diff --git a/.github/workflows/build_sdk.yml b/.github/workflows/build_sdk.yml index 96889cd6..6ddbb307 100644 --- a/.github/workflows/build_sdk.yml +++ b/.github/workflows/build_sdk.yml @@ -88,10 +88,3 @@ jobs: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz retention-days: 30 - - if: failure() && github.event_name == 'push' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in building ${{ matrix.language }} sdk - fields: repo,commit,author,action - status: ${{ job.status }} diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index e24f121f..023db8ca 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -52,10 +52,3 @@ jobs: with: version: v1.58.0 working-directory: provider - - if: failure() && github.event_name == 'push' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in linting provider - fields: repo,commit,author,action - status: ${{ job.status }} diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index f3c3baa6..1489f0fc 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -150,13 +150,7 @@ jobs: args: -p 3 -f .goreleaser.prerelease.yml --rm-dist --skip-validate --timeout 60m0s version: latest - - if: failure() && github.event_name == 'push' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in publishing binaries - fields: repo,commit,author,action - status: ${{ job.status }} + publish_sdk: name: publish_sdk needs: @@ -298,13 +292,6 @@ jobs: - name: Run tests run: cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt - - if: failure() && github.event_name == 'push' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in running ${{ matrix.language }} tests - fields: repo,commit,author,action - status: ${{ job.status }} strategy: fail-fast: false matrix: diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index 80d03742..04a43641 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -97,13 +97,6 @@ jobs: args: -p 3 -f .goreleaser.prerelease.yml --rm-dist --skip-validate --timeout 60m0s version: latest - - if: failure() && github.event_name == 'push' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in publishing binaries - fields: repo,commit,author,action - status: ${{ job.status }} publish_sdk: name: publish_sdk needs: @@ -263,13 +256,6 @@ jobs: - name: Run tests run: cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt - - if: failure() && github.event_name == 'push' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in running ${{ matrix.language }} tests - fields: repo,commit,author,action - status: ${{ job.status }} strategy: fail-fast: false matrix: @@ -279,6 +265,20 @@ jobs: - dotnet - go - java + verify-release: + name: verify-release + needs: + - prerequisites + - publish + - publish_sdk + - publish_go_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ needs.prerequisites.outputs.version }} + # Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. + enableMacosRunner: false + name: prerelease on: push: diff --git a/.github/workflows/prerequisites.yml b/.github/workflows/prerequisites.yml index 46effba4..daa3aab0 100644 --- a/.github/workflows/prerequisites.yml +++ b/.github/workflows/prerequisites.yml @@ -103,10 +103,3 @@ jobs: name: vault-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz retention-days: 30 - - if: failure() && inputs.is_pr - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in building provider prerequisites - fields: repo,commit,author,action - status: ${{ job.status }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8350e3e9..f9d54147 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -38,7 +38,7 @@ jobs: create_docs_build: name: create_docs_build - needs: tag_sdk + needs: publish_go_sdk runs-on: ubuntu-latest steps: - name: Dispatch Metadata build @@ -112,13 +112,6 @@ jobs: with: args: -p 3 release --rm-dist --timeout 60m0s version: latest - - if: failure() && github.event_name == 'push' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in publishing binaries - fields: repo,commit,author,action - status: ${{ job.status }} publish_sdk: name: publish_sdk needs: @@ -146,8 +139,8 @@ jobs: if: failure() name: Send Publish Failure To Slack uses: rtCamp/action-slack-notify@v2 - tag_sdk: - name: tag_sdk + publish_go_sdk: + name: publish_go_sdk needs: - prerequisites - publish_sdk @@ -296,13 +289,6 @@ jobs: - name: Run tests run: cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt - - if: failure() && github.event_name == 'push' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in running ${{ matrix.language }} tests - fields: repo,commit,author,action - status: ${{ job.status }} strategy: fail-fast: false matrix: @@ -312,6 +298,19 @@ jobs: - dotnet - go - java + verify-release: + name: verify-release + needs: + - prerequisites + - publish + - publish_sdk + - publish_go_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ needs.prerequisites.outputs.version }} + enableMacosRunner: true + name: release on: push: diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 5cba49aa..b756f517 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -162,13 +162,6 @@ jobs: if: matrix.testTarget == 'local' run: cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt - - if: failure() && github.event_name == 'push' && matrix.testTarget == 'local' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in running ${{ matrix.language }} tests - fields: repo,commit,author,action - status: ${{ job.status }} - name: Run pulumi/examples tests if: matrix.testTarget == 'pulumiExamples' run: cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ diff --git a/.github/workflows/verify-release.yml b/.github/workflows/verify-release.yml new file mode 100644 index 00000000..39e4b209 --- /dev/null +++ b/.github/workflows/verify-release.yml @@ -0,0 +1,66 @@ +name: "Verify Release" + +on: + workflow_dispatch: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacRunner: + description: "Enable the MacOS runner in addition to Linux and Windows. Defaults to 'false'." + required: false + type: boolean + workflow_call: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacosRunner: + description: "Enable the macos-latest runner in addition to ubuntu-latest and windows-latest. Defaults to 'false'." + required: false + type: boolean + default: false + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + VAULT_DEV_ROOT_TOKEN_ID: root + +jobs: + verify-release: + name: verify-release + # We don't have any release verification configurations, so we never run this workflow. + # Configure your .ci-mgmt.yaml files to include the release verification configurations e.g. + # releaseVerification: + # nodejs: path/to/nodejs/project + # python: path/to/python/project + # dotnet: path/to/dotnet/project + # go: path/to/go/project + if: false + strategy: + matrix: + # We don't have any release verification configurations, so we only run on Linux to print warnings to help users configure the release verification. + runner: ["ubuntu-latest"] + runs-on: ${{ matrix.runner }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + - name: Setup tools + uses: ./.github/actions/setup-tools diff --git a/Makefile b/Makefile index 1d81b794..02b0d699 100644 --- a/Makefile +++ b/Makefile @@ -86,7 +86,7 @@ build_python: upstream rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \ rm ./bin/go.mod && \ python3 -m venv venv && \ - ./venv/bin/python -m pip install build && \ + ./venv/bin/python -m pip install build==1.2.1 && \ cd ./bin && \ ../venv/bin/python -m build .