From 8eac536364a8b01067875d35d9ed49ed3f6d2b0f Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 4 Nov 2024 16:28:29 -0800 Subject: [PATCH 01/14] Typed provider configuration --- provider-ci/go.mod | 2 +- provider-ci/internal/cmd/generate.go | 25 +- provider-ci/internal/pkg/config.go | 378 +++++++++++++++++- provider-ci/internal/pkg/generate.go | 2 +- .../.github/actions/download-bin/action.yml | 6 +- .../.github/actions/upload-bin/action.yml | 6 +- .../.github/workflows/build_provider.yml | 22 +- .../.github/workflows/build_sdk.yml | 16 +- .../.github/workflows/main.yml | 76 ++-- .../.github/workflows/nightly-test.yml | 48 +-- .../.github/workflows/prerelease.yml | 60 +-- .../.github/workflows/prerequisites.yml | 30 +- .../.github/workflows/publish.yml | 52 +-- .../.github/workflows/release.yml | 58 +-- .../.github/workflows/resync-build.yml | 22 +- .../workflows/run-acceptance-tests.yml | 66 +-- .../.github/workflows/upgrade-bridge.yml | 22 +- .../.github/workflows/upgrade-provider.yml | 21 +- .../bridged-provider/.upgrade-config.yml | 14 +- .../pkg/templates/bridged-provider/Makefile | 44 +- .../pkg/templates/defaults.config.yaml | 20 +- .../pkg/templates/dev-container/devbox.json | 13 +- .../.github/actions/download-sdk/action.yml | 2 +- .../.github/actions/setup-tools/action.yml | 14 +- .../.github/actions/upload-sdk/action.yml | 2 +- .../provider/.github/workflows/license.yml | 8 +- .../provider/.github/workflows/lint.yml | 10 +- .../.github/workflows/pull-request.yml | 12 +- .../.github/workflows/verify-release.yml | 36 +- .../pkg/templates/provider/.golangci.yml | 2 +- .../.github/workflows/command-dispatch.yml | 10 +- .../workflows/community-moderation.yml | 16 +- .../.github/workflows/release_command.yml | 2 +- provider-ci/test-providers/acme/.ci-mgmt.yaml | 1 - .../.github/workflows/upgrade-provider.yml | 3 +- .../aws/.github/workflows/build_sdk.yml | 2 +- .../.github/workflows/command-dispatch.yml | 2 +- .../aws/.github/workflows/license.yml | 2 +- .../aws/.github/workflows/lint.yml | 2 +- .../aws/.github/workflows/master.yml | 2 +- .../aws/.github/workflows/nightly-test.yml | 2 +- .../aws/.github/workflows/prerelease.yml | 2 +- .../aws/.github/workflows/prerequisites.yml | 2 +- .../aws/.github/workflows/publish.yml | 2 +- .../aws/.github/workflows/pull-request.yml | 2 +- .../aws/.github/workflows/release.yml | 2 +- .../aws/.github/workflows/resync-build.yml | 2 +- .../workflows/run-acceptance-tests.yml | 2 +- .../.github/workflows/upgrade-provider.yml | 3 +- .../aws/.github/workflows/verify-release.yml | 2 +- .../.github/workflows/upgrade-provider.yml | 62 +++ .../docker/.github/workflows/build_sdk.yml | 2 +- .../.github/workflows/command-dispatch.yml | 2 +- .../docker/.github/workflows/license.yml | 2 +- .../docker/.github/workflows/lint.yml | 2 +- .../docker/.github/workflows/master.yml | 2 +- .../docker/.github/workflows/prerelease.yml | 2 +- .../.github/workflows/prerequisites.yml | 2 +- .../docker/.github/workflows/publish.yml | 2 +- .../docker/.github/workflows/pull-request.yml | 2 +- .../docker/.github/workflows/release.yml | 2 +- .../docker/.github/workflows/resync-build.yml | 2 +- .../workflows/run-acceptance-tests.yml | 2 +- .../.github/workflows/upgrade-provider.yml | 3 +- .../.github/workflows/verify-release.yml | 2 +- 65 files changed, 814 insertions(+), 429 deletions(-) create mode 100644 provider-ci/test-providers/cloudflare/.github/workflows/upgrade-provider.yml diff --git a/provider-ci/go.mod b/provider-ci/go.mod index 60e37e943e..36f95bd13a 100644 --- a/provider-ci/go.mod +++ b/provider-ci/go.mod @@ -4,7 +4,6 @@ go 1.21 require ( github.com/Masterminds/sprig v2.22.0+incompatible - github.com/imdario/mergo v0.3.16 github.com/spf13/cobra v1.7.0 gopkg.in/yaml.v3 v3.0.1 ) @@ -15,6 +14,7 @@ require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/google/uuid v1.3.0 // indirect github.com/huandu/xstrings v1.4.0 // indirect + github.com/imdario/mergo v0.3.16 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/kr/pretty v0.1.0 // indirect github.com/mitchellh/copystructure v1.2.0 // indirect diff --git a/provider-ci/internal/cmd/generate.go b/provider-ci/internal/cmd/generate.go index 0db0a87181..2e6d728dbb 100644 --- a/provider-ci/internal/cmd/generate.go +++ b/provider-ci/internal/cmd/generate.go @@ -21,33 +21,26 @@ var generateCmd = &cobra.Command{ Use: "generate", Short: "Generate repository files.", RunE: func(cmd *cobra.Command, args []string) error { - localConfig, err := pkg.LoadLocalConfig(generateArgs.ConfigPath) - if err != nil { - return err - } - // Merge local config with template defaults - mergedConfig, err := localConfig.WithTemplateDefaults() + config, err := pkg.LoadLocalConfig(generateArgs.ConfigPath) if err != nil { return err } // Template name priority: CLI flag > config file if generateArgs.TemplateName == "" { - if templateName, ok := mergedConfig["template"].(string); ok { - generateArgs.TemplateName = templateName + if config.Template != "" { + generateArgs.TemplateName = config.Template } } // Name priority: CLI flag > config file ("repository", then "name" field) if generateArgs.RepositoryName == "" { - if repositoryName, ok := mergedConfig["repository"].(string); ok { - generateArgs.RepositoryName = repositoryName - } else if name, ok := mergedConfig["name"].(string); ok { - generateArgs.RepositoryName = name + if config.Repository != "" { + generateArgs.RepositoryName = config.Repository } else { - providerName, providerOk := mergedConfig["provider"].(string) - organizationName, organizationOk := mergedConfig["organization"].(string) - if providerOk && organizationOk { + providerName := config.Provider + organizationName := config.Organization + if providerName != "" && organizationName != "" { generateArgs.RepositoryName = fmt.Sprintf("%s/pulumi-%s", organizationName, providerName) } } @@ -61,7 +54,7 @@ var generateCmd = &cobra.Command{ RepositoryName: generateArgs.RepositoryName, OutDir: generateArgs.OutDir, TemplateName: generateArgs.TemplateName, - Config: mergedConfig, + Config: config, }) return err }, diff --git a/provider-ci/internal/pkg/config.go b/provider-ci/internal/pkg/config.go index 690e11e825..b84315e0ff 100644 --- a/provider-ci/internal/pkg/config.go +++ b/provider-ci/internal/pkg/config.go @@ -1,52 +1,388 @@ package pkg import ( + "bytes" "fmt" "os" "path/filepath" + "time" - "github.com/imdario/mergo" "gopkg.in/yaml.v3" ) -type Config map[string]any +// Config describes the shape of .ci-mgmt.yaml files. +type Config struct { + // Provider is required and is the name of the provider without the "pulumi-" prefix. + Provider string `yaml:"provider"` + // Repository is the optional repository of the provider. + Repository string `yaml:"repository"` + + // Template names can be found in the getTemplateDirs function in provider-ci/internal/pkg/generate.go. + Template string `yaml:"template"` + + // Organization is the name of the Github organization the repository lives + // in. Defaults to 'pulumi'. + Organization string `yaml:"organization"` + + // MajorVersion of the current provider used in Makefiles. This should + // always be set by all providers as this is key to go module paths. + MajorVersion int `yaml:"major-version"` + + // Plugins to install in the "install_plugins" make target. Should be set + // for all bridged providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22plugins%3A%22&type=code + Plugins []plugin `yaml:"plugins"` + + // JavaGenVersion ensures a specific javaGen version is used during + // upgrades if set. Set for 2 providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22javaGenVersion%3A%22&type=code + JavaGenVersion string `yaml:"javaGenVersion"` + + // UpstreamProviderOrg is optional and used in the bridge upgrade config. + // Only set for 4 providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22upstreamProviderOrg%3A%22&type=code + UpstreamProviderOrg string `yaml:"upstreamProviderOrg"` + + // UpstreamProviderRepo is used in the bridge upgrade config. Only set for + // 5 providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22upstream-provider-repo%22&type=code + UpstreamProviderRepo string `yaml:"upstream-provider-repo"` + + // Lint includes an extra lint job in workflows if enabled (default). Can + // be explicitly set to false. This is false in around 8 provider repos: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22lint%3A+false%22&type=code + Lint bool `yaml:"lint,omitempty"` + + // ProviderDefaultBranch is used to customise the default branch when + // needed. Currently set in around 17 repos: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22providerDefaultBranch%3A%22&type=code + ProviderDefaultBranch string `yaml:"providerDefaultBranch"` + + // FailOnMissingMapping sets PULUMI_MISSING_MAPPING_ERROR in the + // resync-build workflow. Used in alicloud only: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22fail-on-missing-mapping%3A%22&type=code + FailOnMissingMapping bool `yaml:"fail-on-missing-mapping"` + + // FailOnExtraMapping sets PULUMI_EXTRA_MAPPING_ERROR in resync-build and + // defaults to true. It is not used: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22fail-on-extra-mapping%3A%22&type=code + FailOnExtraMapping bool `yaml:"fail-on-extra-mapping"` + + // PublishRegistry decides if create_docs_build happens during release This + // can be overridden to false to not publish updates. This is disabled in 5 + // repos: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22publishRegistry%3A%22&type=code + PublishRegistry bool `yaml:"publishRegistry"` + + // CheckoutSubmodules is used for all checkouts during CI. Defaults to + // false. Only 3 providers use submodules: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22checkoutSubmodules%3A%22&type=code + CheckoutSubmodules bool `yaml:"checkoutSubmodules"` + + // TestMasterAndReleaseWorkflows runs the master and release workflows on + // every pull request. This option is currently never set to true: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22testMasterAndReleaseWorkflows%3A%22&type=code + TestMasterAndReleaseWorkflows bool `yaml:"testMasterAndReleaseWorkflows"` + + // FreeDiskSpaceBeforeBuild when true will clear disk space before running + // prerequisites workflow. This is used for larger providers which + // sometimes run out of disk space during builds. + FreeDiskSpaceBeforeBuild bool `yaml:"freeDiskSpaceBeforeBuild"` + + // FreeDiskSpaceBeforeSdkBuild when true will clear disk space before + // running test jobs. + FreeDiskSpaceBeforeSdkBuild bool `yaml:"freeDiskSpaceBeforeSdkBuild"` + + // FreeDiskSpaceBeforeTest when true will clear disk space before running + // sdk build jobs. + FreeDiskSpaceBeforeTest bool `yaml:"freeDiskSpaceBeforeTest"` + + // Used for centrally managing tool versions. This is not currently + // overridden by any providers, but ideally the provider's repository + // should pin its own tooling: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22toolVersions%22&type=code + ToolVersions toolVersions `yaml:"toolVersions"` + + // Languages controls which language SDKs get built and published. + Languages []string `yaml:"languages"` + + // Env contains an assortment of properties for different purposes. + // Additional entries are added by individual providers for different + // reasons. All jobs currently get the same env for all steps but values + // might only be used for very specific purposes. + Env map[string]string `yaml:"env"` + + // Actions can contain preBuild and preTest additional steps to be spliced + // into workflows. The use of these hooks vary - quite a few just build + // upstream and run provider tests. Usage: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22actions%3A%22&type=code + Actions actions `yaml:"actions"` + + // ExtraTests run as part of `run-acceptance-tests.yml`, `master.yml`, + // `main.yml`, `prerelease.yml` and `release.yml`. Only used for aws: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22extraTests%3A%22&type=code + ExtraTests map[string]any `yaml:"extraTests"` // Only used by AWS... + + // IntegrationTestProvider will run e2e tests in the provider as well as in + // the examples directory when set to true. Defaults to false. + IntegrationTestProvider bool `yaml:"integrationTestProvider"` + + // TestPulumiExamples runs e2e tests using the examples and test suite in + // the pulumi/examples repo when set to true. Defaults to false. This is + // unused but potentially useful for azure-native onboarding: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22testPulumiExamples%3A%22&type=code + TestPulumiExamples bool `yaml:"testPulumiExamples"` + + // Runner defines the runs-on property for various stages of the build + // These are not overridden by any providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22runner%3A%22&type=code + Runner struct { + Default string `yaml:"default"` + Prerequisites string `yaml:"prerequisites"` + BuildSDK string `yaml:"buildSdk"` + Publish string `yaml:"publish"` + } `yaml:"runner"` + + // actionVersions should be used wherever we use external actions to make + // upgrading easier. These are never overridden by providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22actionVersions%3A%22&type=code + ActionVersions actionVersions `yaml:"actionVersions"` + + // Publish contains multiple properties relating to the publish jobs. Used + // by 2 providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22publish%3A%22&type=code + Publish publish `yaml:"publish"` + + // RegistryDocs enables automatic registry index doc file generation. + // Intended for use with Tier 2/3 providers. + RegistryDocs bool `yaml:"registryDocs"` + + // CheckUpstreamUpgrade determines whether we run the upstream upgrade job + // for bridged providers. Set to false for providers that cannot be + // upgraded, e.g. because of archived upstream or a license conflict. + CheckUpstreamUpgrade bool `yaml:"checkUpstreamUpgrade"` + + // ReleaseVerification optionally enables running example tests during releases. + ReleaseVerification *releaseVerification `yaml:"releaseVerification,omitempty"` + + // ExtraLDFlags lists extra flags used by build targets. Only used by + // newrelic: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22extra-ld-flags%22&type=code + ExtraLDFlags []string `yaml:"extra-ld-flags"` + + // GoBuildParallelism sets PULUMI_PROVIDER_BUILD_PARALLELISM in the + // Makefile. Used in 5 providers and ideally should be configured by the provider: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22goBuildParallelism%22&type=code + GoBuildParallelism int `yaml:"goBuildParallelism"` + + // PulumiConvert sets PULUMI_CONVERT to 1 if truthy. PulumiConvert is set + // to "1" in 74 providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22pulumiConvert%22&type=code + PulumiConvert intOrBool `yaml:"pulumiConvert"` + + // DocsCmd adds a "docs" target in the makefile. Used only in + // pulumi-docker: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22docsCmd%3A%22&type=code + DocsCmd string `yaml:"docsCmd"` + + // XrunUpstreamTools adds extra steps for AWS's upstream make target. + // https://github.com/pulumi/pulumi-aws/issues/2757 + XrunUpstreamTools bool `yaml:"XrunUpstreamTools"` + + // AWS configures AWS credentials before running tests in CI job. Used in 4 + // providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22aws%3A%22&type=code + AWS bool `yaml:"aws"` + + // Docker runs testing/docker-compose.yml up before running tests in CI + // job. Used in 9 providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22docker%3A%22&type=code + Docker bool `yaml:"docker"` + + // SSHPrivateKey sets up SSH with specified private key before running + // tests in CI job. This should be provided from a secret. Used by the + // docker provider only: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22sshPrivateKey%3A%22&type=code + SSHPrivateKey string `yaml:"sshPrivateKey"` + + // GCP authenticates with GCP before running tests in CI job. Used in gcp + // and docker: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22gcp%3A%22&type=code + GCP bool `yaml:"gcp"` + + // GCPRegistry enables logging into the GCP registry before running tests + // in CI job. Only used for docker: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22gcpRegistry%3A%22&type=code + GCPRegistry bool `yaml:"gcpRegistry"` + + // SetupScript executes a script before running tests in CI job. Used in 3 + // providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22setup-script%3A%22&type=code + SetupScript string `yaml:"setup-script"` + + // GenerateNightlyTestWorkflow will include the nightly-test workflow. Used + // in 11 providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22generate-nightly-test-workflow%3A%22&type=code + GenerateNightlyTestWorkflow bool `yaml:"generate-nightly-test-workflow"` + + // License lists package paths to ignore when running the license check + License struct { + Ignore []string `yaml:"ignore"` + } `yaml:"license"` + + // ProviderVersion controls the path of the version LD flag. Only set for 3 + // providers: + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22providerVersion%3A%22&type=code + ProviderVersion string `yaml:"providerVersion"` + + // EnableConfigurationCheck prints a warning on PRs if configuration + // options aren't documented in the README. Only used by civo. + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22enableConfigurationCheck%3A%22&type=code + EnableConfigurationCheck bool `yaml:"enableConfigurationCheck"` + + // Deprecated configs + + // Parallel has no effect but is set by some providers. + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22parallel%3A%22&type=code + Parallel int `yaml:"parallel"` + + // Hybrid has no effect but is set by the docker provider. + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22hybrid%3A%22&type=code + Hybrid bool `yaml:"hybrid"` + + // Team has no effect but is set by some providers. + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22team%3A%22&type=code + Team string `yaml:"team"` + + // Timeout has no effect but is set by some providers. It can be specified + // as an int (minutes) or a string duration. + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22timeout%3A%22&type=code + Timeout intOrDuration `yaml:"timeout"` + + // MakeTemplate has no effect but is set by 78 providers. + // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22makeTemplate%3A%22&type=code + MakeTemplate string `yaml:"makeTemplate"` +} + +// LoadLocalConfig loads the provider configuration at the given path with +// defaults applied. func LoadLocalConfig(path string) (Config, error) { - localConfigBytes, err := os.ReadFile(path) + config, err := loadDefaultConfig() if err != nil { - return nil, fmt.Errorf("error reading config file %s: %w", path, err) + return Config{}, err } - var localConfig map[string]interface{} - err = yaml.Unmarshal(localConfigBytes, &localConfig) + localConfigBytes, err := os.ReadFile(path) if err != nil { - return nil, err + return Config{}, fmt.Errorf("error reading config file %s: %w", path, err) } - return localConfig, nil -} -func (c Config) WithTemplateDefaults() (Config, error) { - configForTemplate, err := loadDefaultConfig() - if err != nil { - return nil, err - } - err = mergo.Merge(&configForTemplate, &c, mergo.WithOverride) + dec := yaml.NewDecoder(bytes.NewReader(localConfigBytes)) + dec.KnownFields(true) + err = dec.Decode(&config) if err != nil { - return nil, err + return Config{}, err } - return configForTemplate, nil + return config, nil +} + +type plugin struct { + Name string `yaml:"name"` + Version string `yaml:"version"` + Kind string `yaml:"kind"` +} + +type actions struct { + PreTest any `yaml:"preTest"` + PreBuild any `yaml:"preBuild"` +} + +type actionVersions struct { + ConfigureAwsCredentials string `yaml:"configureAwsCredentials"` + SetupGcloud string `yaml:"setupGcloud"` + GoogleAuth string `yaml:"googleAuth"` + Checkout string `yaml:"checkout"` + DownloadArtifact string `yaml:"downloadArtifact"` + PathsFilter string `yaml:"pathsFilter"` + PrComment string `yaml:"prComment"` + UploadArtifact string `yaml:"uploadArtifact"` + UpgradeProviderAction string `yaml:"upgradeProviderAction"` + FreeDiskSpace string `yaml:"freeDiskSpace"` +} + +type toolVersions struct { + Dotnet string `yaml:"dotnet"` + Go string `yaml:"go"` + Java string `yaml:"java"` + Gradle string `yaml:"gradle"` + Nodejs string `yaml:"nodejs"` + Pulumi string `yaml:"pulumi"` + Python string `yaml:"python"` +} + +type releaseVerification struct { + Dotnet string `yaml:"dotnet"` + Go string `yaml:"go"` + Nodejs string `yaml:"nodejs"` + Python string `yaml:"python"` +} + +type publish struct { + PublisherAction string `yaml:"publisherAction"` + SDK string `yaml:"sdk"` + CDN bool `yaml:"cdn"` } func loadDefaultConfig() (Config, error) { - var config map[string]interface{} + var config Config configBytes, err := templateFS.ReadFile(filepath.Join("templates", "defaults.config.yaml")) if err != nil { - return nil, fmt.Errorf("error reading embedded defaults config file: %w", err) + return Config{}, fmt.Errorf("error reading embedded defaults config file: %w", err) } - err = yaml.Unmarshal(configBytes, &config) + + dec := yaml.NewDecoder(bytes.NewReader(configBytes)) + dec.KnownFields(true) + err = dec.Decode(&config) if err != nil { - return nil, fmt.Errorf("error parsing embedded defaults config file: %w", err) + return Config{}, fmt.Errorf("error parsing embedded defaults config file: %w", err) } return config, nil } + +type intOrBool bool + +func (x *intOrBool) UnmarshalYAML(unmarshal func(interface{}) error) error { + var b bool + if err := unmarshal(&b); err == nil { + *x = intOrBool(b) + return nil + } + + var i int + if err := unmarshal(&i); err != nil { + return fmt.Errorf("unmarshal int: %w", err) + } + + *x = intOrBool(i == 1) + return nil +} + +type intOrDuration time.Duration + +func (x *intOrDuration) UnmarshalYAML(unmarshal func(interface{}) error) error { + var d time.Duration + if err := unmarshal(&d); err == nil { + *x = intOrDuration(d) + return nil + } + + var i int64 + if err := unmarshal(&i); err != nil { + return fmt.Errorf("unmarshal int: %w", err) + } + + *x = intOrDuration(i * int64(time.Minute)) + return nil +} diff --git a/provider-ci/internal/pkg/generate.go b/provider-ci/internal/pkg/generate.go index 75c54421a2..5a36284999 100644 --- a/provider-ci/internal/pkg/generate.go +++ b/provider-ci/internal/pkg/generate.go @@ -149,7 +149,7 @@ func renderTemplateDir(template string, opts GenerateOpts) error { outPath = filepath.Join(opts.OutDir, outPath) // Sub in the correct Workflow name by repo default branch if strings.Contains(inPath, "main.yml") { - branchName := fmt.Sprint(config["providerDefaultBranch"]) + branchName := config.ProviderDefaultBranch outPath = strings.ReplaceAll(outPath, "main", branchName) } tmpl, err := parseTemplate(templateFS, inPath) diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/actions/download-bin/action.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/actions/download-bin/action.yml index 3f80e2b1e4..f925c04369 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/actions/download-bin/action.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/actions/download-bin/action.yml @@ -5,12 +5,12 @@ runs: using: "composite" steps: - name: Download provider + tfgen binaries - uses: #{{ .Config.actionVersions.downloadArtifact }}# + uses: #{{ .Config.ActionVersions.DownloadArtifact }}# with: - name: #{{ .Config.provider }}#-provider.tar.gz + name: #{{ .Config.Provider }}#-provider.tar.gz path: ${{ github.workspace }}/bin - name: Untar provider binaries shell: bash run: | tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace}}/bin - find ${{ github.workspace }} -name "pulumi-*-#{{ .Config.provider }}#" -print -exec chmod +x {} \; + find ${{ github.workspace }} -name "pulumi-*-#{{ .Config.Provider }}#" -print -exec chmod +x {} \; diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/actions/upload-bin/action.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/actions/upload-bin/action.yml index 9d860c34e5..0eb4de272c 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/actions/upload-bin/action.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/actions/upload-bin/action.yml @@ -6,10 +6,10 @@ runs: steps: - name: Tar provider binaries shell: bash - run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-#{{ .Config.provider }}# pulumi-tfgen-#{{ .Config.provider }}# + run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-#{{ .Config.Provider }}# pulumi-tfgen-#{{ .Config.Provider }}# - name: Upload artifacts - uses: #{{ .Config.actionVersions.uploadArtifact }}# + uses: #{{ .Config.ActionVersions.UploadArtifact }}# with: - name: #{{ .Config.provider }}#-provider.tar.gz + name: #{{ .Config.Provider }}#-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz retention-days: 30 diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_provider.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_provider.yml index 4ce93fbb92..b02e5ceec2 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_provider.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_provider.yml @@ -11,7 +11,7 @@ on: jobs: build_provider: name: Build ${{ matrix.platform.os }}-${{ matrix.platform.arch }} - runs-on: #{{ if .Config.runner.buildSdk }}##{{- .Config.runner.buildSdk }}##{{ else }}##{{- .Config.runner.default }}##{{ end }}# + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# env: PROVIDER_VERSION: ${{ inputs.version }} strategy: @@ -29,20 +29,20 @@ jobs: - os: windows arch: amd64 steps: - #{{- if .Config.freeDiskSpaceBeforeBuild }}# + #{{- if .Config.FreeDiskSpaceBeforeBuild }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Setup tools @@ -50,21 +50,21 @@ jobs: with: tools: pulumictl, go - name: Download schema-embed.json - uses: #{{ .Config.actionVersions.downloadArtifact }}# + uses: #{{ .Config.ActionVersions.DownloadArtifact }}# with: # Use a pattern to avoid failing if the artifact doesn't exist pattern: schema-embed.* # Avoid creating directories for each artifact merge-multiple: true - path: provider/cmd/pulumi-resource-#{{ .Config.provider }}#/schema-embed.json + path: provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema-embed.json - name: Prepare for build # This installs plugins and prepares upstream run: make upstream - name: Build & package provider run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} - name: Upload artifacts - uses: #{{ .Config.actionVersions.uploadArtifact }}# + uses: #{{ .Config.ActionVersions.UploadArtifact }}# with: - name: pulumi-resource-#{{ .Config.provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz - path: bin/pulumi-resource-#{{ .Config.provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + name: pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: bin/pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz retention-days: 30 diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_sdk.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_sdk.yml index 8b23d826a2..5191f0430f 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_sdk.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_sdk.yml @@ -8,33 +8,33 @@ on: type: string env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# PROVIDER_VERSION: ${{ inputs.version }} jobs: build_sdk: name: build_sdk - runs-on: #{{ if .Config.runner.buildSdk }}##{{- .Config.runner.buildSdk }}##{{ else }}##{{- .Config.runner.default }}##{{ end }}# + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# strategy: fail-fast: true matrix: language: -#{{ .Config.languages | toYaml | indent 8 }}# +#{{ .Config.Languages | toYaml | indent 8 }}# steps: - #{{- if .Config.freeDiskSpaceBeforeSdkBuild }}# + #{{- if .Config.FreeDiskSpaceBeforeSdkBuild }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Cache examples generation diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/main.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/main.yml index 6d5a9e7da1..1599cb9750 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/main.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/main.yml @@ -1,7 +1,7 @@ # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: prerequisites: uses: ./.github/workflows/prerequisites.yml @@ -32,7 +32,7 @@ jobs: COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }} name: generate_coverage_data needs: prerequisites - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Free Disk Space (Ubuntu) uses: jlumbroso/free-disk-space@v1.3.1 @@ -40,14 +40,14 @@ jobs: tool-cache: false swap-storage: false - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Configure AWS Credentials - uses: #{{ .Config.actionVersions.configureAwsCredentials }}# + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# with: aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} aws-region: us-west-2 @@ -69,7 +69,7 @@ jobs: s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control - #{{ if .Config.lint -}}# + #{{ if .Config.Lint -}}# lint: name: lint uses: ./.github/workflows/lint.yml @@ -90,7 +90,7 @@ jobs: - build_provider - test - license_check - #{{- range $action, $_ := .Config.extraTests }}# + #{{- range $action, $_ := .Config.ExtraTests }}# - #{{ $action }}# #{{- end }}# uses: ./.github/workflows/publish.yml @@ -103,7 +103,7 @@ jobs: tag_release_if_labeled_needs_release: name: Tag release if labeled as needs-release needs: publish - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: check if this commit needs release if: ${{ env.RELEASE_BOT_ENDPOINT != '' }} @@ -126,24 +126,24 @@ jobs: permissions: contents: read id-token: write - runs-on: #{{ if .Config.runner.buildSdk }}##{{- .Config.runner.buildSdk }}##{{ else }}##{{- .Config.runner.default }}##{{ end }}# + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: -#{{- if .Config.freeDiskSpaceBeforeTest }}# + #{{- if .Config.FreeDiskSpaceBeforeTest }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false -#{{- end }}# + #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Setup tools @@ -166,24 +166,24 @@ jobs: run: |- pip3 install virtualenv==20.0.23 pip3 install pipenv - #{{- if .Config.docker }}# + #{{- if .Config.Docker }}# - name: Run docker compose run: docker compose -f testing/docker-compose.yml up --build -d #{{- end }}# - #{{- if .Config.aws }}# + #{{- if .Config.AWS }}# - name: Configure AWS Credentials - uses: #{{ .Config.actionVersions.configureAwsCredentials }}# + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: ${{ env.AWS_REGION }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} role-duration-seconds: 7200 - role-session-name: #{{ .Config.provider }}#@githubActions + role-session-name: #{{ .Config.Provider }}#@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} #{{- end }}# - #{{- if .Config.gcp }}# + #{{- if .Config.GCP }}# - name: Authenticate to Google Cloud - uses: #{{ .Config.actionVersions.googleAuth }}# + uses: #{{ .Config.ActionVersions.GoogleAuth }}# with: service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER @@ -191,27 +191,27 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - name: Setup gcloud auth - uses: #{{ .Config.actionVersions.setupGcloud }}# + uses: #{{ .Config.ActionVersions.SetupGcloud }}# with: install_components: gke-gcloud-auth-plugin #{{- end }}# - #{{- if .Config.gcpRegistry }}# + #{{- if .Config.GCPRegistry }}# - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.sshPrivateKey }}# + #{{- if .Config.SSHPrivateKey }}# - name: Setup SSH key uses: webfactory/ssh-agent@v0.7.0 with: - ssh-private-key: #{{ .Config.sshPrivateKey }}# + ssh-private-key: #{{ .Config.SSHPrivateKey }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# + #{{- if .Config.IntegrationTestProvider }}# - name: Prepare upstream code run: make upstream #{{- end }}# - #{{- if index .Config "setup-script" }}# + #{{- if index .Config.SetupScript }}# - name: Run setup script - run: #{{ index .Config "setup-script" }}# + run: #{{ index .Config.SetupScript }}# #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk @@ -220,10 +220,10 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} version: v2.5.0 -#{{- if .Config.actions.preTest }}# -#{{ .Config.actions.preTest | toYaml | indent 4 }}# +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# +#{{- if .Config.IntegrationTestProvider }}# - name: Run provider tests working-directory: provider run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 @@ -234,22 +234,22 @@ jobs: fail-fast: false matrix: language: -#{{ .Config.languages | toYaml | indent 8 }}# -#{{- if .Config.extraTests }}# -#{{ .Config.extraTests | toYaml | indent 2 }}# +#{{ .Config.Languages | toYaml | indent 8 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# #{{ end }}# -name: #{{ .Config.providerDefaultBranch }}# +name: #{{ .Config.ProviderDefaultBranch }}# on: workflow_dispatch: {} push: branches: - - #{{ .Config.providerDefaultBranch }}# + - #{{ .Config.ProviderDefaultBranch }}# paths-ignore: - "**.md" tags-ignore: - v* - sdk/* - "**" -#{{- if .Config.testMasterAndReleaseWorkflows }}# +#{{- if .Config.TestMasterAndReleaseWorkflows }}# pull_request: #{{ end }}# diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/nightly-test.