Update GitHub Actions workflows. (#1277) #316

Workflow file for this run

	# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt

	env:
	ARM_CLIENT_ID: 30e520fa-12b4-4e21-b473-9426c5ac2e1e
	ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
	ARM_SUBSCRIPTION_ID: 0282681f-7a9e-424b-80b2-96babd57a8a1
	ARM_TENANT_ID: 706143bc-e1d4-4593-aee2-c9dc60ab9be7
	AWS_REGION: us-west-2
	AZURE_LOCATION: westus
	DIGITALOCEAN_TOKEN: ${{ secrets.DIGITALOCEAN_TOKEN }}
	DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
	GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
	GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
	GOOGLE_PROJECT: pulumi-ci-gcp-provider
	GOOGLE_PROJECT_NUMBER: 895284651812
	GOOGLE_REGION: us-central1
	GOOGLE_ZONE: us-central1-a
	NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
	NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
	NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
	PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
	PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
	PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
	PULUMI_API: https://api.pulumi-staging.io
	PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
	PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
	PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
	PYPI_USERNAME: __token__
	SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
	SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
	SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
	TF_APPEND_USER_AGENT: pulumi
	jobs:
	prerequisites:
	uses: ./.github/workflows/prerequisites.yml
	secrets: inherit
	with:
	default_branch: ${{ github.event.repository.default_branch }}
	is_pr: ${{ github.event_name == 'pull_request' }}
	is_automated: ${{ github.actor == 'dependabot[bot]' }}

	build_provider:
	uses: ./.github/workflows/build_provider.yml
	needs: prerequisites
	secrets: inherit
	with:
	version: ${{ needs.prerequisites.outputs.version }}

	build_sdk:
	name: build_sdk
	needs: prerequisites
	uses: ./.github/workflows/build_sdk.yml
	secrets: inherit
	with:
	version: ${{ needs.prerequisites.outputs.version }}

	generate_coverage_data:
	continue-on-error: true
	env:
	COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }}
	name: generate_coverage_data
	needs: prerequisites
	runs-on: ubuntu-latest
	steps:
	- name: Free Disk Space (Ubuntu)
	uses: jlumbroso/free-disk-space@v1.3.1
	with:
	tool-cache: false
	swap-storage: false
	- name: Checkout Repo
	uses: actions/checkout@v4
	with:
	persist-credentials: false
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }}
	aws-region: us-west-2
	aws-secret-access-key: ${{ secrets.AWS_CORP_S3_UPLOAD_SECRET_ACCESS_KEY }}
	- name: Setup tools
	uses: ./.github/actions/setup-tools
	with:
	tools: pulumictl, pulumicli, go, schema-tools
	- name: Echo Coverage Output Dir
	run: 'echo "Coverage output directory: ${{ env.COVERAGE_OUTPUT_DIR }}"'
	- name: Generate Coverage Data
	run: PULUMI_MISSING_DOCS_ERROR=true make tfgen
	- name: Summarize Provider Coverage Results
	run: cat ${{ env.COVERAGE_OUTPUT_DIR }}/shortSummary.txt
	- name: Upload coverage data to S3
	run: >-
	summaryName="${PROVIDER}_summary_$(date +"%Y-%m-%d_%H-%M-%S").json"

	s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}"

	aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control
	lint:
	name: lint
	uses: ./.github/workflows/lint.yml
	secrets: inherit
	license_check:
	name: License Check
	uses: ./.github/workflows/license.yml
	secrets: inherit

	publish:
	name: publish
	permissions:
	contents: write
	needs:
	- prerequisites
	- build_provider
	- test
	- license_check
	uses: ./.github/workflows/publish.yml
	secrets: inherit
	with:
	version: ${{ needs.prerequisites.outputs.version }}
	isPrerelease: true
	skipGoSdk: true

	tag_release_if_labeled_needs_release:
	name: Tag release if labeled as needs-release
	needs: publish
	runs-on: ubuntu-latest
	steps:
	- name: check if this commit needs release
	if: ${{ env.RELEASE_BOT_ENDPOINT != '' }}
	uses: pulumi/action-release-by-pr-label@main
	with:
	command: "release-if-needed"
	repo: ${{ github.repository }}
	commit: ${{ github.sha }}
	slack_channel: ${{ secrets.RELEASE_OPS_SLACK_CHANNEL }}
	env:
	RELEASE_BOT_ENDPOINT: ${{ secrets.RELEASE_BOT_ENDPOINT }}
	RELEASE_BOT_KEY: ${{ secrets.RELEASE_BOT_KEY }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	test:
	name: test
	needs:
	- prerequisites
	- build_sdk
	permissions:
	contents: read
	id-token: write
	runs-on: ubuntu-latest
	env:
	PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }}
	steps:
	- name: Checkout Repo
	uses: actions/checkout@v4
	with:
	persist-credentials: false
	- name: Setup tools
	uses: ./.github/actions/setup-tools
	with:
	tools: pulumictl, pulumicli, ${{ matrix.language }}
	- name: Download bin
	uses: ./.github/actions/download-bin
	- name: Add NuGet source
	if: matrix.language == 'dotnet'
	run: dotnet nuget add source ${{ github.workspace }}/nuget
	- name: Download SDK
	uses: ./.github/actions/download-sdk
	with:
	language: ${{ matrix.language }}
	- name: Update path
	run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
	- name: Install Python deps
	if: matrix.language == 'python'
	run: \|-
	pip3 install virtualenv==20.0.23
	pip3 install pipenv
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-region: ${{ env.AWS_REGION }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	role-duration-seconds: 7200
	role-session-name: docker@githubActions
	role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
	- name: Authenticate to Google Cloud
	uses: google-github-actions/auth@v2
	with:
	service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
	workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
	}}/locations/global/workloadIdentityPools/${{
	env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
	env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
	- name: Setup gcloud auth
	uses: google-github-actions/setup-gcloud@v2
	with:
	install_components: gke-gcloud-auth-plugin
	- name: Login to Google Cloud Registry
	run: gcloud --quiet auth configure-docker
	- name: Install dependencies
	run: make install_${{ matrix.language}}_sdk
	- name: Install gotestfmt
	uses: GoTestTools/gotestfmt-action@v2
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	version: v2.5.0
	- name: Setup SSH key
	uses: webfactory/ssh-agent@v0.7.0
	with:
	ssh-private-key: ${{ secrets.PRIVATE_SSH_KEY_FOR_DIGITALOCEAN }}
	- name: Run tests
	run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4
	strategy:
	fail-fast: false
	matrix:
	language:
	- nodejs
	- python
	- dotnet
	- go
	- java
	name: master
	on:
	workflow_dispatch: {}
	push:
	branches:
	- master
	paths-ignore:
	- "**.md"
	tags-ignore:
	- v*
	- sdk/*
	- "**"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update GitHub Actions workflows. (#1277) #316

Workflow file

Update GitHub Actions workflows. (#1277) #316

Jobs

Run details

Workflow file for this run