAK_CLIENT_ID: terraform | ||
KEYCLOAK_CLIENT_SECRET: 884e0f95-0f42-4a63-9b1f-94274655669e | ||
KEYCLOAK_PASSWORD: password | ||
KEYCLOAK_URL: http://localhost:8080 | ||
KEYCLOAK_USER: keycloak | ||
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | ||
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | ||
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} | ||
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | ||
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} | ||
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | ||
PULUMI_API: https://api.pulumi-staging.io | ||
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. | ||
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget | ||
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} | ||
PYPI_USERNAME: __token__ | ||
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} | ||
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} | ||
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} | ||
TF_APPEND_USER_AGENT: pulumi | ||
|
||
jobs: | ||
publish: | ||
name: publish | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Validate prerelease | ||
if: inputs.isPrerelease == false && (contains(inputs.version, '-') || contains(inputs.version, '+')) | ||
run: echo "Can't publish a prerelease version as a stable release. This is likely a bug in the calling workflow." && exit 1 | ||
- name: Validate skipGoSdk | ||
if: inputs.skipGoSdk && inputs.isPrerelease == false | ||
run: echo "Can't skip Go SDK for stable releases. This is likely a bug in the calling workflow." && exit 1 | ||
- name: Free Disk Space (Ubuntu) | ||
uses: jlumbroso/[email protected] | ||
with: | ||
# this might remove tools that are actually needed, | ||
# if set to "true" but frees about 6 GB | ||
tool-cache: false | ||
swap-storage: false | ||
- name: Checkout Repo | ||
uses: actions/checkout@v4 | ||
- name: Setup tools | ||
uses: ./.github/actions/setup-tools | ||
with: | ||
tools: pulumictl, pulumicli, go | ||
- name: Configure AWS Credentials | ||
uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
aws-region: us-east-2 | ||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
role-duration-seconds: 7200 | ||
role-external-id: upload-pulumi-release | ||
role-session-name: keycloak@githubActions | ||
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} | ||
- name: Run GoReleaser | ||
if: inputs.isPrerelease == false | ||
uses: goreleaser/goreleaser-action@v5 | ||
env: | ||
GORELEASER_CURRENT_TAG: v${{ inputs.version }} | ||
PROVIDER_VERSION: ${{ inputs.version }} | ||
with: | ||
args: -p 3 release --rm-dist --timeout 60m0s | ||
version: latest | ||
- name: Run GoReleaser (prerelease) | ||
if: inputs.isPrerelease == true | ||
uses: goreleaser/goreleaser-action@v5 | ||
env: | ||
GORELEASER_CURRENT_TAG: v${{ inputs.version }} | ||
PROVIDER_VERSION: ${{ inputs.version }} | ||
with: | ||
args: -p 3 -f .goreleaser.prerelease.yml --rm-dist --skip-validate --timeout | ||
60m0s | ||
version: latest | ||
|
||
publish_sdk: | ||
name: publish_sdk | ||
needs: publish | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout Repo | ||
uses: actions/checkout@v4 | ||
- name: Setup tools | ||
uses: ./.github/actions/setup-tools | ||
with: | ||
tools: pulumictl, pulumicli, go, node, dotnet, python, java | ||
- name: Publish SDKs | ||
uses: pulumi/[email protected] | ||
with: | ||
sdk: all | ||
version: ${{ inputs.version }} | ||
- name: Download Go SDK | ||
uses: ./.github/actions/download-sdk | ||
with: | ||
language: go | ||
- uses: pulumi/publish-go-sdk-action@v1 | ||
if: inputs.skipGoSdk == false | ||
with: | ||
repository: ${{ github.repository }} | ||
base-ref: ${{ github.sha }} | ||
source: sdk | ||
path: sdk | ||
version: ${{ inputs.version }} | ||
additive: false | ||
# Avoid including other language SDKs & artifacts in the commit | ||
files: | | ||
go.* | ||
go/** | ||
!*.tar.gz | ||
create_docs_build: | ||
name: create_docs_build | ||
needs: publish_sdk | ||
# Only run for non-prerelease, if the publish_go_sdk job was successful or skipped | ||
if: inputs.isPrerelease == false | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Dispatch Metadata build | ||
uses: peter-evans/repository-dispatch@v3 | ||
with: | ||
token: ${{ secrets.PULUMI_BOT_TOKEN }} | ||
repository: pulumi/registry | ||
event-type: resource-provider | ||
client-payload: |- | ||
{ | ||
"project": "${{ github.repository }}", | ||
"project-shortname": "keycloak", | ||
"ref": "${{ github.ref_name }}" | ||
} | ||
clean_up_release_labels: | ||
name: Clean up release labels | ||
# Only run for non-prerelease, if the publish_go_sdk job was successful or skipped | ||
if: inputs.isPrerelease == false | ||
needs: create_docs_build | ||
|
||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout Repo | ||
uses: actions/checkout@v4 | ||
- name: Clean up release labels | ||
uses: pulumi/action-release-by-pr-label@main | ||
with: | ||
command: "clean-up-release-labels" | ||
repo: ${{ github.repository }} | ||
commit: ${{ github.sha }} | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
verify_release: | ||
name: verify_release | ||
needs: publish_sdk | ||
uses: ./.github/workflows/verify-release.yml | ||
secrets: inherit | ||
with: | ||
providerVersion: ${{ inputs.version }} | ||
# Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. | ||
enableMacosRunner: ${{ inputs.isPrerelease == false }} | ||
skipGoSdk: ${{ inputs.skipGoSdk }} |
Oops, something went wrong.