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/nightly-test.yml index ae9f03c9e2..ecaf9a8c6b 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/nightly-test.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/nightly-test.yml @@ -1,8 +1,8 @@ -#{{ if index .Config "generate-nightly-test-workflow" -}}# +#{{ if index .Config.GenerateNightlyTestWorkflow -}}# # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: prerequisites: uses: ./.github/workflows/prerequisites.yml @@ -35,24 +35,24 @@ jobs: permissions: contents: read id-token: write - runs-on: #{{ if .Config.runner.buildSdk }}##{{- .Config.runner.buildSdk }}##{{ else }}##{{- .Config.runner.default }}##{{ end }}# + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: -#{{- if .Config.freeDiskSpaceBeforeTest }}# +#{{- if .Config.FreeDiskSpaceBeforeTest }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Setup tools @@ -75,13 +75,13 @@ jobs: run: |- pip3 install virtualenv==20.0.23 pip3 install pipenv - #{{- if .Config.docker }}# + #{{- if .Config.Docker }}# - name: Run docker compose run: docker compose -f testing/docker-compose.yml up --build -d #{{- end }}# - #{{- if .Config.aws }}# + #{{- if .Config.AWS }}# - name: Configure AWS Credentials - uses: #{{ .Config.actionVersions.configureAwsCredentials }}# + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: ${{ env.AWS_REGION }} @@ -90,9 +90,9 @@ jobs: role-session-name: #{{ .Config.provider }}#@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} #{{- end }}# - #{{- if .Config.gcp }}# + #{{- if .Config.GCP }}# - name: Authenticate to Google Cloud - uses: #{{ .Config.actionVersions.googleAuth }}# + uses: #{{ .Config.ActionVersions.GoogleAuth }}# with: service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER @@ -100,27 +100,27 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - name: Setup gcloud auth - uses: #{{ .Config.actionVersions.setupGcloud }}# + uses: #{{ .Config.ActionVersions.SetupGcloud }}# with: install_components: gke-gcloud-auth-plugin #{{- end }}# - #{{- if .Config.gcpRegistry }}# + #{{- if .Config.GCPRegistry }}# - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.sshPrivateKey }}# + #{{- if .Config.SSHPrivateKey }}# - name: Setup SSH key uses: webfactory/ssh-agent@v0.7.0 with: - ssh-private-key: #{{ .Config.sshPrivateKey }}# + ssh-private-key: #{{ .Config.SSHPrivateKey }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# + #{{- if .Config.IntegrationTestProvider }}# - name: Prepare upstream code run: make upstream #{{- end }}# - #{{- if index .Config "setup-script" }}# + #{{- if index .Config.SetupScript }}# - name: Run setup script - run: #{{ index .Config "setup-script" }}# + run: #{{ index .Config.SetupScript }}# #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk @@ -129,10 +129,10 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} version: v2.5.0 -#{{- if .Config.actions.preTest }}# -#{{ .Config.actions.preTest | toYaml | indent 4 }}# +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# + #{{- if .Config.IntegrationTestProvider }}# - name: Run provider tests if: matrix.testTarget == 'local' working-directory: provider @@ -144,7 +144,7 @@ jobs: fail-fast: false matrix: language: -#{{ .Config.languages | toYaml | indent 10 }}# +#{{ .Config.Languages | toYaml | indent 10 }}# name: cron on: schedule: diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/prerelease.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/prerelease.yml index 2d5aba254d..7564d14c58 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/prerelease.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/prerelease.yml @@ -2,7 +2,7 @@ env: IS_PRERELEASE: true -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: prerequisites: uses: ./.github/workflows/prerequisites.yml @@ -27,7 +27,7 @@ jobs: with: version: ${{ needs.prerequisites.outputs.version }} - #{{ if .Config.lint -}}# + #{{ if .Config.Lint -}}# lint: name: lint uses: ./.github/workflows/lint.yml @@ -48,7 +48,7 @@ jobs: - build_provider - test - license_check - #{{- range $action, $_ := .Config.extraTests }}# + #{{- range $action, $_ := .Config.ExtraTests }}# - #{{ $action }}# #{{- end }}# uses: ./.github/workflows/publish.yml @@ -65,30 +65,30 @@ jobs: permissions: contents: read id-token: write - runs-on: #{{ if .Config.runner.buildSdk }}##{{- .Config.runner.buildSdk }}##{{ else }}##{{- .Config.runner.default }}##{{ end }}# + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: -#{{- if .Config.freeDiskSpaceBeforeTest }}# +#{{- if .Config.FreeDiskSpaceBeforeTest }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# - name: Download bin uses: ./.github/actions/download-bin - name: Add NuGet source @@ -105,24 +105,24 @@ jobs: run: |- pip3 install virtualenv==20.0.23 pip3 install pipenv - #{{- if .Config.docker }}# + #{{- if .Config.Docker }}# - name: Run docker compose run: docker compose -f testing/docker-compose.yml up --build -d #{{- end }}# - #{{- if .Config.aws }}# + #{{- if .Config.AWS }}# - name: Configure AWS Credentials - uses: #{{ .Config.actionVersions.configureAwsCredentials }}# + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: ${{ env.AWS_REGION }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} role-duration-seconds: 7200 - role-session-name: #{{ .Config.provider }}#@githubActions + role-session-name: #{{ .Config.Provider }}#@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} #{{- end }}# - #{{- if .Config.gcp }}# + #{{- if .Config.GCP }}# - name: Authenticate to Google Cloud - uses: #{{ .Config.actionVersions.googleAuth }}# + uses: #{{ .Config.ActionVersions.GoogleAuth }}# with: service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER @@ -130,27 +130,27 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - name: Setup gcloud auth - uses: #{{ .Config.actionVersions.setupGcloud }}# + uses: #{{ .Config.ActionVersions.SetupGcloud }}# with: install_components: gke-gcloud-auth-plugin #{{- end }}# - #{{- if .Config.gcpRegistry }}# + #{{- if .Config.GCPRegistry }}# - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.sshPrivateKey }}# + #{{- if .Config.SSHPrivateKey }}# - name: Setup SSH key uses: webfactory/ssh-agent@v0.7.0 with: - ssh-private-key: #{{ .Config.sshPrivateKey }}# + ssh-private-key: #{{ .Config.SSHPrivateKey }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# + #{{- if .Config.IntegrationTestProvider }}# - name: Prepare upstream code run: make upstream #{{- end }}# - #{{- if index .Config "setup-script" }}# + #{{- if index .Config.SetupScript }}# - name: Run setup script - run: #{{ index .Config "setup-script" }}# + run: #{{ index .Config.SetupScript }}# #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk @@ -159,10 +159,10 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} version: v2.5.0 -#{{- if .Config.actions.preTest }}# -#{{ .Config.actions.preTest | toYaml | indent 4 }}# +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# + #{{- if .Config.IntegrationTestProvider }}# - name: Run provider tests working-directory: provider run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . @@ -173,9 +173,9 @@ jobs: fail-fast: false matrix: language: -#{{ .Config.languages | toYaml | indent 8 }}# -#{{- if .Config.extraTests }}# -#{{ .Config.extraTests | toYaml | indent 2 }}# +#{{ .Config.Languages | toYaml | indent 8 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# #{{ end }}# name: prerelease @@ -183,6 +183,6 @@ on: push: tags: - v*.*.*-** -#{{- if .Config.testMasterAndReleaseWorkflows }}# +#{{- if .Config.TestMasterAndReleaseWorkflows }}# pull_request: #{{ end }}# diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/prerequisites.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/prerequisites.yml index d8cf644c5e..7133fe35c0 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/prerequisites.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/prerequisites.yml @@ -18,29 +18,29 @@ on: value: ${{ jobs.prerequisites.outputs.version }} env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: prerequisites: name: prerequisites - runs-on: #{{ .Config.runner.prerequisites }}# + runs-on: #{{ .Config.Runner.Prerequisites }}# outputs: version: ${{ steps.provider-version.outputs.version }} steps: -#{{- if .Config.freeDiskSpaceBeforeBuild }}# +#{{- if .Config.FreeDiskSpaceBeforeBuild }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - uses: pulumi/provider-version-action@v1 @@ -59,8 +59,8 @@ jobs: uses: ./.github/actions/setup-tools with: tools: go, pulumictl, pulumicli, schema-tools -#{{- if .Config.actions.preBuild }}# -#{{ .Config.actions.preBuild | toYaml | indent 4 }}# +#{{- if .Config.Actions.PreBuild }}# +#{{ .Config.Actions.PreBuild | toYaml | indent 4 }}# #{{- end }}# - name: Build schema generator binary run: make tfgen_build_only @@ -78,12 +78,12 @@ jobs: EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) { echo "SCHEMA_CHANGES<<$EOF"; - schema-tools compare -r github://api.github.com/#{{ .Config.organization }}# -p #{{ .Config.provider }}# -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-#{{ .Config.provider }}#/schema.json; + schema-tools compare -r github://api.github.com/#{{ .Config.Organization }}# -p #{{ .Config.Provider }}# -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json; echo "$EOF"; } >> "$GITHUB_ENV" - if: inputs.is_pr && inputs.is_automated == false name: Comment on PR with Details of Schema Check - uses: #{{ .Config.actionVersions.prComment }}# + uses: #{{ .Config.ActionVersions.PrComment }}# with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} comment_tag: schemaCheck @@ -93,12 +93,12 @@ jobs: Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes. -#{{- if .Config.enableConfigurationCheck }}# +#{{- if .Config.EnableConfigurationCheck }}# - if: inputs.is_pr name: Check Configuration section run: | sed -n '/## Configuration/,$p' README.md | sed -n '/## Reference/q;p' >> config_section.txt - jq -r '.config | select(.variables) | .variables | keys[]' < provider/cmd/pulumi-resource-#{{ .Config.provider }}#/schema.json >> keys.txt + jq -r '.config | select(.variables) | .variables | keys[]' < provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json >> keys.txt EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) { echo "MISSING_CONFIG<<$EOF"; @@ -123,8 +123,8 @@ jobs: uses: ./.github/actions/upload-bin - name: Upload schema-embed.json - uses: #{{ .Config.actionVersions.uploadArtifact }}# + uses: #{{ .Config.ActionVersions.UploadArtifact }}# with: name: schema-embed.json - path: provider/cmd/pulumi-resource-#{{ .Config.provider }}#/schema-embed.json + path: provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema-embed.json retention-days: 30 diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/publish.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/publish.yml index b63c413a6b..7fb60fb593 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/publish.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/publish.yml @@ -17,12 +17,12 @@ on: env: IS_PRERELEASE: ${{ inputs.isPrerelease }} -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: publish: name: publish - runs-on: #{{ if .Config.runner.publish }}##{{- .Config.runner.publish }}##{{ else }}##{{- .Config.runner.default }}##{{ end }}# + runs-on: #{{ if .Config.Runner.Publish }}##{{- .Config.Runner.Publish }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# steps: - name: Validate prerelease if: inputs.isPrerelease == false && (contains(inputs.version, '-') || contains(inputs.version, '+')) @@ -31,54 +31,54 @@ jobs: if: inputs.skipGoSdk && inputs.isPrerelease == false run: echo "Can't skip Go SDK for stable releases. This is likely a bug in the calling workflow." && exit 1 - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Setup tools uses: ./.github/actions/setup-tools with: tools: pulumictl, pulumicli, go, schema-tools -#{{- if .Config.publish.cdn }}# +#{{- if .Config.Publish.CDN }}# - name: Configure AWS Credentials - uses: #{{ .Config.actionVersions.configureAwsCredentials }}# + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} role-duration-seconds: 7200 role-external-id: upload-pulumi-release - role-session-name: #{{ .Config.provider }}#@githubActions + role-session-name: #{{ .Config.Provider }}#@githubActions role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} #{{- end }}# - name: Create dist directory run: mkdir -p dist - name: Download provider assets - uses: #{{ .Config.actionVersions.downloadArtifact }}# + uses: #{{ .Config.ActionVersions.DownloadArtifact }}# with: - pattern: pulumi-resource-#{{ .Config.provider }}#-v${{ inputs.version }}-* + pattern: pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-* path: dist # Don't create a directory for each artifact merge-multiple: true - name: Calculate checksums working-directory: dist - run: shasum ./*.tar.gz > "pulumi-#{{ .Config.provider }}#_${{ inputs.version }}_checksums.txt" + run: shasum ./*.tar.gz > "pulumi-#{{ .Config.Provider }}#_${{ inputs.version }}_checksums.txt" - name: Get Schema Change Summary id: schema-summary shell: bash run: | # Get latest stable release. Return only first column from result (tag). - LAST_VERSION=$(gh release view --repo #{{ .Config.organization }}#/pulumi-#{{ .Config.provider }}# --json tagName -q .tagName || echo "No stable release" ) + LAST_VERSION=$(gh release view --repo #{{ .Config.Organization }}#/pulumi-#{{ .Config.Provider }}# --json tagName -q .tagName || echo "No stable release" ) { echo 'summary<> "$GITHUB_OUTPUT" -#{{- if .Config.publish.cdn }}# +#{{- if .Config.Publish.CDN }}# - name: Upload Provider Binaries run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive #{{- end }}# @@ -99,24 +99,24 @@ jobs: publish_sdk: name: publish_sdk needs: publish - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# # Persist credentials so we can push back to the repo persist-credentials: true - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# - name: Publish SDKs uses: pulumi/pulumi-package-publisher@v0.0.20 with: - sdk: #{{ .Config.publish.sdk }}# + sdk: #{{ .Config.Publish.SDK }}# version: ${{ inputs.version }} - name: Download Go SDK uses: ./.github/actions/download-sdk @@ -137,13 +137,13 @@ jobs: go/** !*.tar.gz -#{{- if .Config.publishRegistry }}# +#{{- if .Config.PublishRegistry }}# create_docs_build: name: create_docs_build needs: publish_sdk # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped if: inputs.isPrerelease == false - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Dispatch Metadata build uses: peter-evans/repository-dispatch@v3 @@ -154,7 +154,7 @@ jobs: client-payload: |- { "project": "${{ github.repository }}", - "project-shortname": "#{{ .Config.provider }}#", + "project-shortname": "#{{ .Config.Provider }}#", "ref": "${{ github.ref_name }}" } #{{- end }}# @@ -163,15 +163,15 @@ jobs: name: Clean up release labels # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped if: inputs.isPrerelease == false - #{{ if .Config.publishRegistry -}}# + #{{ if .Config.PublishRegistry -}}# needs: create_docs_build #{{ else }}# needs: publish_sdk #{{- end }}# - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: persist-credentials: false - name: Clean up release labels diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/release.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/release.yml index 2329f37357..2482185733 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/release.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/release.yml @@ -5,12 +5,12 @@ on: tags: - v*.*.* - "!v*.*.*-**" -#{{- if .Config.testMasterAndReleaseWorkflows }}# +#{{- if .Config.TestMasterAndReleaseWorkflows }}# pull_request: #{{ end }}# env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: prerequisites: uses: ./.github/workflows/prerequisites.yml @@ -35,7 +35,7 @@ jobs: with: version: ${{ needs.prerequisites.outputs.version }} - #{{ if .Config.lint -}}# + #{{ if .Config.Lint -}}# lint: name: lint uses: ./.github/workflows/lint.yml @@ -57,7 +57,7 @@ jobs: - build_provider - test - license_check - #{{- range $action, $_ := .Config.extraTests }}# + #{{- range $action, $_ := .Config.ExtraTests }}# - #{{ $action }}# #{{- end }}# uses: ./.github/workflows/publish.yml @@ -74,24 +74,24 @@ jobs: permissions: contents: read id-token: write - runs-on: #{{ if .Config.runner.buildSdk }}##{{- .Config.runner.buildSdk }}##{{ else }}##{{- .Config.runner.default }}##{{ end }}# + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: -#{{- if .Config.freeDiskSpaceBeforeTest }}# +#{{- if .Config.FreeDiskSpaceBeforeTest }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Setup tools @@ -114,24 +114,24 @@ jobs: run: |- pip3 install virtualenv==20.0.23 pip3 install pipenv - #{{- if .Config.docker }}# + #{{- if .Config.Docker }}# - name: Run docker compose run: docker compose -f testing/docker-compose.yml up --build -d #{{- end }}# - #{{- if .Config.aws }}# + #{{- if .Config.AWS }}# - name: Configure AWS Credentials - uses: #{{ .Config.actionVersions.configureAwsCredentials }}# + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: ${{ env.AWS_REGION }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} role-duration-seconds: 7200 - role-session-name: #{{ .Config.provider }}#@githubActions + role-session-name: #{{ .Config.Provider }}#@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} #{{- end }}# - #{{- if .Config.gcp }}# + #{{- if .Config.GCP }}# - name: Authenticate to Google Cloud - uses: #{{ .Config.actionVersions.googleAuth }}# + uses: #{{ .Config.ActionVersions.GoogleAuth }}# with: service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER @@ -139,27 +139,27 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - name: Setup gcloud auth - uses: #{{ .Config.actionVersions.setupGcloud }}# + uses: #{{ .Config.ActionVersions.SetupGcloud }}# with: install_components: gke-gcloud-auth-plugin #{{- end }}# - #{{- if .Config.gcpRegistry }}# + #{{- if .Config.GCPRegistry }}# - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.sshPrivateKey }}# + #{{- if .Config.SSHPrivateKey }}# - name: Setup SSH key uses: webfactory/ssh-agent@v0.7.0 with: - ssh-private-key: #{{ .Config.sshPrivateKey }}# + ssh-private-key: #{{ .Config.SSHPrivateKey }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# + #{{- if .Config.IntegrationTestProvider }}# - name: Prepare upstream code run: make upstream #{{- end }}# - #{{- if index .Config "setup-script" }}# + #{{- if index .Config.SetupScript }}# - name: Run setup script - run: #{{ index .Config "setup-script" }}# + run: #{{ index .Config.SetupScript }}# #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk @@ -168,10 +168,10 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} version: v2.5.0 -#{{- if .Config.actions.preTest }}# -#{{ .Config.actions.preTest | toYaml | indent 4 }}# +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# + #{{- if .Config.IntegrationTestProvider }}# - name: Run provider tests working-directory: provider run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . @@ -182,7 +182,7 @@ jobs: fail-fast: false matrix: language: -#{{ .Config.languages | toYaml | indent 8 }}# -#{{- if .Config.extraTests }}# -#{{ .Config.extraTests | toYaml | indent 2 }}# +#{{ .Config.Languages | toYaml | indent 8 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# #{{ end }}# diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/resync-build.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/resync-build.yml index bec52713d5..83fdaf5c62 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/resync-build.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/resync-build.yml @@ -1,24 +1,24 @@ # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt env: - PULUMI_EXTRA_MAPPING_ERROR: #{{ index .Config "fail-on-extra-mapping" }}# - PULUMI_MISSING_MAPPING_ERROR: #{{ index .Config "fail-on-missing-mapping" }}# -#{{ .Config.env | toYaml | indent 2 }}# + PULUMI_EXTRA_MAPPING_ERROR: #{{ .Config.FailOnExtraMapping }}# + PULUMI_MISSING_MAPPING_ERROR: #{{ .Config.FailOnMissingMapping }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: resync_build: name: resync-build - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# # Persist credentials so we can push a new branch. persist-credentials: true - name: Checkout repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: path: ci-mgmt repository: pulumi/ci-mgmt @@ -56,15 +56,15 @@ jobs: uses: peter-evans/create-pull-request@v3.12.0 with: author: pulumi-bot - base: #{{ .Config.providerDefaultBranch }}# + base: #{{ .Config.ProviderDefaultBranch }}# body: This pull request was generated automatically by the resync-build workflow in this repository. branch: pulumi-bot/resync-${{ github.run_id}} - commit-message: Resync build for pulumi-#{{ .Config.provider }}# + commit-message: Resync build for pulumi-#{{ .Config.Provider }}# committer: pulumi-bot labels: impact/no-changelog-required team-reviewers: platform-integrations - title: Fix up build for pulumi-#{{ .Config.provider }}# + title: Fix up build for pulumi-#{{ .Config.Provider }}# token: ${{ secrets.PULUMI_BOT_TOKEN }} name: Resync build on: diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/run-acceptance-tests.yml index f01a25c9c0..fa05977183 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/run-acceptance-tests.yml @@ -12,7 +12,7 @@ on: env: PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# # This should cancel any previous runs of the same workflow on the same branch which are still running. concurrency: @@ -54,7 +54,7 @@ jobs: name: comment-notification permissions: pull-requests: write - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - id: run-url name: Create URL to the run output @@ -66,7 +66,7 @@ jobs: issue-number: ${{ github.event.client_payload.github.payload.issue.number }} repository: ${{ github.event.client_payload.github.payload.repository.full_name }} token: ${{ secrets.GITHUB_TOKEN }} - #{{ if .Config.lint -}}# + #{{ if .Config.Lint -}}# lint: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository @@ -85,13 +85,13 @@ jobs: - test - build_provider - license_check - #{{- if .Config.lint }}# + #{{- if .Config.Lint }}# - lint #{{- end }}# - #{{- range $action, $_ := .Config.extraTests }}# + #{{- range $action, $_ := .Config.ExtraTests }}# - #{{ $action }}# #{{- end }}# - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 with: @@ -115,30 +115,30 @@ jobs: permissions: contents: read id-token: write - runs-on: #{{ if .Config.runner.buildSdk }}##{{- .Config.runner.buildSdk }}##{{ else }}##{{- .Config.runner.default }}##{{ end }}# + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSdk }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: -#{{- if .Config.freeDiskSpaceBeforeTest }}# +#{{- if .Config.FreeDiskSpaceBeforeTest }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: ref: ${{ env.PR_COMMIT_SHA }} - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Checkout p/examples if: matrix.testTarget == 'pulumiExamples' - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: repository: pulumi/examples path: p-examples @@ -162,24 +162,24 @@ jobs: run: |- pip3 install virtualenv==20.0.23 pip3 install pipenv - #{{- if .Config.docker }}# + #{{- if .Config.Docker }}# - name: Run docker compose run: docker compose -f testing/docker-compose.yml up --build -d #{{- end }}# - #{{- if .Config.aws }}# + #{{- if .Config.AWS }}# - name: Configure AWS Credentials - uses: #{{ .Config.actionVersions.configureAwsCredentials }}# + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: ${{ env.AWS_REGION }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} role-duration-seconds: 7200 - role-session-name: #{{ .Config.provider }}#@githubActions + role-session-name: #{{ .Config.Provider }}#@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} #{{- end }}# - #{{- if .Config.gcp }}# + #{{- if .Config.GCP }}# - name: Authenticate to Google Cloud - uses: #{{ .Config.actionVersions.googleAuth }}# + uses: #{{ .Config.ActionVersions.GoogleAuth }}# with: service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER @@ -187,27 +187,27 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - name: Setup gcloud auth - uses: #{{ .Config.actionVersions.setupGcloud }}# + uses: #{{ .Config.ActionVersions.SetupGcloud }}# with: install_components: gke-gcloud-auth-plugin #{{- end }}# - #{{- if .Config.gcpRegistry }}# + #{{- if .Config.GCPRegistry }}# - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.sshPrivateKey }}# + #{{- if .Config.SSHPrivateKey }}# - name: Setup SSH key uses: webfactory/ssh-agent@v0.7.0 with: - ssh-private-key: #{{ .Config.sshPrivateKey }}# + ssh-private-key: #{{ .Config.SSHPrivateKey }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# + #{{- if .Config.IntegrationTestProvider }}# - name: Prepare upstream code run: make upstream #{{- end }}# - #{{- if index .Config "setup-script" }}# + #{{- if index .Config.SetupScript }}# - name: Run setup script - run: #{{ index .Config "setup-script" }}# + run: #{{ index .Config.setupScript }}# #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk @@ -216,10 +216,10 @@ jobs: with: token: ${{ secrets.GITHUB_TOKEN }} version: v2.5.0 -#{{- if .Config.actions.preTest }}# -#{{ .Config.actions.preTest | toYaml | indent 4 }}# +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# #{{- end }}# - #{{- if .Config.integrationTestProvider }}# + #{{- if .Config.IntegrationTestProvider }}# - name: Run provider tests if: matrix.testTarget == 'local' working-directory: provider @@ -235,8 +235,8 @@ jobs: fail-fast: false matrix: language: -#{{ .Config.languages | toYaml | indent 8 }}# - #{{- if .Config.testPulumiExamples }}# +#{{ .Config.Languages | toYaml | indent 8 }}# + #{{- if .Config.TestPulumiExamples }}# testTarget: [local, pulumiExamples] #{{- else }}# testTarget: [local] @@ -245,6 +245,6 @@ jobs: name: License Check uses: ./.github/workflows/license.yml secrets: inherit -#{{- if .Config.extraTests }}# -#{{ .Config.extraTests | toYaml | indent 2 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# #{{ end }}# diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/upgrade-bridge.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/upgrade-bridge.yml index 4071e841e4..a57f276099 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/upgrade-bridge.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/upgrade-bridge.yml @@ -55,31 +55,31 @@ env: jobs: upgrade_provider: name: upgrade-provider - runs-on: #{{ if .Config.runner.buildSdk }}##{{- .Config.runner.buildSdk }}##{{ else }}##{{- .Config.runner.default }}##{{ end }}# + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# steps: - #{{- if .Config.freeDiskSpaceBeforeBuild }}# + #{{- if .Config.FreeDiskSpaceBeforeBuild }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# - name: Call upgrade provider action if: github.event_name == 'workflow_dispatch' - uses: #{{ .Config.actionVersions.upgradeProviderAction }}# + uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# with: kind: ${{ inputs.kind }} email: bot@pulumi.com @@ -87,15 +87,15 @@ jobs: automerge: ${{ inputs.automerge }} target-bridge-version: ${{ inputs.target-bridge-version }} target-pulumi-version: ${{ inputs.target-pulumi-version }} - #{{- if .Config.javaGenVersion }}# - target-java-version: #{{ .Config.javaGenVersion }}# + #{{- if .Config.JavaGenVersion }}# + target-java-version: #{{ .Config.JavaGenVersion }}# #{{- end }}# pr-reviewers: ${{ inputs.pr-reviewers }} pr-description: ${{ inputs.pr-description }} pr-title-prefix: ${{ inputs.pr-title-prefix }} - name: Call upgrade provider action if: github.event_name == 'repository_dispatch' - uses: #{{ .Config.actionVersions.upgradeProviderAction }}# + uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# with: kind: ${{ github.event.client_payload.kind || 'bridge' }} email: bot@pulumi.com diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/upgrade-provider.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/upgrade-provider.yml index 35396c6620..b3fc44ce7c 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/upgrade-provider.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/upgrade-provider.yml @@ -1,4 +1,3 @@ -#{{ if .Config.checkUpstreamUpgrade -}}# # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt name: Upgrade provider @@ -8,7 +7,7 @@ on: version: description: | The version of the upstream provider to upgrade to, without the 'v' prefix - + If no version is specified, it will be inferred from the upstream provider's release tags. required: false type: string @@ -22,29 +21,30 @@ env: jobs: upgrade_provider: name: upgrade-provider - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# + if: #{{ .Config.CheckUpstreamUpgrade }}# steps: - #{{- if .Config.freeDiskSpaceBeforeBuild }}# + #{{- if .Config.FreeDiskSpaceBeforeBuild }}# # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.actionVersions.freeDiskSpace }}# + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# with: tool-cache: false swap-storage: false dotnet: false #{{- end }}# - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# # Persist credentials so upgrade-provider can push a new branch. persist-credentials: true - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# - name: Install upgrade-provider run: go install github.com/pulumi/upgrade-provider@main shell: bash @@ -70,6 +70,5 @@ jobs: - name: Attempt provider upgrade # Only attempt the upgrade if we have a target version if: steps.target_version.outputs.version != '' - run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" #{{ if .Config.javaGenVersion }}#--java-version="#{{ .Config.javaGenVersion }}#"#{{ end }}# + run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" #{{ if .Config.JavaGenVersion }}#--java-version="#{{ .Config.JavaGenVersion }}#"#{{ end }}# shell: bash -#{{ end }}# \ No newline at end of file diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.upgrade-config.yml b/provider-ci/internal/pkg/templates/bridged-provider/.upgrade-config.yml index 974dd6a4f8..177960cf7e 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.upgrade-config.