-
Notifications
You must be signed in to change notification settings - Fork 53
112 lines (105 loc) · 3.7 KB
/
prerequisites.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
name: "Prerequisites"
on:
workflow_call:
inputs:
is_pr:
type: boolean
required: true
is_automated:
type: boolean
required: true
default_branch:
type: string
required: true
outputs:
version:
description: "Provider version being built"
value: ${{ jobs.prerequisites.outputs.version }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT: pulumi-ci-gcp-provider
GOOGLE_PROJECT_NUMBER: "895284651812"
GOOGLE_REGION: us-central1
GOOGLE_ZONE: us-central1-a
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
PULUMI_MISSING_DOCS_ERROR: "true"
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
PYPI_USERNAME: __token__
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
TF_APPEND_USER_AGENT: pulumi
jobs:
prerequisites:
name: prerequisites
runs-on: ubuntu-latest
outputs:
version: ${{ steps.provider-version.outputs.version }}
steps:
- name: Checkout Repo
uses: actions/checkout@v4
with:
persist-credentials: false
- uses: pulumi/provider-version-action@v1
id: provider-version
with:
set-env: 'PROVIDER_VERSION'
- name: Cache examples generation
uses: actions/cache@v4
with:
path: |
.pulumi/examples-cache
key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }}
- name: Prepare upstream code
run: make upstream
- name: Setup tools
uses: ./.github/actions/setup-tools
with:
tools: go, pulumictl, pulumicli, schema-tools
- name: Build schema generator binary
run: make tfgen_build_only
- name: Install plugins
run: make install_plugins
- name: Generate schema
run: make tfgen_no_deps
- name: Build provider binary
run: make provider_no_deps
- name: Unit-test provider code
run: make test_provider
- if: inputs.is_pr
name: Check Schema is Valid
run: |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64)
{
echo "SCHEMA_CHANGES<<$EOF";
schema-tools compare -r github://api.github.com/pulumi -p gcp -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-gcp/schema.json;
echo "$EOF";
} >> "$GITHUB_ENV"
- if: inputs.is_pr && inputs.is_automated == false
name: Comment on PR with Details of Schema Check
uses: thollander/actions-comment-pull-request@v2
with:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
comment_tag: schemaCheck
message: >+
${{ env.SCHEMA_CHANGES }}
Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes.
- name: Upload bin
uses: ./.github/actions/upload-bin
- name: Upload schema-embed.json
uses: actions/upload-artifact@v4
with:
name: schema-embed.json
path: provider/cmd/pulumi-resource-gcp/schema-embed.json
retention-days: 30