From 65f77d60cb546563538e113642bb6d8d88ec68e3 Mon Sep 17 00:00:00 2001 From: Pulumi Bot Date: Thu, 20 Jun 2024 10:21:38 +0000 Subject: [PATCH] [internal] Update GitHub Actions workflow files --- .github/actions/setup-tools/action.yml | 80 ++++++++++++++++++ .github/workflows/build_sdk.yml | 61 +++++++------- .github/workflows/master.yml | 49 +++++------ .github/workflows/prerelease.yml | 69 ++++++++++------ .github/workflows/prerequisites.yml | 51 +++++++----- .github/workflows/release.yml | 96 +++++++++++++--------- .github/workflows/resync-build.yml | 2 +- .github/workflows/run-acceptance-tests.yml | 71 +++++----------- .github/workflows/verify-release.yml | 46 +++++++++++ 9 files changed, 334 insertions(+), 191 deletions(-) create mode 100644 .github/actions/setup-tools/action.yml create mode 100644 .github/workflows/verify-release.yml diff --git a/.github/actions/setup-tools/action.yml b/.github/actions/setup-tools/action.yml new file mode 100644 index 00000000..a3f170c8 --- /dev/null +++ b/.github/actions/setup-tools/action.yml @@ -0,0 +1,80 @@ +name: Setup tools +description: Installs Go, Pulumi, pulumictl, schema-tools, Node.JS, Python, dotnet and Java. + +inputs: + tools: + description: | + Comma separated list of tools to install. The default of "all" installs all tools. Available tools are: + go + pulumicli + pulumictl + schema-tools + node + python + dotnet + java + default: all + +runs: + using: "composite" + steps: + - name: Install Go + if: inputs.tools == 'all' || contains(inputs.tools, 'go') + uses: actions/setup-go@v5 + with: + go-version: "1.21.x" + cache-dependency-path: | + provider/*.sum + upstream/*.sum + + - name: Install pulumictl + if: inputs.tools == 'all' || contains(inputs.tools, 'pulumictl') + uses: jaxxstorm/action-install-gh-release@v1.11.0 + with: + tag: v0.0.46 + repo: pulumi/pulumictl + + - name: Install Pulumi CLI + if: inputs.tools == 'all' || contains(inputs.tools, 'pulumicli') + uses: pulumi/actions@v5 + with: + pulumi-version: "dev" + + - name: Install Schema Tools + if: inputs.tools == 'all' || contains(inputs.tools, 'schema-tools') + uses: jaxxstorm/action-install-gh-release@v1.11.0 + with: + repo: pulumi/schema-tools + + - name: Setup Node + if: inputs.tools == 'all' || contains(inputs.tools, 'node') + uses: actions/setup-node@v4 + with: + node-version: 20.x + registry-url: https://registry.npmjs.org + + - name: Setup DotNet + if: inputs.tools == 'all' || contains(inputs.tools, 'dotnet') + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 6.0.x + + - name: Setup Python + if: inputs.tools == 'all' || contains(inputs.tools, 'python') + uses: actions/setup-python@v5 + with: + python-version: 3.11.8 + + - name: Setup Java + if: inputs.tools == 'all' || contains(inputs.tools, 'java') + uses: actions/setup-java@v4 + with: + cache: gradle + distribution: temurin + java-version: 11 + + - name: Setup Gradle + if: inputs.tools == 'all' || contains(inputs.tools, 'java') + uses: gradle/gradle-build-action@v3 + with: + gradle-version: 7.6 diff --git a/.github/workflows/build_sdk.yml b/.github/workflows/build_sdk.yml index 344bb457..1c1b7817 100644 --- a/.github/workflows/build_sdk.yml +++ b/.github/workflows/build_sdk.yml @@ -1,7 +1,33 @@ name: "Build SDK" on: - workflow_call: {} + workflow_call: + inputs: + version: + required: true + type: string + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PULUMI_MISSING_DOCS_ERROR: true + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + XYZ_REGION: us-west-2 + PROVIDER_VERSION: ${{ inputs.version }} jobs: build_sdk: @@ -19,43 +45,16 @@ jobs: steps: - name: Checkout Repo uses: actions/checkout@v4 - - uses: pulumi/provider-version-action@v1 - with: - set-env: 'PROVIDER_VERSION' - name: Cache examples generation uses: actions/cache@v4 with: path: | .pulumi/examples-cache