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.upgrade-config.yml @@ -1,16 +1,16 @@ # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt --- -#{{- if (index .Config "upstream-provider-repo") }}# -upstream-provider-name: #{{ index .Config "upstream-provider-repo" }}# +#{{- if .Config.UpstreamProviderRepo }}# +upstream-provider-name: #{{ .Config.UpstreamProviderRepo }}# #{{- else }}# -upstream-provider-name: terraform-provider-#{{ .Config.provider }}# +upstream-provider-name: terraform-provider-#{{ .Config.Provider }}# #{{- end }}# -#{{- if (index .Config "upstreamProviderOrg") }}# -upstream-provider-org: #{{ .Config.upstreamProviderOrg }}# +#{{- if .Config.UpstreamProviderOrg }}# +upstream-provider-org: #{{ .Config.UpstreamProviderOrg }}# #{{- end }}# pulumi-infer-version: true remove-plugins: true -#{{- if (index .Config "javaGenVersion") }}# -javaVersion: "#{{ .Config.javaGenVersion }}#" +#{{- if .Config.JavaGenVersion }}# +javaVersion: "#{{ .Config.JavaGenVersion }}#" #{{- end }}# diff --git a/provider-ci/internal/pkg/templates/bridged-provider/Makefile b/provider-ci/internal/pkg/templates/bridged-provider/Makefile index 70e0ee0290..664d2e9e1b 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/Makefile +++ b/provider-ci/internal/pkg/templates/bridged-provider/Makefile @@ -1,10 +1,10 @@ # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt -PACK := #{{ .Config.provider }}# -ORG := #{{ .Config.organization }}# +PACK := #{{ .Config.Provider }}# +ORG := #{{ .Config.Organization }}# PROJECT := github.com/$(ORG)/pulumi-$(PACK) -#{{- if ge (index .Config "major-version") 2 }}# -PROVIDER_PATH := provider/v#{{ index .Config "major-version" }}# +#{{- if ge .Config.MajorVersion 2 }}# +PROVIDER_PATH := provider/v#{{ .Config.MajorVersion }}# #{{- else }}# PROVIDER_PATH := provider #{{- end }}# @@ -14,12 +14,12 @@ PROVIDER := pulumi-resource-$(PACK) JAVA_GEN := pulumi-java-gen TESTPARALLELISM := 10 WORKING_DIR := $(shell pwd) -#{{- if .Config.goBuildParallelism }}# -PULUMI_PROVIDER_BUILD_PARALLELISM ?= -p #{{ .Config.goBuildParallelism }}# +#{{- if .Config.GoBuildParallelism }}# +PULUMI_PROVIDER_BUILD_PARALLELISM ?= -p #{{ .Config.GoBuildParallelism }}# #{{- else }}# PULUMI_PROVIDER_BUILD_PARALLELISM ?= #{{- end }}# -#{{- if .Config.pulumiConvert }}# +#{{- if .Config.PulumiConvert }}# PULUMI_CONVERT := 1 #{{- else }}# PULUMI_CONVERT := 0 @@ -28,24 +28,24 @@ PULUMI_MISSING_DOCS_ERROR := true # Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable # Local & branch builds will just used this fixed default version unless specified -PROVIDER_VERSION ?= #{{ index .Config "major-version" }}#.0.0-alpha.0+dev +PROVIDER_VERSION ?= #{{ .Config.MajorVersion }}#.0.0-alpha.0+dev # Use this normalised version everywhere rather than the raw input to ensure consistency. VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)") -LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC)#{{if .Config.providerVersion}}# -X #{{ .Config.providerVersion }}#=$(VERSION_GENERIC)#{{end}}# -#{{- if .Config.providerVersion }}# -LDFLAGS_UPSTREAM_VERSION=-X #{{ .Config.providerVersion }}#=v$(VERSION_GENERIC) +LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC)#{{if .Config.ProviderVersion}}# -X #{{ .Config.ProviderVersion }}#=$(VERSION_GENERIC)#{{end}}# +#{{- if .Config.ProviderVersion }}# +LDFLAGS_UPSTREAM_VERSION=-X #{{ .Config.ProviderVersion }}#=v$(VERSION_GENERIC) #{{- else }}# LDFLAGS_UPSTREAM_VERSION= #{{- end }}# -LDFLAGS_EXTRAS=#{{- range (index .Config "extra-ld-flags") }}# #{{ . }}# #{{- end }}# +LDFLAGS_EXTRAS=#{{- range .Config.ExtraLDFlags }}# #{{ . }}# #{{- end }}# LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS) development: install_plugins provider build_sdks install_sdks build: install_plugins provider build_sdks install_sdks -build_sdks: #{{ range .Config.languages }}#build_#{{ . }}# #{{ end }}##{{- if .Config.registryDocs }}#build_registry_docs#{{- end }}# +build_sdks: #{{ range .Config.Languages }}#build_#{{ . }}# #{{ end }}##{{- if .Config.RegistryDocs }}#build_registry_docs#{{- end }}# install_go_sdk: @@ -111,7 +111,7 @@ build_python: upstream ./venv/bin/python -m pip install build==1.2.1 && \ cd ./bin && \ ../venv/bin/python -m build . -#{{- if .Config.registryDocs }}# +#{{- if .Config.RegistryDocs }}# # Run the bridge's registry-docs command to generated the content of the installation docs/ folder at provider repo root build_registry_docs: @@ -125,10 +125,10 @@ cleanup: rm -r $(WORKING_DIR)/bin rm -f provider/cmd/$(PROVIDER)/schema.go -#{{- if .Config.docsCmd }}# +#{{- if .Config.DocsCmd }}# docs: - #{{ .Config.docsCmd }}# + #{{ .Config.DocsCmd }}# #{{- end }}# help: @@ -146,8 +146,8 @@ install_nodejs_sdk: install_plugins: export PULUMI_HOME := $(WORKING_DIR)/.pulumi install_plugins: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) install_plugins: .pulumi/bin/pulumi - #{{- range .Config.plugins }}# - .pulumi/bin/pulumi plugin install #{{ or .kind "resource" }}# #{{ .name }}# #{{ .version }}# + #{{- range .Config.Plugins }}# + .pulumi/bin/pulumi plugin install #{{ or .Kind "resource" }}# #{{ .Name }}# #{{ .Version }}# #{{- end }}# lint_provider: provider @@ -159,7 +159,7 @@ lint_provider.fix: cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml --fix # `make provider_no_deps` builds the provider binary directly, without ensuring that -# `cmd/pulumi-resource-#{{ .Config.provider }}#/schema.json` is valid and up to date. +# `cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json` is valid and up to date. # To create a release ready binary, you should use `make provider`. provider_no_deps: (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)) @@ -176,7 +176,7 @@ test_provider: @echo "" cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) -tfgen: install_plugins upstream#{{ if .Config.docsCmd }}# docs#{{ end }}# tfgen_no_deps +tfgen: install_plugins upstream#{{ if .Config.DocsCmd }}# docs#{{ end }}# tfgen_no_deps tfgen_no_deps: export PULUMI_HOME := $(WORKING_DIR)/.pulumi tfgen_no_deps: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) @@ -218,7 +218,7 @@ ci-mgmt: .ci-mgmt.yaml go run github.com/pulumi/ci-mgmt/provider-ci@master generate \ --name $(ORG)/pulumi-$(PACK) \ --out . \ - --template #{{ .Config.template }}# \ + --template #{{ .Config.Template }}# \ --config $< # Because some codegen depends on the version of the CLI used, we install a local CLI @@ -244,7 +244,7 @@ ci-mgmt: .ci-mgmt.yaml debug_tfgen: dlv --listen=:2345 --headless=true --api-version=2 exec $(WORKING_DIR)/bin/$(TFGEN) -- schema --out provider/cmd/$(PROVIDER) -.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup#{{ if .Config.docsCmd }}# docs#{{end}}# help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test tfgen upstream ci-mgmt test_provider debug_tfgen tfgen_build_only +.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup#{{ if .Config.DocsCmd }}# docs#{{end}}# help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test tfgen upstream ci-mgmt test_provider debug_tfgen tfgen_build_only # Provider cross-platform build & packaging diff --git a/provider-ci/internal/pkg/templates/defaults.config.yaml b/provider-ci/internal/pkg/templates/defaults.config.yaml index ce4c73aed2..fd4b38b97f 100644 --- a/provider-ci/internal/pkg/templates/defaults.config.yaml +++ b/provider-ci/internal/pkg/templates/defaults.config.yaml @@ -44,7 +44,7 @@ lint: true # Currently set in around 17 repos: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22providerDefaultBranch%3A%22&type=code providerDefaultBranch: master -# Sets PULUMI_MISSING_MAPPING_ERROR and PULUMI_EXTRA_MAPPING_ERROR in resync-build +# Sets PULUMI_MISSING_MAPPING_ERROR in resync-build # Used in alicloud only: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22fail-on-missing-mapping%3A%22&type=code fail-on-missing-mapping: true # Not used: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22fail-on-extra-mapping%3A%22&type=code @@ -127,7 +127,8 @@ env: # actions can contain preBuild and preTest additional steps to be spliced into workflows. # The use of these hooks vary - quite a few just build upstream and run provider tests. # Usage: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22actions%3A%22&type=code -actions: {} +actions: + {} # preBuild: # - Your action here # preTest: @@ -188,13 +189,12 @@ registryDocs: false # checkUpstreamUpgrade determines whether we run the upstream upgrade job for bridged providers. # Set to false for providers that cannot be upgraded, e.g. because of archived upstream or a license conflict. checkUpstreamUpgrade: true - # Set a path for each language example to enable the test # releaseVerification: - # nodejs: examples/simple-nodejs - # python: examples/simple-python - # dotnet: examples/simple-dotnet - # go: exampels/simple-go +# nodejs: examples/simple-nodejs +# python: examples/simple-python +# dotnet: examples/simple-dotnet +# go: exampels/simple-go # List of extra flags used in Makefile. # Only used by newrelic: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22extra-ld-flags%22&type=code @@ -245,12 +245,6 @@ checkUpstreamUpgrade: true # Used in 11 providers: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22generate-nightly-test-workflow%3A%22&type=code #generate-nightly-test-workflow: false -# List of objects with `name` and `version` properties for the devbox packages. -# Unused: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22nixpkgs%3A%22&type=code -#nixpkgs: -# - name: foo -# version: 1.2.3 - # Package paths to ignore when running the license check #license: # ignore: diff --git a/provider-ci/internal/pkg/templates/dev-container/devbox.json b/provider-ci/internal/pkg/templates/dev-container/devbox.json index 1d81d0eb7c..07d537a360 100644 --- a/provider-ci/internal/pkg/templates/dev-container/devbox.json +++ b/provider-ci/internal/pkg/templates/dev-container/devbox.json @@ -1,15 +1,12 @@ { "packages": [ - #{{- range .Config.nixpkgs }}# - "#{{ .name }}#@#{{ .version }}#", - #{{- end }}# "yarn@latest", "pulumictl@latest", - "go@#{{ trimAll "x" .Config.toolVersions.go }}#", - "nodejs@#{{ trimAll "x" .Config.toolVersions.nodejs }}#", - "python3@#{{ trimAll "x" .Config.toolVersions.python }}#", - "dotnet-sdk@#{{ trimAll "x" .Config.toolVersions.dotnet }}#", - "gradle_7@#{{ trimAll "x" .Config.toolVersions.gradle }}#", + "go@#{{ trimAll "x" .Config.ToolVersions.Go }}#", + "nodejs@#{{ trimAll "x" .Config.ToolVersions.Nodejs }}#", + "python3@#{{ trimAll "x" .Config.ToolVersions.Python }}#", + "dotnet-sdk@#{{ trimAll "x" .Config.ToolVersions.Dotnet }}#", + "gradle_7@#{{ trimAll "x" .Config.ToolVersions.Gradle }}#", "curl@8" ], "shell": { diff --git a/provider-ci/internal/pkg/templates/provider/.github/actions/download-sdk/action.yml b/provider-ci/internal/pkg/templates/provider/.github/actions/download-sdk/action.yml index 2da0e7ce25..5efd756b84 100644 --- a/provider-ci/internal/pkg/templates/provider/.github/actions/download-sdk/action.yml +++ b/provider-ci/internal/pkg/templates/provider/.github/actions/download-sdk/action.yml @@ -10,7 +10,7 @@ runs: using: "composite" steps: - name: Download ${{ inputs.language }} SDK - uses: #{{ .Config.actionVersions.downloadArtifact }}# + uses: #{{ .Config.ActionVersions.DownloadArtifact }}# with: name: ${{ inputs.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ diff --git a/provider-ci/internal/pkg/templates/provider/.github/actions/setup-tools/action.yml b/provider-ci/internal/pkg/templates/provider/.github/actions/setup-tools/action.yml index 2834b14520..6220433e3e 100644 --- a/provider-ci/internal/pkg/templates/provider/.github/actions/setup-tools/action.yml +++ b/provider-ci/internal/pkg/templates/provider/.github/actions/setup-tools/action.yml @@ -22,7 +22,7 @@ runs: if: inputs.tools == 'all' || contains(inputs.tools, 'go') uses: actions/setup-go@v5 with: - go-version: "#{{ .Config.toolVersions.go }}#" + go-version: "#{{ .Config.ToolVersions.Go }}#" cache-dependency-path: | provider/*.sum upstream/*.sum @@ -39,7 +39,7 @@ runs: if: inputs.tools == 'all' || contains(inputs.tools, 'pulumicli') uses: pulumi/actions@v5 with: - pulumi-version: "#{{ .Config.toolVersions.pulumi }}#" + pulumi-version: "#{{ .Config.ToolVersions.Pulumi }}#" - name: Install Schema Tools if: inputs.tools == 'all' || contains(inputs.tools, 'schema-tools') @@ -51,20 +51,20 @@ runs: if: inputs.tools == 'all' || contains(inputs.tools, 'nodejs') uses: actions/setup-node@v4 with: - node-version: #{{ .Config.toolVersions.nodejs }}# + node-version: #{{ .Config.ToolVersions.Nodejs }}# registry-url: https://registry.npmjs.org - name: Setup DotNet if: inputs.tools == 'all' || contains(inputs.tools, 'dotnet') uses: actions/setup-dotnet@v4 with: - dotnet-version: #{{ .Config.toolVersions.dotnet }}# + dotnet-version: #{{ .Config.ToolVersions.Dotnet }}# - name: Setup Python if: inputs.tools == 'all' || contains(inputs.tools, 'python') uses: actions/setup-python@v5 with: - python-version: #{{ .Config.toolVersions.python }}# + python-version: #{{ .Config.ToolVersions.Python }}# - name: Setup Java if: inputs.tools == 'all' || contains(inputs.tools, 'java') @@ -72,10 +72,10 @@ runs: with: cache: gradle distribution: temurin - java-version: #{{ .Config.toolVersions.java }}# + java-version: #{{ .Config.ToolVersions.Java }}# - name: Setup Gradle if: inputs.tools == 'all' || contains(inputs.tools, 'java') uses: gradle/gradle-build-action@v3 with: - gradle-version: #{{ .Config.toolVersions.gradle }}# + gradle-version: #{{ .Config.ToolVersions.Gradle }}# diff --git a/provider-ci/internal/pkg/templates/provider/.github/actions/upload-sdk/action.yml b/provider-ci/internal/pkg/templates/provider/.github/actions/upload-sdk/action.yml index cf3e05644b..e3299d2df3 100644 --- a/provider-ci/internal/pkg/templates/provider/.github/actions/upload-sdk/action.yml +++ b/provider-ci/internal/pkg/templates/provider/.github/actions/upload-sdk/action.yml @@ -13,7 +13,7 @@ runs: shell: bash run: tar -zcf sdk/${{ inputs.language }}.tar.gz -C sdk/${{ inputs.language }} . - name: Upload artifacts - uses: #{{ .Config.actionVersions.uploadArtifact }}# + uses: #{{ .Config.ActionVersions.UploadArtifact }}# with: name: ${{ inputs.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ inputs.language }}.tar.gz diff --git a/provider-ci/internal/pkg/templates/provider/.github/workflows/license.yml b/provider-ci/internal/pkg/templates/provider/.github/workflows/license.yml index 3cd459eef5..834443f885 100644 --- a/provider-ci/internal/pkg/templates/provider/.github/workflows/license.yml +++ b/provider-ci/internal/pkg/templates/provider/.github/workflows/license.yml @@ -7,15 +7,15 @@ on: inputs: {} env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: license_check: name: License Check - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: persist-credentials: false - name: Setup tools @@ -27,7 +27,7 @@ jobs: with: module-path: provider ignore-modules: >- - #{{ range $ignore := .Config.license.ignore }}# + #{{ range $ignore := .Config.License.Ignore }}# #{{- $ignore -}}#, #{{ end -}}# github.com/aead/chacha20, diff --git a/provider-ci/internal/pkg/templates/provider/.github/workflows/lint.yml b/provider-ci/internal/pkg/templates/provider/.github/workflows/lint.yml index efa1802636..bb2edba7bf 100644 --- a/provider-ci/internal/pkg/templates/provider/.github/workflows/lint.yml +++ b/provider-ci/internal/pkg/templates/provider/.github/workflows/lint.yml @@ -7,18 +7,18 @@ on: inputs: {} env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: lint: name: lint - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Install go diff --git a/provider-ci/internal/pkg/templates/provider/.github/workflows/pull-request.yml b/provider-ci/internal/pkg/templates/provider/.github/workflows/pull-request.yml index 753769ba0f..591ea4e158 100644 --- a/provider-ci/internal/pkg/templates/provider/.github/workflows/pull-request.yml +++ b/provider-ci/internal/pkg/templates/provider/.github/workflows/pull-request.yml @@ -1,22 +1,22 @@ # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: comment-on-pr: if: github.event.pull_request.head.repo.full_name != github.repository name: comment-on-pr - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - name: Comment PR - uses: #{{ .Config.actionVersions.prComment }}# + uses: #{{ .Config.ActionVersions.PrComment }}# with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} message: > diff --git a/provider-ci/internal/pkg/templates/provider/.github/workflows/verify-release.yml b/provider-ci/internal/pkg/templates/provider/.github/workflows/verify-release.yml index 1d84855c12..b9f370c4ac 100644 --- a/provider-ci/internal/pkg/templates/provider/.github/workflows/verify-release.yml +++ b/provider-ci/internal/pkg/templates/provider/.github/workflows/verify-release.yml @@ -34,12 +34,12 @@ on: default: false env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: verify-release: name: verify-release -#{{- if not .Config.releaseVerification }}# +#{{- if not .Config.ReleaseVerification }}# # We don't have any release verification configurations, so we never run this workflow. # Configure your .ci-mgmt.yaml files to include the release verification configurations e.g. # releaseVerification: @@ -51,7 +51,7 @@ jobs: #{{- end }}# strategy: matrix: -#{{- if .Config.releaseVerification }}# +#{{- if .Config.ReleaseVerification }}# # We always run on Linux and Windows, and optionally on MacOS. This is because MacOS runners have limited availability. # Expression expands to ["ubuntu-latest","windows-latest"] or ["ubuntu-latest","windows-latest","macos-latest"] # GitHub expressions don't have 'if' statements, so we use a ternary operator to conditionally include the MacOS runner suffix. @@ -64,47 +64,49 @@ jobs: runs-on: ${{ matrix.runner }} steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: persist-credentials: false - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumicli, #{{ range $index, $element := .Config.languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# -#{{- if .Config.releaseVerification.nodejs }}# + tools: pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# +#{{- if .Config.ReleaseVerification }}# +#{{- if .Config.ReleaseVerification.Nodejs }}# - name: Verify nodejs release uses: pulumi/verify-provider-release@v1 with: runtime: nodejs - directory: #{{ .Config.releaseVerification.nodejs }}# - provider: #{{ .Config.provider }}# + directory: #{{ .Config.ReleaseVerification.Nodejs }}# + provider: #{{ .Config.Provider }}# providerVersion: ${{ inputs.providerVersion }} #{{- end }}# -#{{- if .Config.releaseVerification.python }}# +#{{- if .Config.ReleaseVerification.Python }}# - name: Verify python release uses: pulumi/verify-provider-release@v1 with: runtime: python - directory: #{{ .Config.releaseVerification.python }}# - provider: #{{ .Config.provider }}# + directory: #{{ .Config.ReleaseVerification.Python }}# + provider: #{{ .Config.Provider }}# providerVersion: ${{ inputs.providerVersion }} #{{- end }}# -#{{- if .Config.releaseVerification.dotnet }}# +#{{- if .Config.ReleaseVerification.Dotnet }}# - name: Verify dotnet release uses: pulumi/verify-provider-release@v1 with: runtime: dotnet - directory: #{{ .Config.releaseVerification.dotnet }}# - provider: #{{ .Config.provider }}# + directory: #{{ .Config.ReleaseVerification.Dotnet }}# + provider: #{{ .Config.Provider }}# providerVersion: ${{ inputs.providerVersion }} #{{- end }}# -#{{- if .Config.releaseVerification.go }}# +#{{- if .Config.ReleaseVerification.Go }}# - name: Verify go release uses: pulumi/verify-provider-release@v1 if: inputs.skipGoSdk == false with: runtime: go - directory: #{{ .Config.releaseVerification.go }}# - provider: #{{ .Config.provider }}# + directory: #{{ .Config.ReleaseVerification.Go }}# + provider: #{{ .Config.Provider }}# providerVersion: ${{ inputs.providerVersion }} #{{- end }}# +#{{- end }}# diff --git a/provider-ci/internal/pkg/templates/provider/.golangci.yml b/provider-ci/internal/pkg/templates/provider/.golangci.yml index 2fd52de8b4..b615b2f52c 100644 --- a/provider-ci/internal/pkg/templates/provider/.golangci.yml +++ b/provider-ci/internal/pkg/templates/provider/.golangci.yml @@ -31,5 +31,5 @@ linters-settings: - blank # Blank section: contains all blank imports. - default # Default section: contains all imports that could not be matched to another section type. - prefix(github.com/pulumi/) # Custom section: groups all imports with the github.com/pulumi/ prefix. - - prefix(github.com/#{{ .Config.organization }}#/pulumi-#{{ .Config.provider }}#) # Custom section: local imports + - prefix(github.com/#{{ .Config.Organization }}#/pulumi-#{{ .Config.Provider }}#) # Custom section: local imports custom-order: true diff --git a/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/command-dispatch.yml b/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/command-dispatch.yml index cdb6b197ce..5ec02778a4 100644 --- a/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/command-dispatch.yml +++ b/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/command-dispatch.yml @@ -1,17 +1,17 @@ # WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt env: -#{{ .Config.env | toYaml | indent 2 }}# +#{{ .Config.Env | toYaml | indent 2 }}# jobs: command-dispatch-for-testing: name: command-dispatch-for-testing - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - uses: peter-evans/slash-command-dispatch@v4 diff --git a/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/community-moderation.yml b/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/community-moderation.yml index f6d25b9a40..64bfdddbaf 100644 --- a/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/community-moderation.yml +++ b/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/community-moderation.yml @@ -5,30 +5,30 @@ env: jobs: warn_codegen: name: warn_codegen - runs-on: #{{ .Config.runner.default }}# + runs-on: #{{ .Config.Runner.Default }}# steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: - #{{- if .Config.checkoutSubmodules }}# - submodules: #{{ .Config.checkoutSubmodules }}# + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - id: schema_changed name: Check for diff in schema - uses: #{{ .Config.actionVersions.pathsFilter }}# + uses: #{{ .Config.ActionVersions.PathsFilter }}# with: filters: "changed: 'provider/cmd/**/schema.json'" - id: sdk_changed if: steps.schema_changed.outputs.changed == 'false' name: Check for diff in sdk/** - uses: #{{ .Config.actionVersions.pathsFilter }}# + uses: #{{ .Config.ActionVersions.PathsFilter }}# with: filters: "changed: 'sdk/**'" - if: steps.sdk_changed.outputs.changed == 'true' && github.event.pull_request.head.repo.full_name != github.repository name: Send codegen warning as comment on PR - uses: #{{ .Config.actionVersions.prComment }}# + uses: #{{ .Config.ActionVersions.PrComment }}# with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} message: > @@ -43,6 +43,6 @@ name: warn-codegen on: pull_request_target: branches: - - #{{ .Config.providerDefaultBranch }}# + - #{{ .Config.ProviderDefaultBranch }}# types: - opened diff --git a/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/release_command.yml b/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/release_command.yml index 95b4d185c6..8cef9103e5 100644 --- a/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/release_command.yml +++ b/provider-ci/internal/pkg/templates/pulumi-provider/.github/workflows/release_command.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: #{{ .Config.actionVersions.checkout }}# + uses: #{{ .Config.ActionVersions.Checkout }}# with: persist-credentials: false - name: Should release PR diff --git a/provider-ci/test-providers/acme/.ci-mgmt.yaml b/provider-ci/test-providers/acme/.ci-mgmt.yaml index ad389d4d29..b424c12433 100644 --- a/provider-ci/test-providers/acme/.ci-mgmt.yaml +++ b/provider-ci/test-providers/acme/.ci-mgmt.yaml @@ -5,7 +5,6 @@ major-version: 0 providerDefaultBranch: main upstreamProviderOrg: vancluever publishRegistry: false -enableAutoRelease: false languages: - dotnet - go diff --git a/provider-ci/test-providers/acme/.github/workflows/upgrade-provider.yml b/provider-ci/test-providers/acme/.github/workflows/upgrade-provider.yml index c69a219c43..a4bdf4d5d0 100644 --- a/provider-ci/test-providers/acme/.github/workflows/upgrade-provider.yml +++ b/provider-ci/test-providers/acme/.github/workflows/upgrade-provider.yml @@ -7,7 +7,7 @@ on: version: description: | The version of the upstream provider to upgrade to, without the 'v' prefix - + If no version is specified, it will be inferred from the upstream provider's release tags. required: false type: string @@ -22,6 +22,7 @@ jobs: upgrade_provider: name: upgrade-provider runs-on: ubuntu-latest + if: true steps: - name: Checkout Repo uses: actions/checkout@v4 diff --git a/provider-ci/test-providers/aws/.github/workflows/build_sdk.yml b/provider-ci/test-providers/aws/.github/workflows/build_sdk.yml index 40b8f0e3a2..b8020bb8b2 100644 --- a/provider-ci/test-providers/aws/.github/workflows/build_sdk.yml +++ b/provider-ci/test-providers/aws/.github/workflows/build_sdk.yml @@ -20,7 +20,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/command-dispatch.yml b/provider-ci/test-providers/aws/.github/workflows/command-dispatch.yml index 96e2d1a7bd..c4842e14e8 100644 --- a/provider-ci/test-providers/aws/.github/workflows/command-dispatch.yml +++ b/provider-ci/test-providers/aws/.github/workflows/command-dispatch.yml @@ -13,7 +13,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/license.yml b/provider-ci/test-providers/aws/.github/workflows/license.yml index f318695d7e..25b7ca9c9d 100644 --- a/provider-ci/test-providers/aws/.github/workflows/license.yml +++ b/provider-ci/test-providers/aws/.github/workflows/license.yml @@ -19,7 +19,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/lint.yml b/provider-ci/test-providers/aws/.github/workflows/lint.yml index 3bb14f160e..9795683bb9 100644 --- a/provider-ci/test-providers/aws/.github/workflows/lint.yml +++ b/provider-ci/test-providers/aws/.github/workflows/lint.yml @@ -19,7 +19,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/master.yml b/provider-ci/test-providers/aws/.github/workflows/master.yml index 8a373012e4..351a36665e 100644 --- a/provider-ci/test-providers/aws/.github/workflows/master.yml +++ b/provider-ci/test-providers/aws/.github/workflows/master.yml @@ -13,7 +13,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/nightly-test.yml b/provider-ci/test-providers/aws/.github/workflows/nightly-test.yml index a424e335fd..cb1ee68f9e 100644 --- a/provider-ci/test-providers/aws/.github/workflows/nightly-test.yml +++ b/provider-ci/test-providers/aws/.github/workflows/nightly-test.yml @@ -13,7 +13,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/prerelease.yml b/provider-ci/test-providers/aws/.github/workflows/prerelease.yml index b332e1f846..2aaf8720c6 100644 --- a/provider-ci/test-providers/aws/.github/workflows/prerelease.yml +++ b/provider-ci/test-providers/aws/.github/workflows/prerelease.yml @@ -14,7 +14,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/prerequisites.yml b/provider-ci/test-providers/aws/.github/workflows/prerequisites.yml index 4d5745564b..d626c0534d 100644 --- a/provider-ci/test-providers/aws/.github/workflows/prerequisites.yml +++ b/provider-ci/test-providers/aws/.github/workflows/prerequisites.yml @@ -30,7 +30,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/publish.yml b/provider-ci/test-providers/aws/.github/workflows/publish.yml index 1ceebb9469..01d54beb57 100644 --- a/provider-ci/test-providers/aws/.github/workflows/publish.yml +++ b/provider-ci/test-providers/aws/.github/workflows/publish.yml @@ -29,7 +29,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/pull-request.yml b/provider-ci/test-providers/aws/.github/workflows/pull-request.yml index 5bab426867..c66cb8b850 100644 --- a/provider-ci/test-providers/aws/.github/workflows/pull-request.yml +++ b/provider-ci/test-providers/aws/.github/workflows/pull-request.yml @@ -13,7 +13,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/release.yml b/provider-ci/test-providers/aws/.github/workflows/release.yml index 95c53595f3..8455589053 100644 --- a/provider-ci/test-providers/aws/.github/workflows/release.yml +++ b/provider-ci/test-providers/aws/.github/workflows/release.yml @@ -19,7 +19,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/resync-build.yml b/provider-ci/test-providers/aws/.github/workflows/resync-build.yml index 11f10eb67b..ee27886022 100644 --- a/provider-ci/test-providers/aws/.github/workflows/resync-build.yml +++ b/provider-ci/test-providers/aws/.github/workflows/resync-build.yml @@ -15,7 +15,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/run-acceptance-tests.yml b/provider-ci/test-providers/aws/.github/workflows/run-acceptance-tests.yml index 7055f99ae4..3d62e924c5 100644 --- a/provider-ci/test-providers/aws/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/test-providers/aws/.github/workflows/run-acceptance-tests.yml @@ -24,7 +24,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/aws/.github/workflows/upgrade-provider.yml b/provider-ci/test-providers/aws/.github/workflows/upgrade-provider.yml index 0ad95f5a0a..90c15db692 100644 --- a/provider-ci/test-providers/aws/.github/workflows/upgrade-provider.yml +++ b/provider-ci/test-providers/aws/.github/workflows/upgrade-provider.yml @@ -7,7 +7,7 @@ on: version: description: | The version of the upstream provider to upgrade to, without the 'v' prefix - + If no version is specified, it will be inferred from the upstream provider's release tags. required: false type: string @@ -22,6 +22,7 @@ jobs: upgrade_provider: name: upgrade-provider runs-on: ubuntu-latest + if: true steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) diff --git a/provider-ci/test-providers/aws/.github/workflows/verify-release.yml b/provider-ci/test-providers/aws/.github/workflows/verify-release.yml index 3c4eeccaf8..8f1ff83558 100644 --- a/provider-ci/test-providers/aws/.github/workflows/verify-release.yml +++ b/provider-ci/test-providers/aws/.github/workflows/verify-release.yml @@ -46,7 +46,7 @@ env: PULUMI_API: https://api.pulumi-staging.io PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget - PULUMI_MISSING_DOCS_ERROR: true + PULUMI_MISSING_DOCS_ERROR: "true" PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} PYPI_USERNAME: __token__ SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} diff --git a/provider-ci/test-providers/cloudflare/.github/workflows/upgrade-provider.yml b/provider-ci/test-providers/cloudflare/.github/workflows/upgrade-provider.yml new file mode 100644 index 0000000000..63a5385b59 --- /dev/null +++ b/provider-ci/test-providers/cloudflare/.github/workflows/upgrade-provider.yml @@ -0,0 +1,62 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: Upgrade provider +on: + workflow_dispatch: + inputs: + version: + description: | + The version of the upstream provider to upgrade to, without the 'v' prefix + + If no version is specified, it will be inferred from the upstream provider's release tags. + required: false + type: string + schedule: + # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. + - cron: 0 3 * * * + +env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + upgrade_provider: + name: upgrade-provider + runs-on: ubuntu-latest + if: false + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + # Persist credentials so upgrade-provider can push a new branch. + persist-credentials: true + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java + - name: Install upgrade-provider + run: go install github.com/pulumi/upgrade-provider@main + shell: bash + - name: "Set up git identity" + run: | + git config --global user.name 'bot@pulumi.com' + git config --global user.email 'bot@pulumi.com' + shell: bash + - name: Create issues for new upstream version + if: inputs.version == '' + id: upstream_version + # This step outputs `latest_version` if there is a pending upgrade + run: upgrade-provider "$REPO" --kind=check-upstream-version + env: + REPO: ${{ github.repository }} + shell: bash + - name: Calculate target version + id: target_version + # Prefer the manually specified version if it exists + # upstream_version will be empty if the provider is up-to-date + run: echo "version=${{ github.event.inputs.version || steps.upstream_version.outputs.latest_version }}" >> "$GITHUB_OUTPUT" + shell: bash + - name: Attempt provider upgrade + # Only attempt the upgrade if we have a target version + if: steps.target_version.outputs.version != '' + run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" + shell: bash diff --git a/provider-ci/test-providers/docker/.github/workflows/build_sdk.yml b/provider-ci/test-providers/docker/.github/workflows/build_sdk.yml index 8bdc9f0797..7bb00d3c79 100644 --- a/provider-ci/test-providers/docker/.github/workflows/build_sdk.yml +++ b/provider-ci/test-providers/docker/.github/workflows/build_sdk.yml @@ -21,7 +21,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/command-dispatch.yml b/provider-ci/test-providers/docker/.github/workflows/command-dispatch.yml index 9b68cdaaf1..8a8f10e376 100644 --- a/provider-ci/test-providers/docker/.github/workflows/command-dispatch.yml +++ b/provider-ci/test-providers/docker/.github/workflows/command-dispatch.yml @@ -14,7 +14,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/license.yml b/provider-ci/test-providers/docker/.github/workflows/license.yml index 79e2055c32..e64df22e97 100644 --- a/provider-ci/test-providers/docker/.github/workflows/license.yml +++ b/provider-ci/test-providers/docker/.github/workflows/license.yml @@ -20,7 +20,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/lint.yml b/provider-ci/test-providers/docker/.github/workflows/lint.yml index ae2e8815a2..fd1a4e9a4a 100644 --- a/provider-ci/test-providers/docker/.github/workflows/lint.yml +++ b/provider-ci/test-providers/docker/.github/workflows/lint.yml @@ -20,7 +20,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/master.yml b/provider-ci/test-providers/docker/.github/workflows/master.yml index 64de7e8195..99549f80df 100644 --- a/provider-ci/test-providers/docker/.github/workflows/master.yml +++ b/provider-ci/test-providers/docker/.github/workflows/master.yml @@ -14,7 +14,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/prerelease.yml b/provider-ci/test-providers/docker/.github/workflows/prerelease.yml index aad3a563c3..929475dda0 100644 --- a/provider-ci/test-providers/docker/.github/workflows/prerelease.yml +++ b/provider-ci/test-providers/docker/.github/workflows/prerelease.yml @@ -15,7 +15,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/prerequisites.yml b/provider-ci/test-providers/docker/.github/workflows/prerequisites.yml index b4527a4f10..fe98f3366e 100644 --- a/provider-ci/test-providers/docker/.github/workflows/prerequisites.yml +++ b/provider-ci/test-providers/docker/.github/workflows/prerequisites.yml @@ -31,7 +31,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/publish.yml b/provider-ci/test-providers/docker/.github/workflows/publish.yml index 812ece1cda..b188becffe 100644 --- a/provider-ci/test-providers/docker/.github/workflows/publish.yml +++ b/provider-ci/test-providers/docker/.github/workflows/publish.yml @@ -30,7 +30,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/pull-request.yml b/provider-ci/test-providers/docker/.github/workflows/pull-request.yml index faac179a98..35287b1a06 100644 --- a/provider-ci/test-providers/docker/.github/workflows/pull-request.yml +++ b/provider-ci/test-providers/docker/.github/workflows/pull-request.yml @@ -14,7 +14,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/release.yml b/provider-ci/test-providers/docker/.github/workflows/release.yml index 4a56b7b8d2..7a27be7917 100644 --- a/provider-ci/test-providers/docker/.github/workflows/release.yml +++ b/provider-ci/test-providers/docker/.github/workflows/release.yml @@ -20,7 +20,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/resync-build.yml b/provider-ci/test-providers/docker/.github/workflows/resync-build.yml index 99d38561bf..7dbcbe2a69 100644 --- a/provider-ci/test-providers/docker/.github/workflows/resync-build.yml +++ b/provider-ci/test-providers/docker/.github/workflows/resync-build.yml @@ -16,7 +16,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/run-acceptance-tests.yml b/provider-ci/test-providers/docker/.github/workflows/run-acceptance-tests.yml index a04ee60ba7..f9b5991aab 100644 --- a/provider-ci/test-providers/docker/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/test-providers/docker/.github/workflows/run-acceptance-tests.yml @@ -25,7 +25,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} diff --git a/provider-ci/test-providers/docker/.github/workflows/upgrade-provider.yml b/provider-ci/test-providers/docker/.github/workflows/upgrade-provider.yml index 22386fa729..6f3c1f7359 100644 --- a/provider-ci/test-providers/docker/.github/workflows/upgrade-provider.yml +++ b/provider-ci/test-providers/docker/.github/workflows/upgrade-provider.yml @@ -7,7 +7,7 @@ on: version: description: | The version of the upstream provider to upgrade to, without the 'v' prefix - + If no version is specified, it will be inferred from the upstream provider's release tags. required: false type: string @@ -22,6 +22,7 @@ jobs: upgrade_provider: name: upgrade-provider runs-on: ubuntu-latest + if: true steps: - name: Checkout Repo uses: actions/checkout@v4 diff --git a/provider-ci/test-providers/docker/.github/workflows/verify-release.yml b/provider-ci/test-providers/docker/.github/workflows/verify-release.yml index c256de52a4..50b6ab09bd 100644 --- a/provider-ci/test-providers/docker/.github/workflows/verify-release.yml +++ b/provider-ci/test-providers/docker/.github/workflows/verify-release.yml @@ -47,7 +47,7 @@ env: GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 + GOOGLE_PROJECT_NUMBER: "895284651812" GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} From 4a67c52820918c7bab329ae15d6b54dd2339ecf0 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 4 Nov 2024 16:30:36 -0800 Subject: [PATCH 02/14] Regenerate test providers --- provider-ci/test-providers/aws/.ci-mgmt.yaml | 2 +- provider-ci/test-providers/cloudflare/.ci-mgmt.yaml | 4 ++-- provider-ci/test-providers/docker/.ci-mgmt.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/provider-ci/test-providers/aws/.ci-mgmt.yaml b/provider-ci/test-providers/aws/.ci-mgmt.yaml index e01f2b2c6b..721dbc72fc 100644 --- a/provider-ci/test-providers/aws/.ci-mgmt.yaml +++ b/provider-ci/test-providers/aws/.ci-mgmt.yaml @@ -9,7 +9,7 @@ env: PULUMI_MISSING_DOCS_ERROR: true AWS_REGION: "us-west-2" OIDC_ROLE_ARN: ${{ secrets.OIDC_ROLE_ARN }} -makeTemplate: bridged +template: bridged-provider checkoutSubmodules: true freeDiskSpaceBeforeBuild: true freeDiskSpaceBeforeSdkBuild: true diff --git a/provider-ci/test-providers/cloudflare/.ci-mgmt.yaml b/provider-ci/test-providers/cloudflare/.ci-mgmt.yaml index fb835017ac..e9ffab7af9 100644 --- a/provider-ci/test-providers/cloudflare/.ci-mgmt.yaml +++ b/provider-ci/test-providers/cloudflare/.ci-mgmt.yaml @@ -1,6 +1,6 @@ provider: cloudflare major-version: 5 -makeTemplate: bridged +template: bridged-provider plugins: - name: terraform version: "1.0.16" @@ -26,4 +26,4 @@ actions: cd provider && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt pulumiConvert: 1 registryDocs: true -checkUpstreamUpgrade: false \ No newline at end of file +checkUpstreamUpgrade: false diff --git a/provider-ci/test-providers/docker/.ci-mgmt.yaml b/provider-ci/test-providers/docker/.ci-mgmt.yaml index 2e63c3ec17..9bdce900cb 100644 --- a/provider-ci/test-providers/docker/.ci-mgmt.yaml +++ b/provider-ci/test-providers/docker/.ci-mgmt.yaml @@ -20,7 +20,7 @@ env: GOOGLE_REGION: us-central1 GOOGLE_ZONE: us-central1-a DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }} -makeTemplate: bridged +template: bridged-provider docsCmd: "cd provider/pkg/docs-gen/examples/ && go run generate.go ./yaml ./" hybrid: true plugins: From 19f4c07e9a37b1bbdc66c31d134f3226e7d89c08 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Tue, 5 Nov 2024 09:42:14 -0800 Subject: [PATCH 03/14] Move COC to pulumi-provider --- .../{bridged-provider => pulumi-provider}/CODE-OF-CONDUCT.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename provider-ci/internal/pkg/templates/{bridged-provider => pulumi-provider}/CODE-OF-CONDUCT.md (100%) diff --git a/provider-ci/internal/pkg/templates/bridged-provider/CODE-OF-CONDUCT.md b/provider-ci/internal/pkg/templates/pulumi-provider/CODE-OF-CONDUCT.md similarity index 100% rename from provider-ci/internal/pkg/templates/bridged-provider/CODE-OF-CONDUCT.md rename to provider-ci/internal/pkg/templates/pulumi-provider/CODE-OF-CONDUCT.md From 53c1c9658646490f1f627095d245a25db6457775 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Tue, 5 Nov 2024 11:56:40 -0800 Subject: [PATCH 04/14] Add a generic template derived from bridged-provider --- .../.github/actions/download-bin/action.yml | 16 ++ .../.github/actions/upload-bin/action.yml | 15 ++ .../.github/workflows/build_provider.yml | 70 +++++ .../generic/.github/workflows/build_sdk.yml | 70 +++++ .../generic/.github/workflows/main.yml | 255 ++++++++++++++++++ .../.github/workflows/nightly-test.yml | 152 +++++++++++ .../generic/.github/workflows/prerelease.yml | 188 +++++++++++++ .../.github/workflows/prerequisites.yml | 130 +++++++++ .../generic/.github/workflows/publish.yml | 195 ++++++++++++++ .../generic/.github/workflows/release.yml | 188 +++++++++++++ .../.github/workflows/resync-build.yml | 77 ++++++ .../workflows/run-acceptance-tests.yml | 250 +++++++++++++++++ .../.github/workflows/upgrade-bridge.yml | 108 ++++++++ .../.github/workflows/upgrade-provider.yml | 74 +++++ .../pkg/templates/generic/.mk/defaults.mk | 234 ++++++++++++++++ .../pkg/templates/generic/.mk/vars.mk | 47 ++++ 16 files changed, 2069 insertions(+) create mode 100644 provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/build_sdk.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/publish.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.mk/defaults.mk create mode 100644 provider-ci/internal/pkg/templates/generic/.mk/vars.mk diff --git a/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml b/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml new file mode 100644 index 0000000000..f925c04369 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml @@ -0,0 +1,16 @@ +name: Download binary assets +description: Downloads the provider and tfgen binaries to `bin/`. + +runs: + using: "composite" + steps: + - name: Download provider + tfgen binaries + uses: #{{ .Config.ActionVersions.DownloadArtifact }}# + with: + name: #{{ .Config.Provider }}#-provider.tar.gz + path: ${{ github.workspace }}/bin + - name: Untar provider binaries + shell: bash + run: | + tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace}}/bin + find ${{ github.workspace }} -name "pulumi-*-#{{ .Config.Provider }}#" -print -exec chmod +x {} \; diff --git a/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml b/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml new file mode 100644 index 0000000000..0eb4de272c --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml @@ -0,0 +1,15 @@ +name: Upload bin assets +description: Uploads the provider and tfgen binaries to `bin/`. + +runs: + using: "composite" + steps: + - name: Tar provider binaries + shell: bash + run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-#{{ .Config.Provider }}# pulumi-tfgen-#{{ .Config.Provider }}# + - name: Upload artifacts + uses: #{{ .Config.ActionVersions.UploadArtifact }}# + with: + name: #{{ .Config.Provider }}#-provider.tar.gz + path: ${{ github.workspace }}/bin/provider.tar.gz + retention-days: 30 diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml new file mode 100644 index 0000000000..b02e5ceec2 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml @@ -0,0 +1,70 @@ +name: "Build Provider" + +on: + workflow_call: + inputs: + version: + required: true + type: string + description: Version of the provider to build + +jobs: + build_provider: + name: Build ${{ matrix.platform.os }}-${{ matrix.platform.arch }} + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ inputs.version }} + strategy: + fail-fast: true + matrix: + platform: + - os: linux + arch: amd64 + - os: linux + arch: arm64 + - os: darwin + arch: amd64 + - os: darwin + arch: arm64 + - os: windows + arch: amd64 + steps: + #{{- if .Config.FreeDiskSpaceBeforeBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, go + - name: Download schema-embed.json + uses: #{{ .Config.ActionVersions.DownloadArtifact }}# + with: + # Use a pattern to avoid failing if the artifact doesn't exist + pattern: schema-embed.* + # Avoid creating directories for each artifact + merge-multiple: true + path: provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema-embed.json + - name: Prepare for build + # This installs plugins and prepares upstream + run: make upstream + - name: Build & package provider + run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} + - name: Upload artifacts + uses: #{{ .Config.ActionVersions.UploadArtifact }}# + with: + name: pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: bin/pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + retention-days: 30 diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_sdk.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_sdk.yml new file mode 100644 index 0000000000..5191f0430f --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_sdk.yml @@ -0,0 +1,70 @@ +name: "Build SDK" + +on: + workflow_call: + inputs: + version: + required: true + type: string + +env: +#{{ .Config.Env | toYaml | indent 2 }}# + PROVIDER_VERSION: ${{ inputs.version }} + +jobs: + build_sdk: + name: build_sdk + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + strategy: + fail-fast: true + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# + steps: + #{{- if .Config.FreeDiskSpaceBeforeSdkBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Cache examples generation + uses: actions/cache@v4 + with: + path: | + .pulumi/examples-cache + key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Install plugins + run: make install_plugins + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Build SDK + run: make build_${{ matrix.language }} + - name: Check worktree clean + uses: pulumi/git-status-check-action@v1 + with: + allowed-changes: | + sdk/**/pulumi-plugin.json + sdk/dotnet/*.csproj + sdk/go/**/pulumiUtilities.go + sdk/nodejs/package.json + sdk/python/pyproject.toml + - name: Upload SDK + uses: ./.github/actions/upload-sdk + with: + language: ${{ matrix.language }} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml new file mode 100644 index 0000000000..1599cb9750 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml @@ -0,0 +1,255 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + generate_coverage_data: + continue-on-error: true + env: + COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }} + name: generate_coverage_data + needs: prerequisites + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@v1.3.1 + with: + tool-cache: false + swap-storage: false + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} + aws-region: us-west-2 + aws-secret-access-key: ${{ secrets.AWS_CORP_S3_UPLOAD_SECRET_ACCESS_KEY }} + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, schema-tools + - name: Echo Coverage Output Dir + run: 'echo "Coverage output directory: ${{ env.COVERAGE_OUTPUT_DIR }}"' + - name: Generate Coverage Data + run: PULUMI_MISSING_DOCS_ERROR=true make tfgen + - name: Summarize Provider Coverage Results + run: cat ${{ env.COVERAGE_OUTPUT_DIR }}/shortSummary.txt + - name: Upload coverage data to S3 + run: >- + summaryName="${PROVIDER}_summary_$(date +"%Y-%m-%d_%H-%M-%S").json" + + s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" + + aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control + #{{ if .Config.Lint -}}# + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + #{{ end -}}# + + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + needs: + - prerequisites + - build_provider + - test + - license_check + #{{- range $action, $_ := .Config.ExtraTests }}# + - #{{ $action }}# + #{{- end }}# + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: true + skipGoSdk: true + + tag_release_if_labeled_needs_release: + name: Tag release if labeled as needs-release + needs: publish + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: check if this commit needs release + if: ${{ env.RELEASE_BOT_ENDPOINT != '' }} + uses: pulumi/action-release-by-pr-label@main + with: + command: "release-if-needed" + repo: ${{ github.repository }} + commit: ${{ github.sha }} + slack_channel: ${{ secrets.RELEASE_OPS_SLACK_CHANNEL }} + env: + RELEASE_BOT_ENDPOINT: ${{ secrets.RELEASE_BOT_ENDPOINT }} + RELEASE_BOT_KEY: ${{ secrets.RELEASE_BOT_KEY }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + #{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.Provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.SetupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# +#{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + #{{- end }}# + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# +#{{ end }}# +name: #{{ .Config.ProviderDefaultBranch }}# +on: + workflow_dispatch: {} + push: + branches: + - #{{ .Config.ProviderDefaultBranch }}# + paths-ignore: + - "**.md" + tags-ignore: + - v* + - sdk/* + - "**" +#{{- if .Config.TestMasterAndReleaseWorkflows }}# + pull_request: +#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml new file mode 100644 index 0000000000..ecaf9a8c6b --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml @@ -0,0 +1,152 @@ +#{{ if index .Config.GenerateNightlyTestWorkflow -}}# +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language}} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.SetupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + if: matrix.testTarget == 'local' + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + #{{- end }}# + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 10 }}# +name: cron +on: + schedule: + - cron: 0 6 * * * +#{{ end -}}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml new file mode 100644 index 0000000000..7564d14c58 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml @@ -0,0 +1,188 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + IS_PRERELEASE: true +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + #{{ if .Config.Lint -}}# + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + #{{ end -}}# + + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + needs: + - prerequisites + - build_provider + - test + - license_check + #{{- range $action, $_ := .Config.ExtraTests }}# + - #{{ $action }}# + #{{- end }}# + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: true + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.Provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.SetupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + #{{- end }}# + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# +#{{ end }}# + +name: prerelease +on: + push: + tags: + - v*.*.*-** +#{{- if .Config.TestMasterAndReleaseWorkflows }}# + pull_request: +#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml new file mode 100644 index 0000000000..7133fe35c0 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml @@ -0,0 +1,130 @@ +name: "Prerequisites" + +on: + workflow_call: + inputs: + is_pr: + type: boolean + required: true + is_automated: + type: boolean + required: true + default_branch: + type: string + required: true + outputs: + version: + description: "Provider version being built" + value: ${{ jobs.prerequisites.outputs.version }} + +env: +#{{ .Config.Env | toYaml | indent 2 }}# + +jobs: + prerequisites: + name: prerequisites + runs-on: #{{ .Config.Runner.Prerequisites }}# + outputs: + version: ${{ steps.provider-version.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - uses: pulumi/provider-version-action@v1 + id: provider-version + with: + set-env: 'PROVIDER_VERSION' + - name: Cache examples generation + uses: actions/cache@v4 + with: + path: | + .pulumi/examples-cache + key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} + - name: Prepare upstream code + run: make upstream + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go, pulumictl, pulumicli, schema-tools +#{{- if .Config.Actions.PreBuild }}# +#{{ .Config.Actions.PreBuild | toYaml | indent 4 }}# +#{{- end }}# + - name: Build schema generator binary + run: make tfgen_build_only + - name: Install plugins + run: make install_plugins + - name: Generate schema + run: make tfgen_no_deps + - name: Build provider binary + run: make provider_no_deps + - name: Unit-test provider code + run: make test_provider + - if: inputs.is_pr + name: Check Schema is Valid + run: | + EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) + { + echo "SCHEMA_CHANGES<<$EOF"; + schema-tools compare -r github://api.github.com/#{{ .Config.Organization }}# -p #{{ .Config.Provider }}# -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json; + echo "$EOF"; + } >> "$GITHUB_ENV" + - if: inputs.is_pr && inputs.is_automated == false + name: Comment on PR with Details of Schema Check + uses: #{{ .Config.ActionVersions.PrComment }}# + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + comment_tag: schemaCheck + message: >+ + ${{ env.SCHEMA_CHANGES }} + + + Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes. + +#{{- if .Config.EnableConfigurationCheck }}# + - if: inputs.is_pr + name: Check Configuration section + run: | + sed -n '/## Configuration/,$p' README.md | sed -n '/## Reference/q;p' >> config_section.txt + jq -r '.config | select(.variables) | .variables | keys[]' < provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json >> keys.txt + EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) + { + echo "MISSING_CONFIG<<$EOF"; + xargs -I {} sh -c "grep -q {} config_section.txt || echo \\\`{}\\\` not found in Configuration section" < keys.txt + echo "$EOF"; + } >> "$GITHUB_ENV" + + - if: inputs.is_pr && inputs.is_automated == false + name: Check for missing config + run: | + if [ ! -z "${{ env.MISSING_CONFIG }}" ]; then + cat < "pulumi-#{{ .Config.Provider }}#_${{ inputs.version }}_checksums.txt" + - name: Get Schema Change Summary + id: schema-summary + shell: bash + run: | + # Get latest stable release. Return only first column from result (tag). + LAST_VERSION=$(gh release view --repo #{{ .Config.Organization }}#/pulumi-#{{ .Config.Provider }}# --json tagName -q .tagName || echo "No stable release" ) + { + echo 'summary<> "$GITHUB_OUTPUT" +#{{- if .Config.Publish.CDN }}# + - name: Upload Provider Binaries + run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive +#{{- end }}# + - name: Create GH Release + uses: softprops/action-gh-release@v1 + if: inputs.isPrerelease == false + with: + tag_name: v${{ inputs.version }} + prerelease: ${{ inputs.isPrerelease }} + # We keep pre-releases as drafts so they're not visible until we manually publish them. + draft: ${{ inputs.isPrerelease }} + body: ${{ steps.schema-summary.outputs.summary }} + generate_release_notes: true + files: dist/* + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + publish_sdk: + name: publish_sdk + needs: publish + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + # Persist credentials so we can push back to the repo + persist-credentials: true + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + - name: Publish SDKs + uses: pulumi/pulumi-package-publisher@v0.0.20 + with: + sdk: #{{ .Config.Publish.SDK }}# + version: ${{ inputs.version }} + - name: Download Go SDK + uses: ./.github/actions/download-sdk + with: + language: go + - uses: pulumi/publish-go-sdk-action@v1 + if: inputs.skipGoSdk == false + with: + repository: ${{ github.repository }} + base-ref: ${{ github.sha }} + source: sdk + path: sdk + version: ${{ inputs.version }} + additive: false + # Avoid including other language SDKs & artifacts in the commit + files: | + go.* + go/** + !*.tar.gz + +#{{- if .Config.PublishRegistry }}# + create_docs_build: + name: create_docs_build + needs: publish_sdk + # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped + if: inputs.isPrerelease == false + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Dispatch Metadata build + uses: peter-evans/repository-dispatch@v3 + with: + token: ${{ secrets.PULUMI_BOT_TOKEN }} + repository: pulumi/registry + event-type: resource-provider + client-payload: |- + { + "project": "${{ github.repository }}", + "project-shortname": "#{{ .Config.Provider }}#", + "ref": "${{ github.ref_name }}" + } +#{{- end }}# + + clean_up_release_labels: + name: Clean up release labels + # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped + if: inputs.isPrerelease == false + #{{ if .Config.PublishRegistry -}}# + needs: create_docs_build + #{{ else }}# + needs: publish_sdk + #{{- end }}# + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + persist-credentials: false + - name: Clean up release labels + uses: pulumi/action-release-by-pr-label@main + with: + command: "clean-up-release-labels" + repo: ${{ github.repository }} + commit: ${{ github.sha }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + verify_release: + name: verify_release + needs: publish_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ inputs.version }} + # Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. + enableMacosRunner: ${{ inputs.isPrerelease == false }} + skipGoSdk: ${{ inputs.skipGoSdk }} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml new file mode 100644 index 0000000000..2482185733 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml @@ -0,0 +1,188 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +name: release +on: + push: + tags: + - v*.*.* + - "!v*.*.