key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} - - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 - with: - tag: v0.0.46 - repo: pulumi/pulumictl - - name: Setup Node - uses: actions/setup-node@v4 - with: - node-version: 20.x - registry-url: https://registry.npmjs.org - - name: Setup DotNet - uses: actions/setup-dotnet@v4 - with: - dotnet-version: 6.0.x - - name: Setup Python - uses: actions/setup-python@v5 - with: - python-version: 3.11.8 - - name: Setup Java - uses: actions/setup-java@v4 - with: - cache: gradle - distribution: temurin - java-version: 11 - - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + - name: Setup tools + uses: ./.github/actions/setup-tools with: - gradle-version: 7.6 + tools: pulumictl, pulumicli, go, node, dotnet, python, java - name: Download provider + tfgen binaries uses: actions/download-artifact@v4 with: diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index 303dbb4f..4b7599d7 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -21,11 +21,21 @@ env: TF_APPEND_USER_AGENT: pulumi XYZ_REGION: us-west-2 jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + build_sdk: name: build_sdk needs: prerequisites uses: ./.github/workflows/build_sdk.yml secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} generate_coverage_data: continue-on-error: true @@ -62,7 +72,7 @@ jobs: - name: Install Pulumi CLI uses: pulumi/actions@v5 with: - pulumi-version: "^3" + pulumi-version: "dev" - if: github.event_name == 'pull_request' name: Install Schema Tools uses: jaxxstorm/action-install-gh-release@v1.11.0 @@ -89,17 +99,11 @@ jobs: name: License Check uses: ./.github/workflows/license.yml secrets: inherit - prerequisites: - uses: ./.github/workflows/prerequisites.yml - secrets: inherit - with: - default_branch: ${{ github.event.repository.default_branch }} - is_pr: ${{ github.event_name == 'pull_request' }} - is_automated: ${{ github.actor == 'dependabot[bot]' }} publish: name: publish needs: + - prerequisites - test - license_check runs-on: ubuntu-latest @@ -127,7 +131,7 @@ jobs: - name: Install Pulumi CLI uses: pulumi/actions@v5 with: - pulumi-version: "^3" + pulumi-version: "dev" - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -138,13 +142,11 @@ jobs: role-external-id: upload-pulumi-release role-session-name: xyz@githubActions role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - - id: version - uses: pulumi/provider-version-action@v1 - name: Run GoReleaser uses: goreleaser/goreleaser-action@v5 env: - GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }} - PROVIDER_VERSION: ${{ steps.version.outputs.version }} + GORELEASER_CURRENT_TAG: v${{ needs.prerequisites.outputs.version }} + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} with: args: -p 3 -f .goreleaser.prerelease.yml --rm-dist --skip-validate --timeout 60m0s @@ -158,16 +160,16 @@ jobs: status: ${{ job.status }} publish_sdk: name: publish_sdk - needs: publish + needs: + - prerequisites + - publish runs-on: ubuntu-latest steps: - - id: version - uses: pulumi/provider-version-action@v1 - name: Publish SDKs - uses: pulumi/pulumi-package-publisher@v0.0.17 + uses: pulumi/pulumi-package-publisher@v0.0.18 with: sdk: all - version: ${{ steps.version.outputs.version }} + version: ${{ needs.prerequisites.outputs.version }} dotnet-version: "6.0.x" java-version: "11" node-version: "20.x" @@ -203,17 +205,18 @@ jobs: test: name: test - needs: build_sdk + needs: + - prerequisites + - build_sdk permissions: contents: read id-token: write runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: - name: Checkout Repo uses: actions/checkout@v4 - - uses: pulumi/provider-version-action@v1 - with: - set-env: 'PROVIDER_VERSION' - name: Install Go uses: actions/setup-go@v5 with: @@ -228,7 +231,7 @@ jobs: - name: Install Pulumi CLI uses: pulumi/actions@v5 with: - pulumi-version: "^3" + pulumi-version: "dev" - name: Setup Node uses: actions/setup-node@v4 with: diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index db581b8c..004ece85 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -22,11 +22,21 @@ env: TF_APPEND_USER_AGENT: pulumi XYZ_REGION: us-west-2 jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + build_sdk: name: build_sdk needs: prerequisites uses: ./.github/workflows/build_sdk.yml secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} lint: name: lint @@ -36,17 +46,11 @@ jobs: name: License Check uses: ./.github/workflows/license.yml secrets: inherit - prerequisites: - uses: ./.github/workflows/prerequisites.yml - secrets: inherit - with: - default_branch: ${{ github.event.repository.default_branch }} - is_pr: ${{ github.event_name == 'pull_request' }} - is_automated: ${{ github.actor == 'dependabot[bot]' }} publish: name: publish needs: + - prerequisites - test - license_check runs-on: ubuntu-latest @@ -74,7 +78,7 @@ jobs: - name: Install Pulumi CLI uses: pulumi/actions@v5 with: - pulumi-version: "^3" + pulumi-version: "dev" - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -85,13 +89,11 @@ jobs: role-external-id: upload-pulumi-release role-session-name: xyz@githubActions role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - - id: version - uses: pulumi/provider-version-action@v1 - name: Run GoReleaser uses: goreleaser/goreleaser-action@v5 env: - GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }} - PROVIDER_VERSION: ${{ steps.version.outputs.version }} + GORELEASER_CURRENT_TAG: v${{ needs.prerequisites.outputs.version }} + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} with: args: -p 3 -f .goreleaser.prerelease.yml --rm-dist --skip-validate --timeout 60m0s @@ -105,16 +107,16 @@ jobs: status: ${{ job.status }} publish_sdk: name: publish_sdk - needs: publish + needs: + - prerequisites + - publish runs-on: ubuntu-latest steps: - - id: version - uses: pulumi/provider-version-action@v1 - name: Publish SDKs - uses: pulumi/pulumi-package-publisher@v0.0.17 + uses: pulumi/pulumi-package-publisher@v0.0.18 with: sdk: all - version: ${{ steps.version.outputs.version }} + version: ${{ needs.prerequisites.outputs.version }} dotnet-version: "6.0.x" java-version: "11" node-version: "20.x" @@ -132,7 +134,9 @@ jobs: uses: rtCamp/action-slack-notify@v2 publish_go_sdk: name: publish_go_sdk - needs: publish_sdk + needs: + - prerequisites + - publish_sdk runs-on: ubuntu-latest steps: - name: Checkout Repo @@ -142,8 +146,6 @@ jobs: with: tag: v0.0.46 repo: pulumi/pulumictl - - id: version - uses: pulumi/provider-version-action@v1 - name: Download Go SDK uses: actions/download-artifact@v4 with: @@ -159,7 +161,7 @@ jobs: base-ref: ${{ github.sha }} source: sdk path: sdk - version: ${{ steps.version.outputs.version }} + version: ${{ needs.prerequisites.outputs.version }} additive: false # Avoid including other language SDKs & artifacts in the commit files: | @@ -168,17 +170,18 @@ jobs: !*.tar.gz test: name: test - needs: build_sdk + needs: + - prerequisites + - build_sdk permissions: contents: read id-token: write runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: - name: Checkout Repo uses: actions/checkout@v4 - - uses: pulumi/provider-version-action@v1 - with: - set-env: 'PROVIDER_VERSION' - name: Install Go uses: actions/setup-go@v5 with: @@ -193,7 +196,7 @@ jobs: - name: Install Pulumi CLI uses: pulumi/actions@v5 with: - pulumi-version: "^3" + pulumi-version: "dev" - name: Setup Node uses: actions/setup-node@v4 with: @@ -269,6 +272,20 @@ jobs: - dotnet - go - java + verify-release: + name: verify-release + needs: + - prerequisites + - publish + - publish_sdk + - publish_go_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ needs.prerequisites.outputs.version }} + # Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. + enableMacosRunner: false + name: prerelease on: push: diff --git a/.github/workflows/prerequisites.yml b/.github/workflows/prerequisites.yml index 7e4ed3c0..a80225d6 100644 --- a/.github/workflows/prerequisites.yml +++ b/.github/workflows/prerequisites.yml @@ -12,15 +12,43 @@ on: default_branch: type: string required: true + outputs: + version: + description: "Provider version being built" + value: ${{ jobs.prerequisites.outputs.version }} + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PULUMI_MISSING_DOCS_ERROR: true + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + XYZ_REGION: us-west-2 jobs: prerequisites: name: prerequisites runs-on: ubuntu-latest + outputs: + version: ${{ steps.provider-version.outputs.version }} steps: - name: Checkout Repo uses: actions/checkout@v4 - uses: pulumi/provider-version-action@v1 + id: provider-version with: set-env: 'PROVIDER_VERSION' - name: Cache examples generation @@ -31,27 +59,10 @@ jobs: key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} - name: Prepare upstream code run: make upstream - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: "1.21.x" - cache-dependency-path: | - provider/*.sum - upstream/*.sum - - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 - with: - tag: v0.0.46 - repo: pulumi/pulumictl - - name: Install Pulumi CLI - uses: pulumi/actions@v5 - with: - pulumi-version: "^3" - - if: inputs.is_pr - name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@v1.11.0 + - name: Setup tools + uses: ./.github/actions/setup-tools with: - repo: pulumi/schema-tools + tools: go, pulumictl, pulumicli, schema-tools - name: Build schema generator binary run: make tfgen_build_only - name: Install plugins diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 46ed493c..493725f8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -21,27 +21,39 @@ env: TF_APPEND_USER_AGENT: pulumi XYZ_REGION: us-west-2 jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + build_sdk: name: build_sdk needs: prerequisites uses: ./.github/workflows/build_sdk.yml secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} create_docs_build: name: create_docs_build - needs: tag_sdk + needs: publish_go_sdk runs-on: ubuntu-latest steps: - - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 - with: - tag: v0.0.46 - repo: pulumi/pulumictl - - env: - GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - name: Dispatch Event - run: pulumictl create docs-build pulumi-xyz - "${GITHUB_REF#refs/tags/}" + - name: Dispatch Metadata build + uses: peter-evans/repository-dispatch@v3 + with: + token: ${{ secrets.PULUMI_BOT_TOKEN }} + repository: pulumi/registry + event-type: resource-provider + client-payload: |- + { + "project": "${{ github.repository }}", + "project-shortname": "xyz", + "ref": "${{ github.ref_name }}" + } lint: name: lint uses: ./.github/workflows/lint.yml @@ -50,17 +62,11 @@ jobs: name: License Check uses: ./.github/workflows/license.yml secrets: inherit - prerequisites: - uses: ./.github/workflows/prerequisites.yml - secrets: inherit - with: - default_branch: ${{ github.event.repository.default_branch }} - is_pr: ${{ github.event_name == 'pull_request' }} - is_automated: ${{ github.actor == 'dependabot[bot]' }} publish: name: publish needs: + - prerequisites - test - license_check runs-on: ubuntu-latest @@ -88,7 +94,7 @@ jobs: - name: Install Pulumi CLI uses: pulumi/actions@v5 with: - pulumi-version: "^3" + pulumi-version: "dev" - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -99,13 +105,11 @@ jobs: role-external-id: upload-pulumi-release role-session-name: xyz@githubActions role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - - id: version - uses: pulumi/provider-version-action@v1 - name: Run GoReleaser uses: goreleaser/goreleaser-action@v5 env: - GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }} - PROVIDER_VERSION: ${{ steps.version.outputs.version }} + GORELEASER_CURRENT_TAG: v${{ needs.prerequisites.outputs.version }} + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} with: args: -p 3 release --rm-dist --timeout 60m0s version: latest @@ -118,16 +122,16 @@ jobs: status: ${{ job.status }} publish_sdk: name: publish_sdk - needs: publish + needs: + - prerequisites + - publish runs-on: ubuntu-latest steps: - - id: version - uses: pulumi/provider-version-action@v1 - name: Publish SDKs - uses: pulumi/pulumi-package-publisher@v0.0.17 + uses: pulumi/pulumi-package-publisher@v0.0.18 with: sdk: all - version: ${{ steps.version.outputs.version }} + version: ${{ needs.prerequisites.outputs.version }} dotnet-version: "6.0.x" java-version: "11" node-version: "20.x" @@ -143,9 +147,11 @@ jobs: if: failure() name: Send Publish Failure To Slack uses: rtCamp/action-slack-notify@v2 - tag_sdk: - name: tag_sdk - needs: publish_sdk + publish_go_sdk: + name: publish_go_sdk + needs: + - prerequisites + - publish_sdk runs-on: ubuntu-latest steps: - name: Checkout Repo @@ -155,8 +161,6 @@ jobs: with: tag: v0.0.46 repo: pulumi/pulumictl - - id: version - uses: pulumi/provider-version-action@v1 - name: Download Go SDK uses: actions/download-artifact@v4 with: @@ -172,7 +176,7 @@ jobs: base-ref: ${{ github.sha }} source: sdk path: sdk - version: ${{ steps.version.outputs.version }} + version: ${{ needs.prerequisites.outputs.version }} additive: false # Avoid including other language SDKs & artifacts in the commit files: | @@ -199,17 +203,18 @@ jobs: test: name: test - needs: build_sdk + needs: + - prerequisites + - build_sdk permissions: contents: read id-token: write runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: - name: Checkout Repo uses: actions/checkout@v4 - - uses: pulumi/provider-version-action@v1 - with: - set-env: 'PROVIDER_VERSION' - name: Install Go uses: actions/setup-go@v5 with: @@ -224,7 +229,7 @@ jobs: - name: Install Pulumi CLI uses: pulumi/actions@v5 with: - pulumi-version: "^3" + pulumi-version: "dev" - name: Setup Node uses: actions/setup-node@v4 with: @@ -300,6 +305,19 @@ jobs: - dotnet - go - java + verify-release: + name: verify-release + needs: + - prerequisites + - publish + - publish_sdk + - publish_go_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ needs.prerequisites.outputs.version }} + enableMacosRunner: true + name: release on: push: diff --git a/.github/workflows/resync-build.yml b/.github/workflows/resync-build.yml index 45fb5514..43bcfdd1 100644 --- a/.github/workflows/resync-build.yml +++ b/.github/workflows/resync-build.yml @@ -51,7 +51,7 @@ jobs: - name: Install Pulumi CLI uses: pulumi/actions@v5 with: - pulumi-version: "^3" + pulumi-version: "dev" - name: Setup DotNet uses: actions/setup-dotnet@v4 with: diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index f86242ae..819e1dce 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -27,6 +27,16 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: + prerequisites: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + build_sdk: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository @@ -34,6 +44,8 @@ jobs: needs: prerequisites uses: ./.github/workflows/build_sdk.yml secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} comment-notification: if: github.event_name == 'repository_dispatch' @@ -56,16 +68,6 @@ jobs: name: lint uses: ./.github/workflows/lint.yml secrets: inherit - prerequisites: - if: github.event_name == 'repository_dispatch' || - github.event.pull_request.head.repo.full_name == github.repository - uses: ./.github/workflows/prerequisites.yml - secrets: inherit - with: - default_branch: ${{ github.event.repository.default_branch }} - is_pr: ${{ github.event_name == 'pull_request' }} - is_automated: ${{ github.actor == 'dependabot[bot]' }} - sentinel: name: sentinel if: github.event_name == 'repository_dispatch' || @@ -92,63 +94,30 @@ jobs: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository name: test - needs: build_sdk + needs: + - prerequisites + - build_sdk permissions: contents: read id-token: write runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: - name: Checkout Repo uses: actions/checkout@v4 with: ref: ${{ env.PR_COMMIT_SHA }} - - uses: pulumi/provider-version-action@v1 - with: - set-env: 'PROVIDER_VERSION' - name: Checkout p/examples if: matrix.testTarget == 'pulumiExamples' uses: actions/checkout@v4 with: repository: pulumi/examples path: p-examples - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: "1.21.x" - cache-dependency-path: | - sdk/go.sum - - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 - with: - tag: v0.0.46 - repo: pulumi/pulumictl - - name: Install Pulumi CLI - uses: pulumi/actions@v5 - with: - pulumi-version: "^3" - - name: Setup Node - uses: actions/setup-node@v4 - with: - node-version: "20.x" - registry-url: https://registry.npmjs.org - - name: Setup DotNet - uses: actions/setup-dotnet@v4 - with: - dotnet-version: "6.0.x" - - name: Setup Python - uses: actions/setup-python@v5 - with: - python-version: "3.11.8" - - name: Setup Java - uses: actions/setup-java@v4 - with: - cache: gradle - distribution: temurin - java-version: "11" - - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + - name: Setup tools + uses: ./.github/actions/setup-tools with: - gradle-version: "7.6" + tools: pulumictl, pulumicli, go, node, dotnet, python, java - name: Download provider + tfgen binaries uses: actions/download-artifact@v4 with: diff --git a/.github/workflows/verify-release.yml b/.github/workflows/verify-release.yml new file mode 100644 index 00000000..88d5852d --- /dev/null +++ b/.github/workflows/verify-release.yml @@ -0,0 +1,46 @@ +name: "Verify Release" + +on: + workflow_dispatch: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacRunner: + description: "Enable the MacOS runner in addition to Linux and Windows. Defaults to 'false'." + required: false + type: boolean + workflow_call: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacosRunner: + description: "Enable the macos-latest runner in addition to ubuntu-latest and windows-latest. Defaults to 'false'." + required: false + type: boolean + default: false + +jobs: + verify-release: + name: verify-release + strategy: + matrix: + # We don't have any release verification configurations, so we only run on Linux to print warnings to help users configure the release verification. + runner: ["ubuntu-latest"] + runs-on: ${{ matrix.runner }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + - name: Setup tools + uses: ./.github/actions/setup-tools + - id: version + uses: pulumi/provider-version-action@v1 + with: + set-env: 'PROVIDER_VERSION' + - run: echo "::warning file=.ci-mgmt.yaml,title=Node.js release verification missing::Add the key releaseVerification.nodejs to .ci-mgmt.yaml pointing to the directory containing a Pulumi nodejs project to preview." + - run: echo "::warning file=.ci-mgmt.yaml,title=Python release verification missing::Add the key releaseVerification.python to .ci-mgmt.yaml pointing to the directory containing a Pulumi python project to preview." + - run: echo "::warning file=.ci-mgmt.yaml,title=Dotnet release verification missing::Add the key releaseVerification.dotnet to .ci-mgmt.yaml pointing to the directory containing a Pulumi dotnet project to preview." + - run: echo "::warning file=.ci-mgmt.yaml,title=Go release verification missing::Add the key releaseVerification.python to .ci-mgmt.yaml pointing to the directory containing a Pulumi go project to preview."