*-**" +#{{- if .Config.TestMasterAndReleaseWorkflows }}# + pull_request: +#{{ end }}# + +env: +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + #{{ if .Config.Lint -}}# + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + #{{ end -}}# + + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + pull-requests: write + needs: + - prerequisites + - build_provider + - test + - license_check + #{{- range $action, $_ := .Config.ExtraTests }}# + - #{{ $action }}# + #{{- end }}# + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: false + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.Provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.SetupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + #{{- end }}# + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# +#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml new file mode 100644 index 0000000000..83fdaf5c62 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml @@ -0,0 +1,77 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + PULUMI_EXTRA_MAPPING_ERROR: #{{ .Config.FailOnExtraMapping }}# + PULUMI_MISSING_MAPPING_ERROR: #{{ .Config.FailOnMissingMapping }}# +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + resync_build: + name: resync-build + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + # Persist credentials so we can push a new branch. + persist-credentials: true + - name: Checkout repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + path: ci-mgmt + repository: pulumi/ci-mgmt + persist-credentials: false + - id: run-url + name: Create URL to the run output + run: echo "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> "$GITHUB_OUTPUT" + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, nodejs, dotnet, python + - name: Sync with ci-mgmt + run: cp -r "ci-mgmt/provider-ci/providers/$PROVIDER/repo/." . + - name: Remove ci-mgmt directory + run: rm -rf ci-mgmt + - name: Required entries for gitignore + run: |- + cat <<- EOF > "$RUNNER_TEMP/gitignore" + sdk/java/build + sdk/java/.gradle + sdk/java/gradle + sdk/java/gradlew + sdk/java/gradlew.bat + EOF + shell: bash + - name: Adding missing lines to .gitignore + run: | + comm -23 <(sort "$RUNNER_TEMP/gitignore") <(sort .gitignore) >> .gitignore.temp + cat .gitignore.temp >> .gitignore + rm .gitignore.temp + shell: bash + - name: Build + run: make build + - name: Create PR (no linked issue) + uses: peter-evans/create-pull-request@v3.12.0 + with: + author: pulumi-bot + base: #{{ .Config.ProviderDefaultBranch }}# + body: This pull request was generated automatically by the resync-build workflow + in this repository. + branch: pulumi-bot/resync-${{ github.run_id}} + commit-message: Resync build for pulumi-#{{ .Config.Provider }}# + committer: pulumi-bot + labels: impact/no-changelog-required + team-reviewers: platform-integrations + title: Fix up build for pulumi-#{{ .Config.Provider }}# + token: ${{ secrets.PULUMI_BOT_TOKEN }} +name: Resync build +on: + workflow_dispatch: + inputs: + automerge: + default: false + description: Mark created PR for auto-merging? + required: true + type: boolean diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml new file mode 100644 index 0000000000..fa05977183 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml @@ -0,0 +1,250 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: run-acceptance-tests + +on: + pull_request: + paths-ignore: + - CHANGELOG.md + repository_dispatch: + types: + - run-acceptance-tests-command + +env: + PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} +#{{ .Config.Env | toYaml | indent 2 }}# + +# This should cancel any previous runs of the same workflow on the same branch which are still running. +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + prerequisites: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + permissions: + pull-requests: write + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + comment-notification: + if: github.event_name == 'repository_dispatch' + name: comment-notification + permissions: + pull-requests: write + runs-on: #{{ .Config.Runner.Default }}# + steps: + - id: run-url + name: Create URL to the run output + run: echo "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> "$GITHUB_OUTPUT" + - name: Update with Result + uses: peter-evans/create-or-update-comment@v1 + with: + body: "Please view the PR build: ${{ steps.run-url.outputs.run-url }}" + issue-number: ${{ github.event.client_payload.github.payload.issue.number }} + repository: ${{ github.event.client_payload.github.payload.repository.full_name }} + token: ${{ secrets.GITHUB_TOKEN }} + #{{ if .Config.Lint -}}# + lint: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + #{{ end -}}# + + sentinel: + name: sentinel + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + permissions: + statuses: write + needs: + - test + - build_provider + - license_check + #{{- if .Config.Lint }}# + - lint + #{{- end }}# + #{{- range $action, $_ := .Config.ExtraTests }}# + - #{{ $action }}# + #{{- end }}# + runs-on: #{{ .Config.Runner.Default }}# + steps: + - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 + with: + authToken: ${{secrets.GITHUB_TOKEN}} + # Write an explicit status check called "Sentinel" which will only pass if this code really runs. + # This should always be a required check for PRs. + context: 'Sentinel' + description: 'All required checks passed' + state: 'success' + # Write to the PR commit SHA if it's available as we don't want the merge commit sha, + # otherwise use the current SHA for any other type of build. + sha: ${{ github.event.pull_request.head.sha || github.sha }} + + test: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSdk }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + ref: ${{ env.PR_COMMIT_SHA }} + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Checkout p/examples + if: matrix.testTarget == 'pulumiExamples' + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + repository: pulumi/examples + path: p-examples + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.Provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.setupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + if: matrix.testTarget == 'local' + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + #{{- end }}# + - name: Run tests + if: matrix.testTarget == 'local' + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . + - name: Run pulumi/examples tests + if: matrix.testTarget == 'pulumiExamples' + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# + #{{- if .Config.TestPulumiExamples }}# + testTarget: [local, pulumiExamples] + #{{- else }}# + testTarget: [local] + #{{- end }}# + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# +#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml new file mode 100644 index 0000000000..a57f276099 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml @@ -0,0 +1,108 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: Upgrade bridge +on: + repository_dispatch: + types: + - upgrade-bridge + - upgrade-bridge-test + workflow_dispatch: + inputs: + kind: + description: Overrides the kind of upgrade. Must be one of `all`, `bridge`, `provider`, `code`, `pf`, or `pulumi`. + required: false + type: string + default: "bridge" + target-bridge-version: + description: pulumi-terraform-bridge version or hash reference + required: false + type: string + default: "latest" + target-pulumi-version: + description: | + Set the version of `pulumi/pkg` and `pulumi/sdk` to depend on for bridged providers. Currently, + these versions inform the linked runtime and SDK generation in all languages except Java. Valid + options are: + - "": Use the same version as pulumi-terraform-bridge + - A go version such as "v3.90.1" + - A commit SHA in pulumi/pulumi such as "ac71ebc1d34e5ccfd1a7fed61e6ff43a3160f3cb" + required: false + type: string + default: "" + pr-reviewers: + description: Reviewers to assign to the auto-opened pull request + required: false + type: string + default: "" + pr-description: + description: Extra description to add to the auto-opened pull request + required: false + type: string + default: "" + pr-title-prefix: + description: Prefix to add to the auto-opened pull request title + required: false + type: string + default: "" + automerge: + description: Mark created PR for auto-merging? + required: false + type: boolean + default: false +env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + upgrade_provider: + name: upgrade-provider + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + steps: + #{{- if .Config.FreeDiskSpaceBeforeBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + - name: Call upgrade provider action + if: github.event_name == 'workflow_dispatch' + uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# + with: + kind: ${{ inputs.kind }} + email: bot@pulumi.com + username: pulumi-bot + automerge: ${{ inputs.automerge }} + target-bridge-version: ${{ inputs.target-bridge-version }} + target-pulumi-version: ${{ inputs.target-pulumi-version }} + #{{- if .Config.JavaGenVersion }}# + target-java-version: #{{ .Config.JavaGenVersion }}# + #{{- end }}# + pr-reviewers: ${{ inputs.pr-reviewers }} + pr-description: ${{ inputs.pr-description }} + pr-title-prefix: ${{ inputs.pr-title-prefix }} + - name: Call upgrade provider action + if: github.event_name == 'repository_dispatch' + uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# + with: + kind: ${{ github.event.client_payload.kind || 'bridge' }} + email: bot@pulumi.com + username: pulumi-bot + automerge: ${{ github.event.client_payload.automerge }} + target-pulumi-version: ${{ github.event.client_payload.target-pulumi-version }} + target-bridge-version: ${{ github.event.client_payload.target-bridge-version }} + pr-reviewers: ${{ github.event.client_payload.pr-reviewers }} + pr-description: ${{ github.event.client_payload.pr-description }} + pr-title-prefix: ${{ github.event.client_payload.pr-title-prefix }} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml new file mode 100644 index 0000000000..b3fc44ce7c --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml @@ -0,0 +1,74 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: Upgrade provider +on: + workflow_dispatch: + inputs: + version: + description: | + The version of the upstream provider to upgrade to, without the 'v' prefix + + If no version is specified, it will be inferred from the upstream provider's release tags. + required: false + type: string + schedule: + # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. + - cron: 0 3 * * * + +env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + upgrade_provider: + name: upgrade-provider + runs-on: #{{ .Config.Runner.Default }}# + if: #{{ .Config.CheckUpstreamUpgrade }}# + steps: + #{{- if .Config.FreeDiskSpaceBeforeBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + # Persist credentials so upgrade-provider can push a new branch. + persist-credentials: true + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + - name: Install upgrade-provider + run: go install github.com/pulumi/upgrade-provider@main + shell: bash + - name: "Set up git identity" + run: | + git config --global user.name 'bot@pulumi.com' + git config --global user.email 'bot@pulumi.com' + shell: bash + - name: Create issues for new upstream version + if: inputs.version == '' + id: upstream_version + # This step outputs `latest_version` if there is a pending upgrade + run: upgrade-provider "$REPO" --kind=check-upstream-version + env: + REPO: ${{ github.repository }} + shell: bash + - name: Calculate target version + id: target_version + # Prefer the manually specified version if it exists + # upstream_version will be empty if the provider is up-to-date + run: echo "version=${{ github.event.inputs.version || steps.upstream_version.outputs.latest_version }}" >> "$GITHUB_OUTPUT" + shell: bash + - name: Attempt provider upgrade + # Only attempt the upgrade if we have a target version + if: steps.target_version.outputs.version != '' + run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" #{{ if .Config.JavaGenVersion }}#--java-version="#{{ .Config.JavaGenVersion }}#"#{{ end }}# + shell: bash diff --git a/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk b/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk new file mode 100644 index 0000000000..8501b07248 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk @@ -0,0 +1,234 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made +# via https://github.com/pulumi/ci-mgmt. +# +# This file contains default make targets consumed by CI workflows. This targets are no-ops and are intended to be +# +# does not +# make any assumptions about the provider such as its language, file structure, +# etc. +# +# A top-level `Makefile` is required and must implement provider-specific +# targets like `test`. +# +# In order to use these targets, the top-level Makefile must include this file: +# +# include .mk/defaults.mk +# +# If the top-level Makefile implements a target like `test`, then this will be +# invoked in CI. Otherwise, the `default.test` target will be used. + +include .mk/vars.mk + +# Implement `prerequisites` to run custom logic before all SDK and provider build steps. +default.prebuild: + @echo "No prerequisites to build" + +default.development: install_plugins provider build_sdks install_sdks + +default.build: install_plugins provider build_sdks install_sdks + +default.build_sdks: #{{ range .Config.Languages }}#build_#{{ . }}# #{{ end }}##{{- if .Config.RegistryDocs }}#build_registry_docs#{{- end }}# + +default.install_go_sdk: + +default.install_java_sdk: + +default.install_python_sdk: + +default.install_sdks: install_dotnet_sdk install_python_sdk install_nodejs_sdk install_java_sdk + + +default.build_dotnet: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_dotnet: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_dotnet: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_dotnet: prebuild + rm -rf sdk/dotnet + PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) dotnet --out sdk/dotnet/ + cd sdk/dotnet/ && \ + printf "module fake_dotnet_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + echo "$(VERSION_GENERIC)" >version.txt && \ + dotnet build + +default.build_go: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_go: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_go: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_go: prebuild + PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) go --out sdk/go/ + cd sdk && go list "$$(grep -e "^module" go.mod | cut -d ' ' -f 2)/go/..." | xargs -I {} bash -c 'go build {} && go clean -i {}' + +default.build_java: PACKAGE_VERSION := $(VERSION_GENERIC) +default.build_java: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_java: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_java: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_java: bin/pulumi-java-gen +default.build_java: prebuild + rm -rf sdk/java/ + $(WORKING_DIR)/bin/$(JAVA_GEN) generate --schema $(SCHEMA_PATH) --out sdk/java --build gradle-nexus + cd sdk/java/ && \ + printf "module fake_java_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + gradle --console=plain build && \ + gradle --console=plain javadoc + +default.build_nodejs: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_nodejs: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_nodejs: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_nodejs: prebuild + rm -rf sdk/nodejs/ + cd sdk/nodejs/ && \ + printf "module fake_nodejs_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + yarn install && \ + yarn run tsc && \ + cp ../../README.md ../../LICENSE* package.json yarn.lock ./bin/ + +default.build_python: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_python: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_python: export PULggUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_python: prebuild + rm -rf sdk/python/ + cd sdk/python/ && \ + printf "module fake_python_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + cp ../../README.md . && \ + rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \ + rm ./bin/go.mod && \ + python3 -m venv venv && \ + ./venv/bin/python -m pip install build==1.2.1 && \ + cd ./bin && \ + ../venv/bin/python -m build . +#{{- if .Config.RegistryDocs }}# + +# Run the bridge's registry-docs command to generated the content of the installation docs/ folder at provider repo root +default.build_registry_docs: + $(WORKING_DIR)/bin/$(TFGEN) registry-docs --out $(WORKING_DIR)/docs +#{{- end }}# + +default.clean: + rm -rf sdk/{dotnet,nodejs,go,python} + rm -rf $(WORKING_DIR)/bin + +default.docs: + @echo "Define a `docs` target to generate docs." + +default.install_dotnet_sdk: + mkdir -p $(WORKING_DIR)/nuget + find . -name '*.nupkg' -print -exec cp -p {} $(WORKING_DIR)/nuget \; + +default.install_nodejs_sdk: + yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin + +default.install_plugins: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.install_plugins: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.install_plugins: .pulumi/bin/pulumi + #{{- range .Config.Plugins }}# + .pulumi/bin/pulumi plugin install #{{ or .Kind "resource" }}# #{{ .Name }}# #{{ .Version }}# + #{{- end }}# + +default.lint_provider: provider + cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml + +# `lint_provider.fix` is a utility target meant to be run manually +# that will run the linter and fix errors when possible. +default.lint_provider.fix: + cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml --fix + +# `make provider_no_deps` builds the provider binary directly, without ensuring that +# `cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json` is valid and up to date. +# To create a release ready binary, you should use `make provider`. +default.provider: + (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)) + +default.test: export PATH := $(WORKING_DIR)/bin:$(PATH) +default.test: + cd examples && go test -v -tags=all -parallel $(TESTPARALLELISM) -timeout 2h + +default.test_provider: + @echo "" + @echo "== test_provider ===================================================================" + @echo "" + cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) + +default.bin/pulumi-java-gen: + mkdir -p bin/ + pulumictl download-binary -n pulumi-language-java -v $(JAVA_GEN_VERSION) -r pulumi/pulumi-java + +# To make an immediately observable change to .ci-mgmt.yaml: +# +# - Edit .ci-mgmt.yaml +# - Run make ci-mgmt to apply the change locally. +# +default.ci-mgmt: .ci-mgmt.yaml + go run github.com/pulumi/ci-mgmt/provider-ci@master generate \ + --name $(ORG)/pulumi-$(PACK) \ + --out . \ + --template #{{ .Config.Template }}# \ + --config $< + +# Because some codegen depends on the version of the CLI used, we install a local CLI +# version pinned to the same version as `provider/go.mod`. +# +# This logic compares the version of .pulumi/bin/pulumi already installed. If it matches +# the desired version, we just print. Otherwise we (re)install pulumi at the desired +# version. +default..pulumi/bin/pulumi: .pulumi/version + @if [ -x .pulumi/bin/pulumi ] && [ "v$$(cat .pulumi/version)" = "$$(.pulumi/bin/pulumi version)" ]; then \ + echo "pulumi/bin/pulumi version: v$$(cat .pulumi/version)"; \ + else \ + curl -fsSL https://get.pulumi.com | \ + HOME=$(WORKING_DIR) sh -s -- --version "$$(cat .pulumi/version)"; \ + fi + +# Compute the version of Pulumi to use by inspecting the Go dependencies of the provider. +default..pulumi/version: provider/go.mod + @mkdir -p .pulumi + @cd provider && go list -f "{{slice .Version 1}}" -m github.com/pulumi/pulumi/pkg/v3 | tee ../$@ + +.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup#{{ if .Config.DocsCmd }}# docs#{{end}}# help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test prerequisites ci-mgmt test_provider + +# Provider cross-platform build & packaging + +# These targets assume that the schema-embed.json exists - it's generated by tfgen. +# We disable CGO to ensure that the binary is statically linked. +bin/linux-amd64/$(PROVIDER): TARGET := linux-amd64 +bin/linux-arm64/$(PROVIDER): TARGET := linux-arm64 +bin/darwin-amd64/$(PROVIDER): TARGET := darwin-amd64 +bin/darwin-arm64/$(PROVIDER): TARGET := darwin-arm64 +bin/windows-amd64/$(PROVIDER).exe: TARGET := windows-amd64 +bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: + @# check the TARGET is set + test $(TARGET) + cd provider && \ + export GOOS=$$(echo "$(TARGET)" | cut -d "-" -f 1) && \ + export GOARCH=$$(echo "$(TARGET)" | cut -d "-" -f 2) && \ + export CGO_ENABLED=0 && \ + go build -o "${WORKING_DIR}/$@" $(PULUMI_PROVIDER_BUILD_PARALLELISM) -ldflags "$(LDFLAGS)" "$(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)" + +bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe +bin/$(PROVIDER)-v$(VERSION_GENERIC)-%.tar.gz: + @mkdir -p dist + @# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz + @# $@ is the current target e.g. bin/pulumi-resource-xyz-v1.2.3-linux-amd64.tar.gz + tar --gzip -cf $@ README.md LICENSE -C $$(dirname $<) . + +provider_dist-linux-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz +provider_dist-linux-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz +provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz +provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz +provider_dist-windows-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz +provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 +.PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist + +help: + grep '^[^.#]\+:\s\+.*#' Makefile | \ + sed "s/\(.\+\):\s*\(.*\) #\s*\(.*\)/`printf "\033[93m"`\1`printf "\033[0m"` \3 [\2]/" | \ + expand -t20 + + +# Delegate any undefined target "foo" to its respective "default.foo" target, +# if it exists. +%: + @$(MAKE) -f defaults.mk "default.$@" + + diff --git a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk new file mode 100644 index 0000000000..a88499ed71 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk @@ -0,0 +1,47 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made +# via https://github.com/pulumi/ci-mgmt. +# +# This file contains default variables consumed by CI workflows. +# +PACK := #{{ .Config.Provider }}# +ORG := #{{ .Config.Organization }}# +PROJECT := github.com/$(ORG)/pulumi-$(PACK) +#{{- if ge .Config.MajorVersion 2 }}# +PROVIDER_PATH := provider/v#{{ .Config.MajorVersion }}# +#{{- else }}# +PROVIDER_PATH := provider +#{{- end }}# +VERSION_PATH := $(PROVIDER_PATH)/pkg/version.Version +SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json +PROVIDER := pulumi-resource-$(PACK) +JAVA_GEN := pulumi-java-gen +JAVA_GEN_VERSION := v0.16.1 +TESTPARALLELISM := 10 +WORKING_DIR := $(shell pwd) +#{{- if .Config.GoBuildParallelism }}# +PULUMI_PROVIDER_BUILD_PARALLELISM ?= -p #{{ .Config.GoBuildParallelism }}# +#{{- else }}# +PULUMI_PROVIDER_BUILD_PARALLELISM ?= +#{{- end }}# +#{{- if .Config.PulumiConvert }}# +PULUMI_CONVERT := 1 +#{{- else }}# +PULUMI_CONVERT := 0 +#{{- end }}# +PULUMI_MISSING_DOCS_ERROR := true + +# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable +# Local & branch builds will just used this fixed default version unless specified +PROVIDER_VERSION ?= #{{ .Config.MajorVersion }}#.0.0-alpha.0+dev +# Use this normalised version everywhere rather than the raw input to ensure consistency. +VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)") + +LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC)#{{if .Config.ProviderVersion}}# -X #{{ .Config.ProviderVersion }}#=$(VERSION_GENERIC)#{{end}}# +#{{- if .Config.ProviderVersion }}# +LDFLAGS_UPSTREAM_VERSION=-X #{{ .Config.ProviderVersion }}#=v$(VERSION_GENERIC) +#{{- else }}# +LDFLAGS_UPSTREAM_VERSION= +#{{- end }}# +LDFLAGS_EXTRAS=#{{- range .Config.ExtraLDFlags }}# #{{ . }}# #{{- end }}# +LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS) + From 3f9f8f010459449551eb1c288078a6e264b4fe95 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Tue, 5 Nov 2024 11:57:02 -0800 Subject: [PATCH 05/14] Generate test-providers/eks --- provider-ci/Makefile | 2 +- provider-ci/internal/pkg/generate.go | 2 + provider-ci/providers.json | 1 + provider-ci/test-providers/eks/.ci-mgmt.yaml | 25 ++ provider-ci/test-providers/eks/.gitattributes | 1 + .../eks/.github/ISSUE_TEMPLATE/bug.yaml | 69 ++++++ .../eks/.github/ISSUE_TEMPLATE/epic.md | 35 +++ .../.github/actions/download-bin/action.yml | 16 ++ .../.github/actions/download-sdk/action.yml | 19 ++ .../.github/actions/setup-tools/action.yml | 81 +++++++ .../eks/.github/actions/upload-bin/action.yml | 15 ++ .../eks/.github/actions/upload-sdk/action.yml | 20 ++ .../eks/.github/workflows/build_provider.yml | 58 +++++ .../eks/.github/workflows/build_sdk.yml | 85 +++++++ .../.github/workflows/command-dispatch.yml | 52 ++++ .../workflows/community-moderation.yml | 45 ++++ .../eks/.github/workflows/license.yml | 69 ++++++ .../eks/.github/workflows/lint.yml | 62 +++++ .../eks/.github/workflows/master.yml | 209 ++++++++++++++++ .../eks/.github/workflows/prerelease.yml | 145 +++++++++++ .../eks/.github/workflows/prerequisites.yml | 112 +++++++++ .../eks/.github/workflows/publish.yml | 202 ++++++++++++++++ .../eks/.github/workflows/pull-request.yml | 48 ++++ .../eks/.github/workflows/release.yml | 145 +++++++++++ .../eks/.github/workflows/release_command.yml | 45 ++++ .../eks/.github/workflows/resync-build.yml | 97 ++++++++ .../workflows/run-acceptance-tests.yml | 203 ++++++++++++++++ .../eks/.github/workflows/upgrade-bridge.yml | 93 ++++++++ .../.github/workflows/upgrade-provider.yml | 62 +++++ .../eks/.github/workflows/verify-release.yml | 86 +++++++ provider-ci/test-providers/eks/.golangci.yml | 35 +++ .../test-providers/eks/.mk/defaults.mk | 225 ++++++++++++++++++ provider-ci/test-providers/eks/.mk/vars.mk | 31 +++ .../test-providers/eks/.upgrade-config.yml | 6 + .../test-providers/eks/CODE-OF-CONDUCT.md | 80 +++++++ 35 files changed, 2480 insertions(+), 1 deletion(-) create mode 100644 provider-ci/test-providers/eks/.ci-mgmt.yaml create mode 100644 provider-ci/test-providers/eks/.gitattributes create mode 100644 provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/bug.yaml create mode 100644 provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/epic.md create mode 100644 provider-ci/test-providers/eks/.github/actions/download-bin/action.yml create mode 100644 provider-ci/test-providers/eks/.github/actions/download-sdk/action.yml create mode 100644 provider-ci/test-providers/eks/.github/actions/setup-tools/action.yml create mode 100644 provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml create mode 100644 provider-ci/test-providers/eks/.github/actions/upload-sdk/action.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/build_provider.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/build_sdk.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/community-moderation.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/license.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/lint.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/master.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/prerelease.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/prerequisites.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/publish.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/pull-request.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/release.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/release_command.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/resync-build.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/verify-release.yml create mode 100644 provider-ci/test-providers/eks/.golangci.yml create mode 100644 provider-ci/test-providers/eks/.mk/defaults.mk create mode 100644 provider-ci/test-providers/eks/.mk/vars.mk create mode 100644 provider-ci/test-providers/eks/.upgrade-config.yml create mode 100644 provider-ci/test-providers/eks/CODE-OF-CONDUCT.md diff --git a/provider-ci/Makefile b/provider-ci/Makefile index 8b5403dc3c..bb8c8b3afd 100644 --- a/provider-ci/Makefile +++ b/provider-ci/Makefile @@ -37,7 +37,7 @@ format: # files for other bridged provider repositories should be ephemeral. .PHONY: test-providers test-provider/% -test-providers: test-provider/aws test-provider/docker test-provider/cloudflare test-provider/acme +test-providers: test-provider/aws test-provider/docker test-provider/cloudflare test-provider/acme test-provider/eks # 1. Delete all files except the .ci-mgmt.yaml file and run the provider-ci generate command. # 2. Copy the generated provider repository to a temporary git repo and run actionlint on it. diff --git a/provider-ci/internal/pkg/generate.go b/provider-ci/internal/pkg/generate.go index c73bd1c68d..82de5a7bb6 100644 --- a/provider-ci/internal/pkg/generate.go +++ b/provider-ci/internal/pkg/generate.go @@ -93,6 +93,8 @@ func getTemplateDirs(templateName string) ([]string, error) { case "external-bridged-provider": // Render more specific templates last to allow them to override more general templates. return []string{"dev-container", "provider", "bridged-provider"}, nil + case "generic": + return []string{"provider", "pulumi-provider", "generic"}, nil default: return nil, fmt.Errorf("unknown template: %s", templateName) } diff --git a/provider-ci/providers.json b/provider-ci/providers.json index 6e7d3fb85d..031cba0084 100644 --- a/provider-ci/providers.json +++ b/provider-ci/providers.json @@ -23,6 +23,7 @@ "dnsimple", "docker", "ec", + "eks", "external", "f5bigip", "fastly", diff --git a/provider-ci/test-providers/eks/.ci-mgmt.yaml b/provider-ci/test-providers/eks/.ci-mgmt.yaml new file mode 100644 index 0000000000..abe552ea0a --- /dev/null +++ b/provider-ci/test-providers/eks/.ci-mgmt.yaml @@ -0,0 +1,25 @@ +provider: eks +major-version: 3 +aws: true +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + PULUMI_ENABLE_RESOURCE_REFERENCES: 1 + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget +template: generic diff --git a/provider-ci/test-providers/eks/.gitattributes b/provider-ci/test-providers/eks/.gitattributes new file mode 100644 index 0000000000..ff9aa4f9db --- /dev/null +++ b/provider-ci/test-providers/eks/.gitattributes @@ -0,0 +1 @@ +sdk/**/* linguist-generated=true diff --git a/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/bug.yaml b/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/bug.yaml new file mode 100644 index 0000000000..63d707268a --- /dev/null +++ b/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/bug.yaml @@ -0,0 +1,69 @@ +name: Bug Report +description: Report something that's not working correctly +labels: ["kind/bug", "needs-triage"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + You can also ask questions on our [Community Slack](https://slack.pulumi.com/). + - type: textarea + id: what-happened + attributes: + label: Describe what happened + description: Please summarize what happened, including what Pulumi commands you ran, as well as + an inline snippet of any relevant error or console output. + validations: + required: true + - type: textarea + id: sample-program + attributes: + label: Sample program + description: | +
Provide a reproducible sample program + If this is a bug you encountered while running a Pulumi command, please provide us with a minimal, + self-contained Pulumi program that reproduces this behavior so that we can investigate on our end. + Without a functional reproduction, we will not be able to prioritize this bug. + **Note:** If the program output is more than a few lines, please send us a Gist or a link to a file. +
+ validations: + required: true + - type: textarea + id: log-output + attributes: + label: Log output + description: | +
How to Submit Logs + If this is something that is dependent on your environment, please also provide us with the output of + `pulumi up --logtostderr --logflow -v=10` from the root of your project. + We may also ask you to supply us with debug output following [these steps](https://www.pulumi.com/docs/using-pulumi/pulumi-packages/debugging-provider-packages/). + **Note:** If the log output is more than a few lines, please send us a Gist or a link to a file. +
+ - type: textarea + id: resources + attributes: + label: Affected Resource(s) + description: Please list the affected Pulumi Resource(s) or Function(s). + validations: + required: false + - type: textarea + id: versions + attributes: + label: Output of `pulumi about` + description: Provide the output of `pulumi about` from the root of your project. + validations: + required: true + - type: textarea + id: ctx + attributes: + label: Additional context + description: Anything else you would like to add? + validations: + required: false + - type: textarea + id: voting + attributes: + label: Contributing + value: | + Vote on this issue by adding a 👍 reaction. + To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already). \ No newline at end of file diff --git a/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/epic.md b/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/epic.md new file mode 100644 index 0000000000..27d4e3a440 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/epic.md @@ -0,0 +1,35 @@ +--- +name: Epic +about: Tracks a shippable unit of work +title: '[Epic] {your-title-here}' +labels: kind/epic +projects: ['pulumi/32'] +assignees: '' +type: Epic +--- + +## Overview + + +## Key KPIs + + +## Key Stakeholders +- Product and Engineering: +- Documentation: +- Marketing/Partnerships: +- Customers: + +## Key Deliverables + + +### References 📔 + + +- [ ] Project View +- [ ] PR/FAQ +- [ ] Design Doc +- [ ] UX Designs +- [ ] Decision Log + + diff --git a/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml b/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml new file mode 100644 index 0000000000..8558d5f735 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml @@ -0,0 +1,16 @@ +name: Download binary assets +description: Downloads the provider and tfgen binaries to `bin/`. + +runs: + using: "composite" + steps: + - name: Download provider + tfgen binaries + uses: actions/download-artifact@v4 + with: + name: eks-provider.tar.gz + path: ${{ github.workspace }}/bin + - name: Untar provider binaries + shell: bash + run: | + tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace}}/bin + find ${{ github.workspace }} -name "pulumi-*-eks" -print -exec chmod +x {} \; diff --git a/provider-ci/test-providers/eks/.github/actions/download-sdk/action.yml b/provider-ci/test-providers/eks/.github/actions/download-sdk/action.yml new file mode 100644 index 0000000000..1fd54841b4 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/download-sdk/action.yml @@ -0,0 +1,19 @@ +name: Download SDK asset +description: Restores the SDK asset for a language. + +inputs: + language: + required: true + description: One of nodejs, python, dotnet, go, java + +runs: + using: "composite" + steps: + - name: Download ${{ inputs.language }} SDK + uses: actions/download-artifact@v4 + with: + name: ${{ inputs.language }}-sdk.tar.gz + path: ${{ github.workspace}}/sdk/ + - name: Uncompress SDK folder + shell: bash + run: tar -zxf ${{ github.workspace }}/sdk/${{ inputs.language }}.tar.gz -C ${{ github.workspace }}/sdk/${{ inputs.language }} diff --git a/provider-ci/test-providers/eks/.github/actions/setup-tools/action.yml b/provider-ci/test-providers/eks/.github/actions/setup-tools/action.yml new file mode 100644 index 0000000000..642d1d223f --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/setup-tools/action.yml @@ -0,0 +1,81 @@ +name: Setup tools +description: Installs Go, Pulumi, pulumictl, schema-tools, Node.JS, Python, dotnet and Java. + +inputs: + tools: + description: | + Comma separated list of tools to install. The default of "all" installs all tools. Available tools are: + go + pulumicli + pulumictl + schema-tools + nodejs + python + dotnet + java + default: all + +runs: + using: "composite" + steps: + - name: Install Go + if: inputs.tools == 'all' || contains(inputs.tools, 'go') + uses: actions/setup-go@v5 + with: + go-version: "1.21.x" + cache-dependency-path: | + provider/*.sum + upstream/*.sum + sdk/*.sum + + - name: Install pulumictl + if: inputs.tools == 'all' || contains(inputs.tools, 'pulumictl') + uses: jaxxstorm/action-install-gh-release@v1.11.0 + with: + tag: v0.0.46 + repo: pulumi/pulumictl + + - name: Install Pulumi CLI + if: inputs.tools == 'all' || contains(inputs.tools, 'pulumicli') + uses: pulumi/actions@v5 + with: + pulumi-version: "dev" + + - name: Install Schema Tools + if: inputs.tools == 'all' || contains(inputs.tools, 'schema-tools') + uses: jaxxstorm/action-install-gh-release@v1.11.0 + with: + repo: pulumi/schema-tools + + - name: Setup Node + if: inputs.tools == 'all' || contains(inputs.tools, 'nodejs') + uses: actions/setup-node@v4 + with: + node-version: 20.x + registry-url: https://registry.npmjs.org + + - name: Setup DotNet + if: inputs.tools == 'all' || contains(inputs.tools, 'dotnet') + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 6.0.x + + - name: Setup Python + if: inputs.tools == 'all' || contains(inputs.tools, 'python') + uses: actions/setup-python@v5 + with: + python-version: 3.11.8 + + - name: Setup Java + if: inputs.tools == 'all' || contains(inputs.tools, 'java') + uses: actions/setup-java@v4 + with: + cache: gradle + distribution: temurin + java-version: 11 + + - name: Setup Gradle + if: inputs.tools == 'all' || contains(inputs.tools, 'java') + uses: gradle/gradle-build-action@v3 + with: + gradle-version: 7.6 diff --git a/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml b/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml new file mode 100644 index 0000000000..da9ce2eacc --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml @@ -0,0 +1,15 @@ +name: Upload bin assets +description: Uploads the provider and tfgen binaries to `bin/`. + +runs: + using: "composite" + steps: + - name: Tar provider binaries + shell: bash + run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-eks pulumi-tfgen-eks + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: eks-provider.tar.gz + path: ${{ github.workspace }}/bin/provider.tar.gz + retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/actions/upload-sdk/action.yml b/provider-ci/test-providers/eks/.github/actions/upload-sdk/action.yml new file mode 100644 index 0000000000..77d4849426 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/upload-sdk/action.yml @@ -0,0 +1,20 @@ +name: Upload SDK asset +description: Upload the SDK for a specific language as an asset for the workflow. + +inputs: + language: + required: true + description: One of nodejs, python, dotnet, go, java + +runs: + using: "composite" + steps: + - name: Compress SDK folder + shell: bash + run: tar -zcf sdk/${{ inputs.language }}.tar.gz -C sdk/${{ inputs.language }} . + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: ${{ inputs.language }}-sdk.tar.gz + path: ${{ github.workspace}}/sdk/${{ inputs.language }}.tar.gz + retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/workflows/build_provider.yml b/provider-ci/test-providers/eks/.github/workflows/build_provider.yml new file mode 100644 index 0000000000..afccb150e8 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/build_provider.yml @@ -0,0 +1,58 @@ +name: "Build Provider" + +on: + workflow_call: + inputs: + version: + required: true + type: string + description: Version of the provider to build + +jobs: + build_provider: + name: Build ${{ matrix.platform.os }}-${{ matrix.platform.arch }} + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ inputs.version }} + strategy: + fail-fast: true + matrix: + platform: + - os: linux + arch: amd64 + - os: linux + arch: arm64 + - os: darwin + arch: amd64 + - os: darwin + arch: arm64 + - os: windows + arch: amd64 + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, go + - name: Download schema-embed.json + uses: actions/download-artifact@v4 + with: + # Use a pattern to avoid failing if the artifact doesn't exist + pattern: schema-embed.* + # Avoid creating directories for each artifact + merge-multiple: true + path: provider/cmd/pulumi-resource-eks/schema-embed.json + - name: Prepare for build + # This installs plugins and prepares upstream + run: make upstream + - name: Build & package provider + run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: bin/pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml b/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml new file mode 100644 index 0000000000..61ed3fe297 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml @@ -0,0 +1,85 @@ +name: "Build SDK" + +on: + workflow_call: + inputs: + version: + required: true + type: string + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + PROVIDER_VERSION: ${{ inputs.version }} + +jobs: + build_sdk: + name: build_sdk + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + language: + - nodejs + - python + - dotnet + - go + - java + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Cache examples generation + uses: actions/cache@v4 + with: + path: | + .pulumi/examples-cache + key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Install plugins + run: make install_plugins + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Build SDK + run: make build_${{ matrix.language }} + - name: Check worktree clean + uses: pulumi/git-status-check-action@v1 + with: + allowed-changes: | + sdk/**/pulumi-plugin.json + sdk/dotnet/*.csproj + sdk/go/**/pulumiUtilities.go + sdk/nodejs/package.json + sdk/python/pyproject.toml + - name: Upload SDK + uses: ./.github/actions/upload-sdk + with: + language: ${{ matrix.language }} diff --git a/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml new file mode 100644 index 0000000000..323780c891 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml @@ -0,0 +1,52 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + command-dispatch-for-testing: + name: command-dispatch-for-testing + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - uses: peter-evans/slash-command-dispatch@v4 + with: + commands: | + run-acceptance-tests + release + issue-type: pull-request + permission: write + reaction-token: ${{ secrets.GITHUB_TOKEN }} + repository: pulumi/pulumi-eks + token: ${{ secrets.PULUMI_BOT_TOKEN }} +name: command-dispatch +on: + issue_comment: + types: + - created + - edited diff --git a/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml b/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml new file mode 100644 index 0000000000..2afb297c25 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml @@ -0,0 +1,45 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + warn_codegen: + name: warn_codegen + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - id: schema_changed + name: Check for diff in schema + uses: dorny/paths-filter@v2 + with: + filters: "changed: 'provider/cmd/**/schema.json'" + - id: sdk_changed + if: steps.schema_changed.outputs.changed == 'false' + name: Check for diff in sdk/** + uses: dorny/paths-filter@v2 + with: + filters: "changed: 'sdk/**'" + - if: steps.sdk_changed.outputs.changed == 'true' && + github.event.pull_request.head.repo.full_name != github.repository + name: Send codegen warning as comment on PR + uses: thollander/actions-comment-pull-request@v2 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + message: > + Hello and thank you for your pull request! :heart: :sparkles: + + It looks like you're directly modifying files in the language SDKs, many of which are autogenerated. + + Be sure any files you're editing do not begin with a code generation warning. + + For generated files, you will need to make changes in `resources.go` instead, and [generate the code](https://github.com/pulumi/${{ github.event.repository.name }}/blob/master/CONTRIBUTING.md#committing-generated-code). +name: warn-codegen +on: + pull_request_target: + branches: + - master + types: + - opened diff --git a/provider-ci/test-providers/eks/.github/workflows/license.yml b/provider-ci/test-providers/eks/.github/workflows/license.yml new file mode 100644 index 0000000000..ba478c114a --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/license.yml @@ -0,0 +1,69 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: license_check + +on: + workflow_call: + inputs: {} + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + license_check: + name: License Check + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go + - run: make upstream + - uses: pulumi/license-check-action@main + with: + module-path: provider + ignore-modules: >- + github.com/aead/chacha20, + github.com/apache/arrow/go/v12, + github.com/apache/thrift/lib/go/thrift, + github.com/cloudflare/circl, + github.com/golang, + github.com/gorhill/cronexpr, + github.com/in-toto/in-toto-golang, + github.com/jmespath/go-jmespath, + github.com/keybase/go-crypto, + github.com/klauspost/compress, + github.com/mattn/go-localereader, + github.com/modern-go/reflect2, + github.com/pierrec/lz4, + github.com/pjbgf/sha1cd, + github.com/pulumi, + github.com/segmentio/asm, + golang.org diff --git a/provider-ci/test-providers/eks/.github/workflows/lint.yml b/provider-ci/test-providers/eks/.github/workflows/lint.yml new file mode 100644 index 0000000000..adf5e979a0 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/lint.yml @@ -0,0 +1,62 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: lint + +on: + workflow_call: + inputs: {} + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + lint: + name: lint + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Install go + uses: actions/setup-go@v5 + with: + # The versions of golangci-lint and setup-go here cross-depend and need to update together. + go-version: 1.23 + # Either this action or golangci-lint needs to disable the cache + cache: false + - name: disarm go:embed directives to enable lint + continue-on-error: true # this fails if there are no go:embed directives + run: | + git grep -l 'go:embed' -- provider | xargs sed -i 's/go:embed/ goembed/g' + - name: prepare upstream + continue-on-error: true + run: make upstream + - name: golangci-lint + uses: golangci/golangci-lint-action@v6 + with: + version: v1.60 + working-directory: provider diff --git a/provider-ci/test-providers/eks/.github/workflows/master.yml b/provider-ci/test-providers/eks/.github/workflows/master.yml new file mode 100644 index 0000000000..26af09bf2e --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/master.yml @@ -0,0 +1,209 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + generate_coverage_data: + continue-on-error: true + env: + COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }} + name: generate_coverage_data + needs: prerequisites + runs-on: ubuntu-latest + steps: + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@v1.3.1 + with: + tool-cache: false + swap-storage: false + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} + aws-region: us-west-2 + aws-secret-access-key: ${{ secrets.AWS_CORP_S3_UPLOAD_SECRET_ACCESS_KEY }} + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, schema-tools + - name: Echo Coverage Output Dir + run: 'echo "Coverage output directory: ${{ env.COVERAGE_OUTPUT_DIR }}"' + - name: Generate Coverage Data + run: PULUMI_MISSING_DOCS_ERROR=true make tfgen + - name: Summarize Provider Coverage Results + run: cat ${{ env.COVERAGE_OUTPUT_DIR }}/shortSummary.txt + - name: Upload coverage data to S3 + run: >- + summaryName="${PROVIDER}_summary_$(date +"%Y-%m-%d_%H-%M-%S").json" + + s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" + + aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + needs: + - prerequisites + - build_provider + - test + - license_check + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: true + skipGoSdk: true + + tag_release_if_labeled_needs_release: + name: Tag release if labeled as needs-release + needs: publish + runs-on: ubuntu-latest + steps: + - name: check if this commit needs release + if: ${{ env.RELEASE_BOT_ENDPOINT != '' }} + uses: pulumi/action-release-by-pr-label@main + with: + command: "release-if-needed" + repo: ${{ github.repository }} + commit: ${{ github.sha }} + slack_channel: ${{ secrets.RELEASE_OPS_SLACK_CHANNEL }} + env: + RELEASE_BOT_ENDPOINT: ${{ secrets.RELEASE_BOT_ENDPOINT }} + RELEASE_BOT_KEY: ${{ secrets.RELEASE_BOT_KEY }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + strategy: + fail-fast: false + matrix: + language: + - nodejs + - python + - dotnet + - go + - java +name: master +on: + workflow_dispatch: {} + push: + branches: + - master + paths-ignore: + - "**.md" + tags-ignore: + - v* + - sdk/* + - "**" diff --git a/provider-ci/test-providers/eks/.github/workflows/prerelease.yml b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml new file mode 100644 index 0000000000..19ccfebec6 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml @@ -0,0 +1,145 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + IS_PRERELEASE: true + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + needs: + - prerequisites + - build_provider + - test + - license_check + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: true + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + strategy: + fail-fast: false + matrix: + language: + - nodejs + - python + - dotnet + - go + - java + +name: prerelease +on: + push: + tags: + - v*.*.*-** diff --git a/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml b/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml new file mode 100644 index 0000000000..1c727afa03 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml @@ -0,0 +1,112 @@ +name: "Prerequisites" + +on: + workflow_call: + inputs: + is_pr: + type: boolean + required: true + is_automated: + type: boolean + required: true + default_branch: + type: string + required: true + outputs: + version: + description: "Provider version being built" + value: ${{ jobs.prerequisites.outputs.version }} + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + prerequisites: + name: prerequisites + runs-on: ubuntu-latest + outputs: + version: ${{ steps.provider-version.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - uses: pulumi/provider-version-action@v1 + id: provider-version + with: + set-env: 'PROVIDER_VERSION' + - name: Cache examples generation + uses: actions/cache@v4 + with: + path: | + .pulumi/examples-cache + key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} + - name: Prepare upstream code + run: make upstream + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go, pulumictl, pulumicli, schema-tools + - name: Build schema generator binary + run: make tfgen_build_only + - name: Install plugins + run: make install_plugins + - name: Generate schema + run: make tfgen_no_deps + - name: Build provider binary + run: make provider_no_deps + - name: Unit-test provider code + run: make test_provider + - if: inputs.is_pr + name: Check Schema is Valid + run: | + EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) + { + echo "SCHEMA_CHANGES<<$EOF"; + schema-tools compare -r github://api.github.com/pulumi -p eks -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-eks/schema.json; + echo "$EOF"; + } >> "$GITHUB_ENV" + - if: inputs.is_pr && inputs.is_automated == false + name: Comment on PR with Details of Schema Check + uses: thollander/actions-comment-pull-request@v2 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + comment_tag: schemaCheck + message: >+ + ${{ env.SCHEMA_CHANGES }} + + + Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes. + + - name: Upload bin + uses: ./.github/actions/upload-bin + + - name: Upload schema-embed.json + uses: actions/upload-artifact@v4 + with: + name: schema-embed.json + path: provider/cmd/pulumi-resource-eks/schema-embed.json + retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/workflows/publish.yml b/provider-ci/test-providers/eks/.github/workflows/publish.yml new file mode 100644 index 0000000000..9d65db1ccc --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/publish.yml @@ -0,0 +1,202 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +name: Publish + +on: + workflow_call: + inputs: + version: + required: true + type: string + isPrerelease: + required: true + type: boolean + skipGoSdk: + default: false + type: boolean + description: Skip publishing & verifying the Go SDK + +env: + IS_PRERELEASE: ${{ inputs.isPrerelease }} + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + publish: + name: publish + runs-on: ubuntu-latest + steps: + - name: Validate prerelease + if: inputs.isPrerelease == false && (contains(inputs.version, '-') || contains(inputs.version, '+')) + run: echo "Can't publish a prerelease version as a stable release. This is likely a bug in the calling workflow." && exit 1 + - name: Validate skipGoSdk + if: inputs.skipGoSdk && inputs.isPrerelease == false + run: echo "Can't skip Go SDK for stable releases. This is likely a bug in the calling workflow." && exit 1 + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, schema-tools + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: us-east-2 + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-external-id: upload-pulumi-release + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} + - name: Create dist directory + run: mkdir -p dist + - name: Download provider assets + uses: actions/download-artifact@v4 + with: + pattern: pulumi-resource-eks-v${{ inputs.version }}-* + path: dist + # Don't create a directory for each artifact + merge-multiple: true + - name: Calculate checksums + working-directory: dist + run: shasum ./*.tar.gz > "pulumi-eks_${{ inputs.version }}_checksums.txt" + - name: Get Schema Change Summary + id: schema-summary + shell: bash + run: | + # Get latest stable release. Return only first column from result (tag). + LAST_VERSION=$(gh release view --repo pulumi/pulumi-eks --json tagName -q .tagName || echo "No stable release" ) + { + echo 'summary<> "$GITHUB_OUTPUT" + - name: Upload Provider Binaries + run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive + - name: Create GH Release + uses: softprops/action-gh-release@v1 + if: inputs.isPrerelease == false + with: + tag_name: v${{ inputs.version }} + prerelease: ${{ inputs.isPrerelease }} + # We keep pre-releases as drafts so they're not visible until we manually publish them. + draft: ${{ inputs.isPrerelease }} + body: ${{ steps.schema-summary.outputs.summary }} + generate_release_notes: true + files: dist/* + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + publish_sdk: + name: publish_sdk + needs: publish + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + # Persist credentials so we can push back to the repo + persist-credentials: true + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java + - name: Publish SDKs + uses: pulumi/pulumi-package-publisher@v0.0.20 + with: + sdk: all + version: ${{ inputs.version }} + - name: Download Go SDK + uses: ./.github/actions/download-sdk + with: + language: go + - uses: pulumi/publish-go-sdk-action@v1 + if: inputs.skipGoSdk == false + with: + repository: ${{ github.repository }} + base-ref: ${{ github.sha }} + source: sdk + path: sdk + version: ${{ inputs.version }} + additive: false + # Avoid including other language SDKs & artifacts in the commit + files: | + go.* + go/** + !*.tar.gz + create_docs_build: + name: create_docs_build + needs: publish_sdk + # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped + if: inputs.isPrerelease == false + runs-on: ubuntu-latest + steps: + - name: Dispatch Metadata build + uses: peter-evans/repository-dispatch@v3 + with: + token: ${{ secrets.PULUMI_BOT_TOKEN }} + repository: pulumi/registry + event-type: resource-provider + client-payload: |- + { + "project": "${{ github.repository }}", + "project-shortname": "eks", + "ref": "${{ github.ref_name }}" + } + + clean_up_release_labels: + name: Clean up release labels + # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped + if: inputs.isPrerelease == false + needs: create_docs_build + + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Clean up release labels + uses: pulumi/action-release-by-pr-label@main + with: + command: "clean-up-release-labels" + repo: ${{ github.repository }} + commit: ${{ github.sha }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + verify_release: + name: verify_release + needs: publish_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ inputs.version }} + # Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. + enableMacosRunner: ${{ inputs.isPrerelease == false }} + skipGoSdk: ${{ inputs.skipGoSdk }} diff --git a/provider-ci/test-providers/eks/.github/workflows/pull-request.yml b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml new file mode 100644 index 0000000000..6a305605f9 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml @@ -0,0 +1,48 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + comment-on-pr: + if: github.event.pull_request.head.repo.full_name != github.repository + name: comment-on-pr + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Comment PR + uses: thollander/actions-comment-pull-request@v2 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + message: > + PR is now waiting for a maintainer to run the acceptance tests. + + **Note for the maintainer:** To run the acceptance tests, please comment */run-acceptance-tests* on the PR +name: pull-request +on: + pull_request_target: {} diff --git a/provider-ci/test-providers/eks/.github/workflows/release.yml b/provider-ci/test-providers/eks/.github/workflows/release.yml new file mode 100644 index 0000000000..d46e68714a --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/release.yml @@ -0,0 +1,145 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +name: release +on: + push: + tags: + - v*.*.* + - "!v*.*.*-**" + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + pull-requests: write + needs: + - prerequisites + - build_provider + - test + - license_check + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: false + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + strategy: + fail-fast: false + matrix: + language: + - nodejs + - python + - dotnet + - go + - java diff --git a/provider-ci/test-providers/eks/.github/workflows/release_command.yml b/provider-ci/test-providers/eks/.github/workflows/release_command.yml new file mode 100644 index 0000000000..4029f32a79 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/release_command.yml @@ -0,0 +1,45 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: release-command +on: + repository_dispatch: + types: + - release-command +jobs: + should_release: + name: Should release PR + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Should release PR + uses: pulumi/action-release-by-pr-label@main + with: + command: "should-release" + repo: ${{ github.repository }} + pr: ${{ github.event.client_payload.pull_request.number }} + version: ${{ github.event.client_payload.slash_command.args.all }} + slack_channel: ${{ secrets.RELEASE_OPS_STAGING_SLACK_CHANNEL }} + env: + RELEASE_BOT_ENDPOINT: ${{ secrets.RELEASE_BOT_ENDPOINT }} + RELEASE_BOT_KEY: ${{ secrets.RELEASE_BOT_KEY }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - if: failure() + name: Notify failure + uses: peter-evans/create-or-update-comment@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + repository: ${{ github.event.client_payload.github.payload.repository.full_name }} + issue-number: ${{ github.event.client_payload.github.payload.issue.number }} + body: | + "release command failed: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" + - if: success() + name: Notify success + uses: peter-evans/create-or-update-comment@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + repository: ${{ github.event.client_payload.github.payload.repository.full_name }} + comment-id: ${{ github.event.client_payload.github.payload.comment.id }} + reaction-type: hooray diff --git a/provider-ci/test-providers/eks/.github/workflows/resync-build.yml b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml new file mode 100644 index 0000000000..5b194351b2 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml @@ -0,0 +1,97 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + PULUMI_EXTRA_MAPPING_ERROR: true + PULUMI_MISSING_MAPPING_ERROR: true + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + resync_build: + name: resync-build + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + # Persist credentials so we can push a new branch. + persist-credentials: true + - name: Checkout repo + uses: actions/checkout@v4 + with: + path: ci-mgmt + repository: pulumi/ci-mgmt + persist-credentials: false + - id: run-url + name: Create URL to the run output + run: echo "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> "$GITHUB_OUTPUT" + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, nodejs, dotnet, python + - name: Sync with ci-mgmt + run: cp -r "ci-mgmt/provider-ci/providers/$PROVIDER/repo/." . + - name: Remove ci-mgmt directory + run: rm -rf ci-mgmt + - name: Required entries for gitignore + run: |- + cat <<- EOF > "$RUNNER_TEMP/gitignore" + sdk/java/build + sdk/java/.gradle + sdk/java/gradle + sdk/java/gradlew + sdk/java/gradlew.bat + EOF + shell: bash + - name: Adding missing lines to .gitignore + run: | + comm -23 <(sort "$RUNNER_TEMP/gitignore") <(sort .gitignore) >> .gitignore.temp + cat .gitignore.temp >> .gitignore + rm .gitignore.temp + shell: bash + - name: Build + run: make build + - name: Create PR (no linked issue) + uses: peter-evans/create-pull-request@v3.12.0 + with: + author: pulumi-bot + base: master + body: This pull request was generated automatically by the resync-build workflow + in this repository. + branch: pulumi-bot/resync-${{ github.run_id}} + commit-message: Resync build for pulumi-eks + committer: pulumi-bot + labels: impact/no-changelog-required + team-reviewers: platform-integrations + title: Fix up build for pulumi-eks + token: ${{ secrets.PULUMI_BOT_TOKEN }} +name: Resync build +on: + workflow_dispatch: + inputs: + automerge: + default: false + description: Mark created PR for auto-merging? + required: true + type: boolean diff --git a/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml new file mode 100644 index 0000000000..fedba7ef9b --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml @@ -0,0 +1,203 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: run-acceptance-tests + +on: + pull_request: + paths-ignore: + - CHANGELOG.md + repository_dispatch: + types: + - run-acceptance-tests-command + +env: + PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +# This should cancel any previous runs of the same workflow on the same branch which are still running. +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + prerequisites: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + permissions: + pull-requests: write + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + comment-notification: + if: github.event_name == 'repository_dispatch' + name: comment-notification + permissions: + pull-requests: write + runs-on: ubuntu-latest + steps: + - id: run-url + name: Create URL to the run output + run: echo "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> "$GITHUB_OUTPUT" + - name: Update with Result + uses: peter-evans/create-or-update-comment@v1 + with: + body: "Please view the PR build: ${{ steps.run-url.outputs.run-url }}" + issue-number: ${{ github.event.client_payload.github.payload.issue.number }} + repository: ${{ github.event.client_payload.github.payload.repository.full_name }} + token: ${{ secrets.GITHUB_TOKEN }} + lint: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + sentinel: + name: sentinel + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + permissions: + statuses: write + needs: + - test + - build_provider + - license_check + - lint + runs-on: ubuntu-latest + steps: + - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 + with: + authToken: ${{secrets.GITHUB_TOKEN}} + # Write an explicit status check called "Sentinel" which will only pass if this code really runs. + # This should always be a required check for PRs. + context: 'Sentinel' + description: 'All required checks passed' + state: 'success' + # Write to the PR commit SHA if it's available as we don't want the merge commit sha, + # otherwise use the current SHA for any other type of build. + sha: ${{ github.event.pull_request.head.sha || github.sha }} + + test: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + ref: ${{ env.PR_COMMIT_SHA }} + persist-credentials: false + - name: Checkout p/examples + if: matrix.testTarget == 'pulumiExamples' + uses: actions/checkout@v4 + with: + repository: pulumi/examples + path: p-examples + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 + - name: Run tests + if: matrix.testTarget == 'local' + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . + - name: Run pulumi/examples tests + if: matrix.testTarget == 'pulumiExamples' + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . + strategy: + fail-fast: false + matrix: + language: + - nodejs + - python + - dotnet + - go + - java + testTarget: [local] + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit diff --git a/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml b/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml new file mode 100644 index 0000000000..639cbed527 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml @@ -0,0 +1,93 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: Upgrade bridge +on: + repository_dispatch: + types: + - upgrade-bridge + - upgrade-bridge-test + workflow_dispatch: + inputs: + kind: + description: Overrides the kind of upgrade. Must be one of `all`, `bridge`, `provider`, `code`, `pf`, or `pulumi`. + required: false + type: string + default: "bridge" + target-bridge-version: + description: pulumi-terraform-bridge version or hash reference + required: false + type: string + default: "latest" + target-pulumi-version: + description: | + Set the version of `pulumi/pkg` and `pulumi/sdk` to depend on for bridged providers. Currently, + these versions inform the linked runtime and SDK generation in all languages except Java. Valid + options are: + - "": Use the same version as pulumi-terraform-bridge + - A go version such as "v3.90.1" + - A commit SHA in pulumi/pulumi such as "ac71ebc1d34e5ccfd1a7fed61e6ff43a3160f3cb" + required: false + type: string + default: "" + pr-reviewers: + description: Reviewers to assign to the auto-opened pull request + required: false + type: string + default: "" + pr-description: + description: Extra description to add to the auto-opened pull request + required: false + type: string + default: "" + pr-title-prefix: + description: Prefix to add to the auto-opened pull request title + required: false + type: string + default: "" + automerge: + description: Mark created PR for auto-merging? + required: false + type: boolean + default: false +env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + upgrade_provider: + name: upgrade-provider + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java + - name: Call upgrade provider action + if: github.event_name == 'workflow_dispatch' + uses: pulumi/pulumi-upgrade-provider-action@v0.0.12 + with: + kind: ${{ inputs.kind }} + email: bot@pulumi.com + username: pulumi-bot + automerge: ${{ inputs.automerge }} + target-bridge-version: ${{ inputs.target-bridge-version }} + target-pulumi-version: ${{ inputs.target-pulumi-version }} + pr-reviewers: ${{ inputs.pr-reviewers }} + pr-description: ${{ inputs.pr-description }} + pr-title-prefix: ${{ inputs.pr-title-prefix }} + - name: Call upgrade provider action + if: github.event_name == 'repository_dispatch' + uses: pulumi/pulumi-upgrade-provider-action@v0.0.12 + with: + kind: ${{ github.event.client_payload.kind || 'bridge' }} + email: bot@pulumi.com + username: pulumi-bot + automerge: ${{ github.event.client_payload.automerge }} + target-pulumi-version: ${{ github.event.client_payload.target-pulumi-version }} + target-bridge-version: ${{ github.event.client_payload.target-bridge-version }} + pr-reviewers: ${{ github.event.client_payload.pr-reviewers }} + pr-description: ${{ github.event.client_payload.pr-description }} + pr-title-prefix: ${{ github.event.client_payload.pr-title-prefix }} diff --git a/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml b/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml new file mode 100644 index 0000000000..6f3c1f7359 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml @@ -0,0 +1,62 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: Upgrade provider +on: + workflow_dispatch: + inputs: + version: + description: | + The version of the upstream provider to upgrade to, without the 'v' prefix + + If no version is specified, it will be inferred from the upstream provider's release tags. + required: false + type: string + schedule: + # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. + - cron: 0 3 * * * + +env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + upgrade_provider: + name: upgrade-provider + runs-on: ubuntu-latest + if: true + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + # Persist credentials so upgrade-provider can push a new branch. + persist-credentials: true + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java + - name: Install upgrade-provider + run: go install github.com/pulumi/upgrade-provider@main + shell: bash + - name: "Set up git identity" + run: | + git config --global user.name 'bot@pulumi.com' + git config --global user.email 'bot@pulumi.com' + shell: bash + - name: Create issues for new upstream version + if: inputs.version == '' + id: upstream_version + # This step outputs `latest_version` if there is a pending upgrade + run: upgrade-provider "$REPO" --kind=check-upstream-version + env: + REPO: ${{ github.repository }} + shell: bash + - name: Calculate target version + id: target_version + # Prefer the manually specified version if it exists + # upstream_version will be empty if the provider is up-to-date + run: echo "version=${{ github.event.inputs.version || steps.upstream_version.outputs.latest_version }}" >> "$GITHUB_OUTPUT" + shell: bash + - name: Attempt provider upgrade + # Only attempt the upgrade if we have a target version + if: steps.target_version.outputs.version != '' + run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" + shell: bash diff --git a/provider-ci/test-providers/eks/.github/workflows/verify-release.yml b/provider-ci/test-providers/eks/.github/workflows/verify-release.yml new file mode 100644 index 0000000000..e35f022e01 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/verify-release.yml @@ -0,0 +1,86 @@ +name: "Verify Release" + +on: + workflow_dispatch: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacRunner: + description: "Enable the MacOS runner in addition to Linux and Windows. Defaults to 'false'." + required: false + type: boolean + skipGoSdk: + description: "Skip the Go SDK verification. Defaults to 'false'. Enable this when verifying a pre-release for which we don't publish the Go SDK (for PRs and the default branch)." + required: false + type: boolean + default: false + workflow_call: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacosRunner: + description: "Enable the macos-latest runner in addition to ubuntu-latest and windows-latest. Defaults to 'false'." + required: false + type: boolean + default: false + skipGoSdk: + description: "Skip the Go SDK verification. Defaults to 'false'. This is used when we're not publishing a Go SDK on the default branch build." + required: false + type: boolean + default: false + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + verify-release: + name: verify-release + # We don't have any release verification configurations, so we never run this workflow. + # Configure your .ci-mgmt.yaml files to include the release verification configurations e.g. + # releaseVerification: + # nodejs: path/to/nodejs/project + # python: path/to/python/project + # dotnet: path/to/dotnet/project + # go: path/to/go/project + if: false + strategy: + matrix: + # We don't have any release verification configurations, so we only run on Linux to print warnings to help users configure the release verification. + runner: ["ubuntu-latest"] + runs-on: ${{ matrix.runner }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumicli, nodejs, python, dotnet, go, java diff --git a/provider-ci/test-providers/eks/.golangci.yml b/provider-ci/test-providers/eks/.golangci.yml new file mode 100644 index 0000000000..720e7cd3f8 --- /dev/null +++ b/provider-ci/test-providers/eks/.golangci.yml @@ -0,0 +1,35 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +linters: + enable: + - errcheck + - gci + - goconst + - gofmt + - gosec + - govet + - ineffassign + - lll + - gosimple + - staticcheck + - misspell + - nakedret + - revive + - unconvert + - unused + enable-all: false +issues: + exclude-files: + - schema.go + - pulumiManifest.go +run: + timeout: 20m +linters-settings: + gci: + sections: + - standard # Standard section: captures all standard library packages. + - blank # Blank section: contains all blank imports. + - default # Default section: contains all imports that could not be matched to another section type. + - prefix(github.com/pulumi/) # Custom section: groups all imports with the github.com/pulumi/ prefix. + - prefix(github.com/pulumi/pulumi-eks) # Custom section: local imports + custom-order: true diff --git a/provider-ci/test-providers/eks/.mk/defaults.mk b/provider-ci/test-providers/eks/.mk/defaults.mk new file mode 100644 index 0000000000..7f456fdfc2 --- /dev/null +++ b/provider-ci/test-providers/eks/.mk/defaults.mk @@ -0,0 +1,225 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made +# via https://github.com/pulumi/ci-mgmt. +# +# This file contains default make targets consumed by CI workflows. This targets are no-ops and are intended to be +# +# does not +# make any assumptions about the provider such as its language, file structure, +# etc. +# +# A top-level `Makefile` is required and must implement provider-specific +# targets like `test`. +# +# In order to use these targets, the top-level Makefile must include this file: +# +# include .mk/defaults.mk +# +# If the top-level Makefile implements a target like `test`, then this will be +# invoked in CI. Otherwise, the `default.test` target will be used. + +include .mk/vars.mk + +# Implement `prerequisites` to run custom logic before all SDK and provider build steps. +default.prebuild: + @echo "No prerequisites to build" + +default.development: install_plugins provider build_sdks install_sdks + +default.build: install_plugins provider build_sdks install_sdks + +default.build_sdks: build_nodejs build_python build_dotnet build_go build_java + +default.install_go_sdk: + +default.install_java_sdk: + +default.install_python_sdk: + +default.install_sdks: install_dotnet_sdk install_python_sdk install_nodejs_sdk install_java_sdk + + +default.build_dotnet: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_dotnet: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_dotnet: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_dotnet: prebuild + rm -rf sdk/dotnet + PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) dotnet --out sdk/dotnet/ + cd sdk/dotnet/ && \ + printf "module fake_dotnet_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + echo "$(VERSION_GENERIC)" >version.txt && \ + dotnet build + +default.build_go: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_go: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_go: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_go: prebuild + PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) go --out sdk/go/ + cd sdk && go list "$$(grep -e "^module" go.mod | cut -d ' ' -f 2)/go/..." | xargs -I {} bash -c 'go build {} && go clean -i {}' + +default.build_java: PACKAGE_VERSION := $(VERSION_GENERIC) +default.build_java: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_java: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_java: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_java: bin/pulumi-java-gen +default.build_java: prebuild + rm -rf sdk/java/ + $(WORKING_DIR)/bin/$(JAVA_GEN) generate --schema $(SCHEMA_PATH) --out sdk/java --build gradle-nexus + cd sdk/java/ && \ + printf "module fake_java_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + gradle --console=plain build && \ + gradle --console=plain javadoc + +default.build_nodejs: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_nodejs: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_nodejs: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_nodejs: prebuild + rm -rf sdk/nodejs/ + cd sdk/nodejs/ && \ + printf "module fake_nodejs_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + yarn install && \ + yarn run tsc && \ + cp ../../README.md ../../LICENSE* package.json yarn.lock ./bin/ + +default.build_python: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_python: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_python: export PULggUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_python: prebuild + rm -rf sdk/python/ + cd sdk/python/ && \ + printf "module fake_python_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + cp ../../README.md . && \ + rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \ + rm ./bin/go.mod && \ + python3 -m venv venv && \ + ./venv/bin/python -m pip install build==1.2.1 && \ + cd ./bin && \ + ../venv/bin/python -m build . + +default.clean: + rm -rf sdk/{dotnet,nodejs,go,python} + rm -rf $(WORKING_DIR)/bin + +default.docs: + @echo "Define a `docs` target to generate docs." + +default.install_dotnet_sdk: + mkdir -p $(WORKING_DIR)/nuget + find . -name '*.nupkg' -print -exec cp -p {} $(WORKING_DIR)/nuget \; + +default.install_nodejs_sdk: + yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin + +default.install_plugins: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.install_plugins: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.install_plugins: .pulumi/bin/pulumi + +default.lint_provider: provider + cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml + +# `lint_provider.fix` is a utility target meant to be run manually +# that will run the linter and fix errors when possible. +default.lint_provider.fix: + cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml --fix + +# `make provider_no_deps` builds the provider binary directly, without ensuring that +# `cmd/pulumi-resource-eks/schema.json` is valid and up to date. +# To create a release ready binary, you should use `make provider`. +default.provider: + (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)) + +default.test: export PATH := $(WORKING_DIR)/bin:$(PATH) +default.test: + cd examples && go test -v -tags=all -parallel $(TESTPARALLELISM) -timeout 2h + +default.test_provider: + @echo "" + @echo "== test_provider ===================================================================" + @echo "" + cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) + +default.bin/pulumi-java-gen: + mkdir -p bin/ + pulumictl download-binary -n pulumi-language-java -v $(JAVA_GEN_VERSION) -r pulumi/pulumi-java + +# To make an immediately observable change to .ci-mgmt.yaml: +# +# - Edit .ci-mgmt.yaml +# - Run make ci-mgmt to apply the change locally. +# +default.ci-mgmt: .ci-mgmt.yaml + go run github.com/pulumi/ci-mgmt/provider-ci@master generate \ + --name $(ORG)/pulumi-$(PACK) \ + --out . \ + --template generic \ + --config $< + +# Because some codegen depends on the version of the CLI used, we install a local CLI +# version pinned to the same version as `provider/go.mod`. +# +# This logic compares the version of .pulumi/bin/pulumi already installed. If it matches +# the desired version, we just print. Otherwise we (re)install pulumi at the desired +# version. +default..pulumi/bin/pulumi: .pulumi/version + @if [ -x .pulumi/bin/pulumi ] && [ "v$$(cat .pulumi/version)" = "$$(.pulumi/bin/pulumi version)" ]; then \ + echo "pulumi/bin/pulumi version: v$$(cat .pulumi/version)"; \ + else \ + curl -fsSL https://get.pulumi.com | \ + HOME=$(WORKING_DIR) sh -s -- --version "$$(cat .pulumi/version)"; \ + fi + +# Compute the version of Pulumi to use by inspecting the Go dependencies of the provider. +default..pulumi/version: provider/go.mod + @mkdir -p .pulumi + @cd provider && go list -f "{{slice .Version 1}}" -m github.com/pulumi/pulumi/pkg/v3 | tee ../$@ + +.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test prerequisites ci-mgmt test_provider + +# Provider cross-platform build & packaging + +# These targets assume that the schema-embed.json exists - it's generated by tfgen. +# We disable CGO to ensure that the binary is statically linked. +bin/linux-amd64/$(PROVIDER): TARGET := linux-amd64 +bin/linux-arm64/$(PROVIDER): TARGET := linux-arm64 +bin/darwin-amd64/$(PROVIDER): TARGET := darwin-amd64 +bin/darwin-arm64/$(PROVIDER): TARGET := darwin-arm64 +bin/windows-amd64/$(PROVIDER).exe: TARGET := windows-amd64 +bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: + @# check the TARGET is set + test $(TARGET) + cd provider && \ + export GOOS=$$(echo "$(TARGET)" | cut -d "-" -f 1) && \ + export GOARCH=$$(echo "$(TARGET)" | cut -d "-" -f 2) && \ + export CGO_ENABLED=0 && \ + go build -o "${WORKING_DIR}/$@" $(PULUMI_PROVIDER_BUILD_PARALLELISM) -ldflags "$(LDFLAGS)" "$(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)" + +bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe +bin/$(PROVIDER)-v$(VERSION_GENERIC)-%.tar.gz: + @mkdir -p dist + @# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz + @# $@ is the current target e.g. bin/pulumi-resource-xyz-v1.2.3-linux-amd64.tar.gz + tar --gzip -cf $@ README.md LICENSE -C $$(dirname $<) . + +provider_dist-linux-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz +provider_dist-linux-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz +provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz +provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz +provider_dist-windows-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz +provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 +.PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist + +help: + grep '^[^.#]\+:\s\+.*#' Makefile | \ + sed "s/\(.\+\):\s*\(.*\) #\s*\(.*\)/`printf "\033[93m"`\1`printf "\033[0m"` \3 [\2]/" | \ + expand -t20 + + +# Delegate any undefined target "foo" to its respective "default.foo" target, +# if it exists. +%: + @$(MAKE) -f defaults.mk "default.$@" + + diff --git a/provider-ci/test-providers/eks/.mk/vars.mk b/provider-ci/test-providers/eks/.mk/vars.mk new file mode 100644 index 0000000000..df27b0ca50 --- /dev/null +++ b/provider-ci/test-providers/eks/.mk/vars.mk @@ -0,0 +1,31 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made +# via https://github.com/pulumi/ci-mgmt. +# +# This file contains default variables consumed by CI workflows. +# +PACK := eks +ORG := pulumi +PROJECT := github.com/$(ORG)/pulumi-$(PACK) +PROVIDER_PATH := provider/v3 +VERSION_PATH := $(PROVIDER_PATH)/pkg/version.Version +SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json +PROVIDER := pulumi-resource-$(PACK) +JAVA_GEN := pulumi-java-gen +JAVA_GEN_VERSION := v0.16.1 +TESTPARALLELISM := 10 +WORKING_DIR := $(shell pwd) +PULUMI_PROVIDER_BUILD_PARALLELISM ?= +PULUMI_CONVERT := 0 +PULUMI_MISSING_DOCS_ERROR := true + +# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable +# Local & branch builds will just used this fixed default version unless specified +PROVIDER_VERSION ?= 3.0.0-alpha.0+dev +# Use this normalised version everywhere rather than the raw input to ensure consistency. +VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)") + +LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC) +LDFLAGS_UPSTREAM_VERSION= +LDFLAGS_EXTRAS= +LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS) + diff --git a/provider-ci/test-providers/eks/.upgrade-config.yml b/provider-ci/test-providers/eks/.upgrade-config.yml new file mode 100644 index 0000000000..0005a01982 --- /dev/null +++ b/provider-ci/test-providers/eks/.upgrade-config.yml @@ -0,0 +1,6 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +--- +upstream-provider-name: terraform-provider-eks +pulumi-infer-version: true +remove-plugins: true diff --git a/provider-ci/test-providers/eks/CODE-OF-CONDUCT.md b/provider-ci/test-providers/eks/CODE-OF-CONDUCT.md new file mode 100644 index 0000000000..995e13c009 --- /dev/null +++ b/provider-ci/test-providers/eks/CODE-OF-CONDUCT.md @@ -0,0 +1,80 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of experience, +education, socio-economic status, nationality, personal appearance, race, +religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members +* Contribute in a positive and constructive way + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or + advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Community Guidelines +* Be clear and stay on topic. Communicating with strangers on the Internet can make it hard to convey or read tone, and sarcasm is frequently misunderstood. Try to use clear language, and think about how the other person will receive it. +* Don’t cross-post the same thing in multiple GitHub Discussion topics or multiple Slack channels. This can make it difficult for people answering your questions and creates "scrollback spam". +* Public discussion is preferred to private. Avoid using Slack DMs for questions, and instead share them in public Slack channels or GitHub Discussion threads. This allows a larger audience to both share their knowledge as well as learn from your question or issue. If you're having a problem, chances are someone else is having a similar problem. Learning in public is a community contribution. +* Minimize notifications to other community members. Avoid tagging other community members in Slack messages or Discussion threads, unless you are replying to something specific. Community members are here to help each other, but are not "on call" for support, and we expect everyone to try to minimize "notification fatigue". If your issue is time-sensitive or critical, use methods like support@pulumi.com instead. + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, GitHub Discussions posts, +and other contributions that are not aligned to this Code of Conduct, or to ban +temporarily or permanently any contributor for other behaviors that they deem +inappropriate, threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces (including the Community Slack +and GitHub Discussions forums) and in public spaces when an individual is representing the +project or its community. Examples of representing a project or community include +using an official project e-mail address, posting via an official social media account, +or acting as an appointed representative at an online or offline event. Representation +of a project may be further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team at code-of-conduct@pulumi.com. All +complaints will be reviewed and investigated and will result in a response that +is deemed necessary and appropriate to the circumstances. The project team is +obligated to maintain confidentiality with regard to the reporter of an incident. +Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, +available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html + +[homepage]: https://www.contributor-covenant.org From d862f1794e6b30d11090f10aedcaa9bda5e5186b Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Tue, 5 Nov 2024 15:16:07 -0800 Subject: [PATCH 06/14] Remove some bridge workflows --- .../.github/workflows/upgrade-bridge.yml | 108 ------------------ .../.github/workflows/upgrade-provider.yml | 74 ------------ .../eks/.github/workflows/upgrade-bridge.yml | 93 --------------- .../.github/workflows/upgrade-provider.yml | 62 ---------- 4 files changed, 337 deletions(-) delete mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml delete mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml delete mode 100644 provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml delete mode 100644 provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml deleted file mode 100644 index a57f276099..0000000000 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml +++ /dev/null @@ -1,108 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt - -name: Upgrade bridge -on: - repository_dispatch: - types: - - upgrade-bridge - - upgrade-bridge-test - workflow_dispatch: - inputs: - kind: - description: Overrides the kind of upgrade. Must be one of `all`, `bridge`, `provider`, `code`, `pf`, or `pulumi`. - required: false - type: string - default: "bridge" - target-bridge-version: - description: pulumi-terraform-bridge version or hash reference - required: false - type: string - default: "latest" - target-pulumi-version: - description: | - Set the version of `pulumi/pkg` and `pulumi/sdk` to depend on for bridged providers. Currently, - these versions inform the linked runtime and SDK generation in all languages except Java. Valid - options are: - - "": Use the same version as pulumi-terraform-bridge - - A go version such as "v3.90.1" - - A commit SHA in pulumi/pulumi such as "ac71ebc1d34e5ccfd1a7fed61e6ff43a3160f3cb" - required: false - type: string - default: "" - pr-reviewers: - description: Reviewers to assign to the auto-opened pull request - required: false - type: string - default: "" - pr-description: - description: Extra description to add to the auto-opened pull request - required: false - type: string - default: "" - pr-title-prefix: - description: Prefix to add to the auto-opened pull request title - required: false - type: string - default: "" - automerge: - description: Mark created PR for auto-merging? - required: false - type: boolean - default: false -env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -jobs: - upgrade_provider: - name: upgrade-provider - runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# - steps: - #{{- if .Config.FreeDiskSpaceBeforeBuild }}# - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# - with: - tool-cache: false - swap-storage: false - dotnet: false - #{{- end }}# - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# - - name: Call upgrade provider action - if: github.event_name == 'workflow_dispatch' - uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# - with: - kind: ${{ inputs.kind }} - email: bot@pulumi.com - username: pulumi-bot - automerge: ${{ inputs.automerge }} - target-bridge-version: ${{ inputs.target-bridge-version }} - target-pulumi-version: ${{ inputs.target-pulumi-version }} - #{{- if .Config.JavaGenVersion }}# - target-java-version: #{{ .Config.JavaGenVersion }}# - #{{- end }}# - pr-reviewers: ${{ inputs.pr-reviewers }} - pr-description: ${{ inputs.pr-description }} - pr-title-prefix: ${{ inputs.pr-title-prefix }} - - name: Call upgrade provider action - if: github.event_name == 'repository_dispatch' - uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# - with: - kind: ${{ github.event.client_payload.kind || 'bridge' }} - email: bot@pulumi.com - username: pulumi-bot - automerge: ${{ github.event.client_payload.automerge }} - target-pulumi-version: ${{ github.event.client_payload.target-pulumi-version }} - target-bridge-version: ${{ github.event.client_payload.target-bridge-version }} - pr-reviewers: ${{ github.event.client_payload.pr-reviewers }} - pr-description: ${{ github.event.client_payload.pr-description }} - pr-title-prefix: ${{ github.event.client_payload.pr-title-prefix }} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml deleted file mode 100644 index b3fc44ce7c..0000000000 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml +++ /dev/null @@ -1,74 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt - -name: Upgrade provider -on: - workflow_dispatch: - inputs: - version: - description: | - The version of the upstream provider to upgrade to, without the 'v' prefix - - If no version is specified, it will be inferred from the upstream provider's release tags. - required: false - type: string - schedule: - # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. - - cron: 0 3 * * * - -env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -jobs: - upgrade_provider: - name: upgrade-provider - runs-on: #{{ .Config.Runner.Default }}# - if: #{{ .Config.CheckUpstreamUpgrade }}# - steps: - #{{- if .Config.FreeDiskSpaceBeforeBuild }}# - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# - with: - tool-cache: false - swap-storage: false - dotnet: false - #{{- end }}# - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - # Persist credentials so upgrade-provider can push a new branch. - persist-credentials: true - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# - - name: Install upgrade-provider - run: go install github.com/pulumi/upgrade-provider@main - shell: bash - - name: "Set up git identity" - run: | - git config --global user.name 'bot@pulumi.com' - git config --global user.email 'bot@pulumi.com' - shell: bash - - name: Create issues for new upstream version - if: inputs.version == '' - id: upstream_version - # This step outputs `latest_version` if there is a pending upgrade - run: upgrade-provider "$REPO" --kind=check-upstream-version - env: - REPO: ${{ github.repository }} - shell: bash - - name: Calculate target version - id: target_version - # Prefer the manually specified version if it exists - # upstream_version will be empty if the provider is up-to-date - run: echo "version=${{ github.event.inputs.version || steps.upstream_version.outputs.latest_version }}" >> "$GITHUB_OUTPUT" - shell: bash - - name: Attempt provider upgrade - # Only attempt the upgrade if we have a target version - if: steps.target_version.outputs.version != '' - run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" #{{ if .Config.JavaGenVersion }}#--java-version="#{{ .Config.JavaGenVersion }}#"#{{ end }}# - shell: bash diff --git a/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml b/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml deleted file mode 100644 index 639cbed527..0000000000 --- a/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml +++ /dev/null @@ -1,93 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt - -name: Upgrade bridge -on: - repository_dispatch: - types: - - upgrade-bridge - - upgrade-bridge-test - workflow_dispatch: - inputs: - kind: - description: Overrides the kind of upgrade. Must be one of `all`, `bridge`, `provider`, `code`, `pf`, or `pulumi`. - required: false - type: string - default: "bridge" - target-bridge-version: - description: pulumi-terraform-bridge version or hash reference - required: false - type: string - default: "latest" - target-pulumi-version: - description: | - Set the version of `pulumi/pkg` and `pulumi/sdk` to depend on for bridged providers. Currently, - these versions inform the linked runtime and SDK generation in all languages except Java. Valid - options are: - - "": Use the same version as pulumi-terraform-bridge - - A go version such as "v3.90.1" - - A commit SHA in pulumi/pulumi such as "ac71ebc1d34e5ccfd1a7fed61e6ff43a3160f3cb" - required: false - type: string - default: "" - pr-reviewers: - description: Reviewers to assign to the auto-opened pull request - required: false - type: string - default: "" - pr-description: - description: Extra description to add to the auto-opened pull request - required: false - type: string - default: "" - pr-title-prefix: - description: Prefix to add to the auto-opened pull request title - required: false - type: string - default: "" - automerge: - description: Mark created PR for auto-merging? - required: false - type: boolean - default: false -env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -jobs: - upgrade_provider: - name: upgrade-provider - runs-on: ubuntu-latest - steps: - - name: Checkout Repo - uses: actions/checkout@v4 - with: - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java - - name: Call upgrade provider action - if: github.event_name == 'workflow_dispatch' - uses: pulumi/pulumi-upgrade-provider-action@v0.0.12 - with: - kind: ${{ inputs.kind }} - email: bot@pulumi.com - username: pulumi-bot - automerge: ${{ inputs.automerge }} - target-bridge-version: ${{ inputs.target-bridge-version }} - target-pulumi-version: ${{ inputs.target-pulumi-version }} - pr-reviewers: ${{ inputs.pr-reviewers }} - pr-description: ${{ inputs.pr-description }} - pr-title-prefix: ${{ inputs.pr-title-prefix }} - - name: Call upgrade provider action - if: github.event_name == 'repository_dispatch' - uses: pulumi/pulumi-upgrade-provider-action@v0.0.12 - with: - kind: ${{ github.event.client_payload.kind || 'bridge' }} - email: bot@pulumi.com - username: pulumi-bot - automerge: ${{ github.event.client_payload.automerge }} - target-pulumi-version: ${{ github.event.client_payload.target-pulumi-version }} - target-bridge-version: ${{ github.event.client_payload.target-bridge-version }} - pr-reviewers: ${{ github.event.client_payload.pr-reviewers }} - pr-description: ${{ github.event.client_payload.pr-description }} - pr-title-prefix: ${{ github.event.client_payload.pr-title-prefix }} diff --git a/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml b/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml deleted file mode 100644 index 6f3c1f7359..0000000000 --- a/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml +++ /dev/null @@ -1,62 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt - -name: Upgrade provider -on: - workflow_dispatch: - inputs: - version: - description: | - The version of the upstream provider to upgrade to, without the 'v' prefix - - If no version is specified, it will be inferred from the upstream provider's release tags. - required: false - type: string - schedule: - # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. - - cron: 0 3 * * * - -env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -jobs: - upgrade_provider: - name: upgrade-provider - runs-on: ubuntu-latest - if: true - steps: - - name: Checkout Repo - uses: actions/checkout@v4 - with: - # Persist credentials so upgrade-provider can push a new branch. - persist-credentials: true - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java - - name: Install upgrade-provider - run: go install github.com/pulumi/upgrade-provider@main - shell: bash - - name: "Set up git identity" - run: | - git config --global user.name 'bot@pulumi.com' - git config --global user.email 'bot@pulumi.com' - shell: bash - - name: Create issues for new upstream version - if: inputs.version == '' - id: upstream_version - # This step outputs `latest_version` if there is a pending upgrade - run: upgrade-provider "$REPO" --kind=check-upstream-version - env: - REPO: ${{ github.repository }} - shell: bash - - name: Calculate target version - id: target_version - # Prefer the manually specified version if it exists - # upstream_version will be empty if the provider is up-to-date - run: echo "version=${{ github.event.inputs.version || steps.upstream_version.outputs.latest_version }}" >> "$GITHUB_OUTPUT" - shell: bash - - name: Attempt provider upgrade - # Only attempt the upgrade if we have a target version - if: steps.target_version.outputs.version != '' - run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" - shell: bash From 119c77eeb470318d882102c8e2f887a55620cc1b Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Wed, 6 Nov 2024 09:27:09 -0800 Subject: [PATCH 07/14] fix license --- .../generic/.github/workflows/license.yml | 48 +++++++++++++++++++ .../eks/.github/workflows/license.yml | 1 - 2 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/license.yml diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/license.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/license.yml new file mode 100644 index 0000000000..60cf36f2a6 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/license.yml @@ -0,0 +1,48 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: license_check + +on: + workflow_call: + inputs: {} + +env: +#{{ .Config.Env | toYaml | indent 2 }}# + +jobs: + license_check: + name: License Check + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go + - uses: pulumi/license-check-action@main + with: + module-path: provider + ignore-modules: >- + #{{ range $ignore := .Config.License.Ignore }}# + #{{- $ignore -}}#, + #{{ end -}}# + github.com/aead/chacha20, + github.com/apache/arrow/go/v12, + github.com/apache/thrift/lib/go/thrift, + github.com/cloudflare/circl, + github.com/golang, + github.com/gorhill/cronexpr, + github.com/in-toto/in-toto-golang, + github.com/jmespath/go-jmespath, + github.com/keybase/go-crypto, + github.com/klauspost/compress, + github.com/mattn/go-localereader, + github.com/modern-go/reflect2, + github.com/pierrec/lz4, + github.com/pjbgf/sha1cd, + github.com/pulumi, + github.com/segmentio/asm, + golang.org diff --git a/provider-ci/test-providers/eks/.github/workflows/license.yml b/provider-ci/test-providers/eks/.github/workflows/license.yml index ba478c114a..daa10f0a6a 100644 --- a/provider-ci/test-providers/eks/.github/workflows/license.yml +++ b/provider-ci/test-providers/eks/.github/workflows/license.yml @@ -45,7 +45,6 @@ jobs: uses: ./.github/actions/setup-tools with: tools: go - - run: make upstream - uses: pulumi/license-check-action@main with: module-path: provider From 68dbd062ce01ed473f159ce85908b9f291e7e865 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Wed, 6 Nov 2024 09:29:20 -0800 Subject: [PATCH 08/14] no tfgen binary --- .../templates/generic/.github/actions/upload-bin/action.yml | 4 ++-- .../test-providers/eks/.github/actions/upload-bin/action.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml b/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml index 0eb4de272c..d3bcea14d1 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml @@ -1,12 +1,12 @@ name: Upload bin assets -description: Uploads the provider and tfgen binaries to `bin/`. +description: Uploads the provider binaries to `bin/`. runs: using: "composite" steps: - name: Tar provider binaries shell: bash - run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-#{{ .Config.Provider }}# pulumi-tfgen-#{{ .Config.Provider }}# + run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-#{{ .Config.Provider }}# - name: Upload artifacts uses: #{{ .Config.ActionVersions.UploadArtifact }}# with: diff --git a/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml b/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml index da9ce2eacc..d0b01b0af5 100644 --- a/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml +++ b/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml @@ -1,12 +1,12 @@ name: Upload bin assets -description: Uploads the provider and tfgen binaries to `bin/`. +description: Uploads the provider binaries to `bin/`. runs: using: "composite" steps: - name: Tar provider binaries shell: bash - run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-eks pulumi-tfgen-eks + run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-eks - name: Upload artifacts uses: actions/upload-artifact@v4 with: From 645945b7af1deec13250c54f6d993f20ed170c89 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:36:28 -0800 Subject: [PATCH 09/14] use codecov instead of s3 --- .../generic/.github/workflows/main.yml | 53 +++---------------- .../.github/workflows/prerequisites.yml | 4 ++ .../workflows/run-acceptance-tests.yml | 19 ++++--- 3 files changed, 25 insertions(+), 51 deletions(-) diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml index 1599cb9750..0b1be137de 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml @@ -26,49 +26,6 @@ jobs: with: version: ${{ needs.prerequisites.outputs.version }} - generate_coverage_data: - continue-on-error: true - env: - COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }} - name: generate_coverage_data - needs: prerequisites - runs-on: #{{ .Config.Runner.Default }}# - steps: - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@v1.3.1 - with: - tool-cache: false - swap-storage: false - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - persist-credentials: false - - name: Configure AWS Credentials - uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# - with: - aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} - aws-region: us-west-2 - aws-secret-access-key: ${{ secrets.AWS_CORP_S3_UPLOAD_SECRET_ACCESS_KEY }} - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, go, schema-tools - - name: Echo Coverage Output Dir - run: 'echo "Coverage output directory: ${{ env.COVERAGE_OUTPUT_DIR }}"' - - name: Generate Coverage Data - run: PULUMI_MISSING_DOCS_ERROR=true make tfgen - - name: Summarize Provider Coverage Results - run: cat ${{ env.COVERAGE_OUTPUT_DIR }}/shortSummary.txt - - name: Upload coverage data to S3 - run: >- - summaryName="${PROVIDER}_summary_$(date +"%Y-%m-%d_%H-%M-%S").json" - - s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" - - aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control #{{ if .Config.Lint -}}# lint: name: lint @@ -228,8 +185,14 @@ jobs: working-directory: provider run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 #{{- end }}# - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + - name: Run example tests + run: make test_${{ matrix.language }} + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml index 7133fe35c0..696e9272d5 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml @@ -72,6 +72,10 @@ jobs: run: make provider_no_deps - name: Unit-test provider code run: make test_provider + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: inputs.is_pr name: Check Schema is Valid run: | diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml index fa05977183..e8ff0cdef4 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml @@ -225,12 +225,19 @@ jobs: working-directory: provider run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . #{{- end }}# - - name: Run tests - if: matrix.testTarget == 'local' - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . - - name: Run pulumi/examples tests - if: matrix.testTarget == 'pulumiExamples' - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . + working-directory: examples # TODO: Parameterize this. + flags: -tags=all + total: ${{ matrix.total }} + index: ${{ matrix.index }} + - name: Run example tests + run: make test_shard + env: + TAGS: all + TESTS: ${{ steps.shard.outputs.run}} + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} strategy: fail-fast: false matrix: From edb7772b824b5ae2acf23f6183b7e4fa5a298865 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:44:01 -0800 Subject: [PATCH 10/14] Remove extraTests, sshPrivateKey, preTest, gotestfmt --- provider-ci/internal/pkg/config.go | 12 ++++++ .../generic/.github/workflows/main.yml | 35 ------------------ .../.github/workflows/nightly-test.yml | 32 +--------------- .../generic/.github/workflows/prerelease.yml | 37 +------------------ .../generic/.github/workflows/release.yml | 37 +------------------ .../workflows/run-acceptance-tests.yml | 32 +--------------- 6 files changed, 19 insertions(+), 166 deletions(-) diff --git a/provider-ci/internal/pkg/config.go b/provider-ci/internal/pkg/config.go index 2a8e3c3aef..57cdd097b9 100644 --- a/provider-ci/internal/pkg/config.go +++ b/provider-ci/internal/pkg/config.go @@ -122,10 +122,14 @@ type Config struct { // ExtraTests run as part of `run-acceptance-tests.yml`, `master.yml`, // `main.yml`, `prerelease.yml` and `release.yml`. Only used for aws: // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22extraTests%3A%22&type=code + // + // Not available in generic providers -- override make targets instead. ExtraTests map[string]any `yaml:"extraTests"` // Only used by AWS... // IntegrationTestProvider will run e2e tests in the provider as well as in // the examples directory when set to true. Defaults to false. + // + // Not available in generic providers -- override make targets instead. IntegrationTestProvider bool `yaml:"integrationTestProvider"` // TestPulumiExamples runs e2e tests using the examples and test suite in @@ -204,6 +208,9 @@ type Config struct { // tests in CI job. This should be provided from a secret. Used by the // docker provider only: // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22sshPrivateKey%3A%22&type=code + // + // Not available in generic providers -- see docker-build for an example of + // how to programatically generate a key. SSHPrivateKey string `yaml:"sshPrivateKey"` // GCP authenticates with GCP before running tests in CI job. Used in gcp @@ -219,6 +226,8 @@ type Config struct { // SetupScript executes a script before running tests in CI job. Used in 3 // providers: // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22setup-script%3A%22&type=code + // + // Not available in generic providers -- override make targets instead. SetupScript string `yaml:"setup-script"` // GenerateNightlyTestWorkflow will include the nightly-test workflow. Used @@ -255,6 +264,9 @@ type Config struct { // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22parallel%3A%22&type=code Parallel int `yaml:"parallel"` + // Shards controls how many jobs integration tests are distributed across. + Shards int `yaml:"shards"` + // Hybrid has no effect but is set by the docker provider. // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22hybrid%3A%22&type=code Hybrid bool `yaml:"hybrid"` diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml index 0b1be137de..747e1deefc 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml @@ -47,9 +47,6 @@ jobs: - build_provider - test - license_check - #{{- range $action, $_ := .Config.ExtraTests }}# - - #{{ $action }}# - #{{- end }}# uses: ./.github/workflows/publish.yml secrets: inherit with: @@ -156,37 +153,8 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.SetupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# -#{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 - #{{- end }}# - - name: Run example tests - run: make test_${{ matrix.language }} - name: Upload coverage reports to Codecov uses: codecov/codecov-action@v4 env: @@ -198,9 +166,6 @@ jobs: matrix: language: #{{ .Config.Languages | toYaml | indent 8 }}# -#{{- if .Config.ExtraTests }}# -#{{ .Config.ExtraTests | toYaml | indent 2 }}# -#{{ end }}# name: #{{ .Config.ProviderDefaultBranch }}# on: workflow_dispatch: {} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml index ecaf9a8c6b..53b8e552b2 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml @@ -108,38 +108,10 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.SetupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - if: matrix.testTarget == 'local' - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - #{{- end }}# - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + - name: Run example tests + run: make test_${{ matrix.language }} # TODO: Use test_shard. strategy: fail-fast: false matrix: diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml index 7564d14c58..c2163c4213 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml @@ -48,9 +48,6 @@ jobs: - build_provider - test - license_check - #{{- range $action, $_ := .Config.ExtraTests }}# - - #{{ $action }}# - #{{- end }}# uses: ./.github/workflows/publish.yml secrets: inherit with: @@ -138,45 +135,15 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.SetupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - #{{- end }}# - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: language: #{{ .Config.Languages | toYaml | indent 8 }}# -#{{- if .Config.ExtraTests }}# -#{{ .Config.ExtraTests | toYaml | indent 2 }}# -#{{ end }}# name: prerelease on: diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml index 2482185733..99ee48bcef 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml @@ -57,9 +57,6 @@ jobs: - build_provider - test - license_check - #{{- range $action, $_ := .Config.ExtraTests }}# - - #{{ $action }}# - #{{- end }}# uses: ./.github/workflows/publish.yml secrets: inherit with: @@ -147,42 +144,12 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.SetupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - #{{- end }}# - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: language: #{{ .Config.Languages | toYaml | indent 8 }}# -#{{- if .Config.ExtraTests }}# -#{{ .Config.ExtraTests | toYaml | indent 2 }}# -#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml index e8ff0cdef4..7713b656fe 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml @@ -88,9 +88,6 @@ jobs: #{{- if .Config.Lint }}# - lint #{{- end }}# - #{{- range $action, $_ := .Config.ExtraTests }}# - - #{{ $action }}# - #{{- end }}# runs-on: #{{ .Config.Runner.Default }}# steps: - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 @@ -105,6 +102,7 @@ jobs: # otherwise use the current SHA for any other type of build. sha: ${{ github.event.pull_request.head.sha || github.sha }} + # TODO: Extract into shared action. test: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository @@ -195,36 +193,11 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.setupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Install gotestfmt uses: GoTestTools/gotestfmt-action@v2 with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - if: matrix.testTarget == 'local' - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - #{{- end }}# working-directory: examples # TODO: Parameterize this. flags: -tags=all total: ${{ matrix.total }} @@ -252,6 +225,3 @@ jobs: name: License Check uses: ./.github/workflows/license.yml secrets: inherit -#{{- if .Config.ExtraTests }}# -#{{ .Config.ExtraTests | toYaml | indent 2 }}# -#{{ end }}# From 93cb990a8416410c1aed4918ccbef8cb2212ce66 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:48:13 -0800 Subject: [PATCH 11/14] remove some upstream/tf references --- .../generic/.github/workflows/build_provider.yml | 3 --- .../templates/generic/.github/workflows/prerequisites.yml | 8 ++------ 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml index b02e5ceec2..0d927b45bf 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml @@ -57,9 +57,6 @@ jobs: # Avoid creating directories for each artifact merge-multiple: true path: provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema-embed.json - - name: Prepare for build - # This installs plugins and prepares upstream - run: make upstream - name: Build & package provider run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} - name: Upload artifacts diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml index 696e9272d5..2ceb6c32d7 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml @@ -53,8 +53,6 @@ jobs: path: | .pulumi/examples-cache key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} - - name: Prepare upstream code - run: make upstream - name: Setup tools uses: ./.github/actions/setup-tools with: @@ -62,14 +60,12 @@ jobs: #{{- if .Config.Actions.PreBuild }}# #{{ .Config.Actions.PreBuild | toYaml | indent 4 }}# #{{- end }}# - - name: Build schema generator binary - run: make tfgen_build_only - name: Install plugins run: make install_plugins - name: Generate schema - run: make tfgen_no_deps + run: make schema - name: Build provider binary - run: make provider_no_deps + run: make provider - name: Unit-test provider code run: make test_provider - name: Upload coverage reports to Codecov From ec725a97bab8ee5dae62644883bc6803f1578bbb Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:49:28 -0800 Subject: [PATCH 12/14] don't shard by language --- .../pkg/templates/defaults.config.yaml | 2 ++ .../.github/workflows/build_provider.yml | 2 +- .../workflows/run-acceptance-tests.yml | 34 ++++++++----------- .../pkg/templates/generic/.mk/vars.mk | 4 ++- 4 files changed, 20 insertions(+), 22 deletions(-) diff --git a/provider-ci/internal/pkg/templates/defaults.config.yaml b/provider-ci/internal/pkg/templates/defaults.config.yaml index 945e1c7f41..6c9d62aeb4 100644 --- a/provider-ci/internal/pkg/templates/defaults.config.yaml +++ b/provider-ci/internal/pkg/templates/defaults.config.yaml @@ -205,6 +205,8 @@ checkUpstreamUpgrade: true # Used in 5 providers: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22goBuildParallelism%22&type=code #goBuildParallelism: 1 +shards: 10 + # Sets PULUMI_CONVERT to 1 if truthy # Is set to "1" in 74 providers: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22pulumiConvert%22&type=code #pulumiConvert: false diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml index 0d927b45bf..d8c528c4a7 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml @@ -63,5 +63,5 @@ jobs: uses: #{{ .Config.ActionVersions.UploadArtifact }}# with: name: pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz - path: bin/pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: dist/pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz retention-days: 30 diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml index 7713b656fe..217245edb3 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml @@ -134,29 +134,23 @@ jobs: submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - - name: Checkout p/examples - if: matrix.testTarget == 'pulumiExamples' - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - repository: pulumi/examples - path: p-examples - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumictl, pulumicli, ${{ matrix.language }} + tools: pulumictl, pulumicli, go, nodejs, python, dotnet, java - name: Download bin uses: ./.github/actions/download-bin - name: Add NuGet source - if: matrix.language == 'dotnet' run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK + #{{- range $_, $language := .Config.Languages }}# + - name: Download #{{ $language }}# SDK uses: ./.github/actions/download-sdk with: - language: ${{ matrix.language }} + language: #{{ $language }}# + #{{- end }}# - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps - if: matrix.language == 'python' run: |- pip3 install virtualenv==20.0.23 pip3 install pipenv @@ -194,9 +188,10 @@ jobs: run: gcloud --quiet auth configure-docker #{{- end }}# - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 + run: make install_sdks + - name: Generate shard + id: shard + uses: hashicorp-forge/go-test-split-action@v2.0.0 with: working-directory: examples # TODO: Parameterize this. flags: -tags=all @@ -214,12 +209,11 @@ jobs: strategy: fail-fast: false matrix: - language: -#{{ .Config.Languages | toYaml | indent 8 }}# - #{{- if .Config.TestPulumiExamples }}# - testTarget: [local, pulumiExamples] - #{{- else }}# - testTarget: [local] + total: + - #{{ .Config.Shards }}# + index: + #{{- range $i, $_ := until .Config.Shards }}# + - #{{ $i }}# #{{- end }}# license_check: name: License Check diff --git a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk index a88499ed71..e5e0663de2 100644 --- a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk +++ b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk @@ -16,7 +16,9 @@ SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json PROVIDER := pulumi-resource-$(PACK) JAVA_GEN := pulumi-java-gen JAVA_GEN_VERSION := v0.16.1 -TESTPARALLELISM := 10 +TESTPARALLELISM ?= 10 +TAGS ?= all +TESTSHARDS ?= #{{ .Config.Shards }}# WORKING_DIR := $(shell pwd) #{{- if .Config.GoBuildParallelism }}# PULUMI_PROVIDER_BUILD_PARALLELISM ?= -p #{{ .Config.GoBuildParallelism }}# From 811dffba2d79b0746b4f337ef4514a3cd98fe8ba Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:51:51 -0800 Subject: [PATCH 13/14] remove default makefile targets for now --- .../pkg/templates/generic/.mk/defaults.mk | 234 ------------------ .../pkg/templates/generic/.mk/vars.mk | 49 ---- .../test-providers/eks/.mk/defaults.mk | 225 ----------------- provider-ci/test-providers/eks/.mk/vars.mk | 31 --- 4 files changed, 539 deletions(-) delete mode 100644 provider-ci/internal/pkg/templates/generic/.mk/defaults.mk delete mode 100644 provider-ci/internal/pkg/templates/generic/.mk/vars.mk delete mode 100644 provider-ci/test-providers/eks/.mk/defaults.mk delete mode 100644 provider-ci/test-providers/eks/.mk/vars.mk diff --git a/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk b/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk deleted file mode 100644 index 8501b07248..0000000000 --- a/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk +++ /dev/null @@ -1,234 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made -# via https://github.com/pulumi/ci-mgmt. -# -# This file contains default make targets consumed by CI workflows. This targets are no-ops and are intended to be -# -# does not -# make any assumptions about the provider such as its language, file structure, -# etc. -# -# A top-level `Makefile` is required and must implement provider-specific -# targets like `test`. -# -# In order to use these targets, the top-level Makefile must include this file: -# -# include .mk/defaults.mk -# -# If the top-level Makefile implements a target like `test`, then this will be -# invoked in CI. Otherwise, the `default.test` target will be used. - -include .mk/vars.mk - -# Implement `prerequisites` to run custom logic before all SDK and provider build steps. -default.prebuild: - @echo "No prerequisites to build" - -default.development: install_plugins provider build_sdks install_sdks - -default.build: install_plugins provider build_sdks install_sdks - -default.build_sdks: #{{ range .Config.Languages }}#build_#{{ . }}# #{{ end }}##{{- if .Config.RegistryDocs }}#build_registry_docs#{{- end }}# - -default.install_go_sdk: - -default.install_java_sdk: - -default.install_python_sdk: - -default.install_sdks: install_dotnet_sdk install_python_sdk install_nodejs_sdk install_java_sdk - - -default.build_dotnet: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_dotnet: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_dotnet: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_dotnet: prebuild - rm -rf sdk/dotnet - PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) dotnet --out sdk/dotnet/ - cd sdk/dotnet/ && \ - printf "module fake_dotnet_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - echo "$(VERSION_GENERIC)" >version.txt && \ - dotnet build - -default.build_go: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_go: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_go: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_go: prebuild - PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) go --out sdk/go/ - cd sdk && go list "$$(grep -e "^module" go.mod | cut -d ' ' -f 2)/go/..." | xargs -I {} bash -c 'go build {} && go clean -i {}' - -default.build_java: PACKAGE_VERSION := $(VERSION_GENERIC) -default.build_java: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_java: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_java: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_java: bin/pulumi-java-gen -default.build_java: prebuild - rm -rf sdk/java/ - $(WORKING_DIR)/bin/$(JAVA_GEN) generate --schema $(SCHEMA_PATH) --out sdk/java --build gradle-nexus - cd sdk/java/ && \ - printf "module fake_java_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - gradle --console=plain build && \ - gradle --console=plain javadoc - -default.build_nodejs: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_nodejs: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_nodejs: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_nodejs: prebuild - rm -rf sdk/nodejs/ - cd sdk/nodejs/ && \ - printf "module fake_nodejs_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - yarn install && \ - yarn run tsc && \ - cp ../../README.md ../../LICENSE* package.json yarn.lock ./bin/ - -default.build_python: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_python: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_python: export PULggUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_python: prebuild - rm -rf sdk/python/ - cd sdk/python/ && \ - printf "module fake_python_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - cp ../../README.md . && \ - rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \ - rm ./bin/go.mod && \ - python3 -m venv venv && \ - ./venv/bin/python -m pip install build==1.2.1 && \ - cd ./bin && \ - ../venv/bin/python -m build . -#{{- if .Config.RegistryDocs }}# - -# Run the bridge's registry-docs command to generated the content of the installation docs/ folder at provider repo root -default.build_registry_docs: - $(WORKING_DIR)/bin/$(TFGEN) registry-docs --out $(WORKING_DIR)/docs -#{{- end }}# - -default.clean: - rm -rf sdk/{dotnet,nodejs,go,python} - rm -rf $(WORKING_DIR)/bin - -default.docs: - @echo "Define a `docs` target to generate docs." - -default.install_dotnet_sdk: - mkdir -p $(WORKING_DIR)/nuget - find . -name '*.nupkg' -print -exec cp -p {} $(WORKING_DIR)/nuget \; - -default.install_nodejs_sdk: - yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin - -default.install_plugins: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.install_plugins: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.install_plugins: .pulumi/bin/pulumi - #{{- range .Config.Plugins }}# - .pulumi/bin/pulumi plugin install #{{ or .Kind "resource" }}# #{{ .Name }}# #{{ .Version }}# - #{{- end }}# - -default.lint_provider: provider - cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml - -# `lint_provider.fix` is a utility target meant to be run manually -# that will run the linter and fix errors when possible. -default.lint_provider.fix: - cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml --fix - -# `make provider_no_deps` builds the provider binary directly, without ensuring that -# `cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json` is valid and up to date. -# To create a release ready binary, you should use `make provider`. -default.provider: - (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)) - -default.test: export PATH := $(WORKING_DIR)/bin:$(PATH) -default.test: - cd examples && go test -v -tags=all -parallel $(TESTPARALLELISM) -timeout 2h - -default.test_provider: - @echo "" - @echo "== test_provider ===================================================================" - @echo "" - cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) - -default.bin/pulumi-java-gen: - mkdir -p bin/ - pulumictl download-binary -n pulumi-language-java -v $(JAVA_GEN_VERSION) -r pulumi/pulumi-java - -# To make an immediately observable change to .ci-mgmt.yaml: -# -# - Edit .ci-mgmt.yaml -# - Run make ci-mgmt to apply the change locally. -# -default.ci-mgmt: .ci-mgmt.yaml - go run github.com/pulumi/ci-mgmt/provider-ci@master generate \ - --name $(ORG)/pulumi-$(PACK) \ - --out . \ - --template #{{ .Config.Template }}# \ - --config $< - -# Because some codegen depends on the version of the CLI used, we install a local CLI -# version pinned to the same version as `provider/go.mod`. -# -# This logic compares the version of .pulumi/bin/pulumi already installed. If it matches -# the desired version, we just print. Otherwise we (re)install pulumi at the desired -# version. -default..pulumi/bin/pulumi: .pulumi/version - @if [ -x .pulumi/bin/pulumi ] && [ "v$$(cat .pulumi/version)" = "$$(.pulumi/bin/pulumi version)" ]; then \ - echo "pulumi/bin/pulumi version: v$$(cat .pulumi/version)"; \ - else \ - curl -fsSL https://get.pulumi.com | \ - HOME=$(WORKING_DIR) sh -s -- --version "$$(cat .pulumi/version)"; \ - fi - -# Compute the version of Pulumi to use by inspecting the Go dependencies of the provider. -default..pulumi/version: provider/go.mod - @mkdir -p .pulumi - @cd provider && go list -f "{{slice .Version 1}}" -m github.com/pulumi/pulumi/pkg/v3 | tee ../$@ - -.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup#{{ if .Config.DocsCmd }}# docs#{{end}}# help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test prerequisites ci-mgmt test_provider - -# Provider cross-platform build & packaging - -# These targets assume that the schema-embed.json exists - it's generated by tfgen. -# We disable CGO to ensure that the binary is statically linked. -bin/linux-amd64/$(PROVIDER): TARGET := linux-amd64 -bin/linux-arm64/$(PROVIDER): TARGET := linux-arm64 -bin/darwin-amd64/$(PROVIDER): TARGET := darwin-amd64 -bin/darwin-arm64/$(PROVIDER): TARGET := darwin-arm64 -bin/windows-amd64/$(PROVIDER).exe: TARGET := windows-amd64 -bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: - @# check the TARGET is set - test $(TARGET) - cd provider && \ - export GOOS=$$(echo "$(TARGET)" | cut -d "-" -f 1) && \ - export GOARCH=$$(echo "$(TARGET)" | cut -d "-" -f 2) && \ - export CGO_ENABLED=0 && \ - go build -o "${WORKING_DIR}/$@" $(PULUMI_PROVIDER_BUILD_PARALLELISM) -ldflags "$(LDFLAGS)" "$(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)" - -bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe -bin/$(PROVIDER)-v$(VERSION_GENERIC)-%.tar.gz: - @mkdir -p dist - @# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz - @# $@ is the current target e.g. bin/pulumi-resource-xyz-v1.2.3-linux-amd64.tar.gz - tar --gzip -cf $@ README.md LICENSE -C $$(dirname $<) . - -provider_dist-linux-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz -provider_dist-linux-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz -provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz -provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz -provider_dist-windows-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz -provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 -.PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist - -help: - grep '^[^.#]\+:\s\+.*#' Makefile | \ - sed "s/\(.\+\):\s*\(.*\) #\s*\(.*\)/`printf "\033[93m"`\1`printf "\033[0m"` \3 [\2]/" | \ - expand -t20 - - -# Delegate any undefined target "foo" to its respective "default.foo" target, -# if it exists. -%: - @$(MAKE) -f defaults.mk "default.$@" - - diff --git a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk deleted file mode 100644 index e5e0663de2..0000000000 --- a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk +++ /dev/null @@ -1,49 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made -# via https://github.com/pulumi/ci-mgmt. -# -# This file contains default variables consumed by CI workflows. -# -PACK := #{{ .Config.Provider }}# -ORG := #{{ .Config.Organization }}# -PROJECT := github.com/$(ORG)/pulumi-$(PACK) -#{{- if ge .Config.MajorVersion 2 }}# -PROVIDER_PATH := provider/v#{{ .Config.MajorVersion }}# -#{{- else }}# -PROVIDER_PATH := provider -#{{- end }}# -VERSION_PATH := $(PROVIDER_PATH)/pkg/version.Version -SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json -PROVIDER := pulumi-resource-$(PACK) -JAVA_GEN := pulumi-java-gen -JAVA_GEN_VERSION := v0.16.1 -TESTPARALLELISM ?= 10 -TAGS ?= all -TESTSHARDS ?= #{{ .Config.Shards }}# -WORKING_DIR := $(shell pwd) -#{{- if .Config.GoBuildParallelism }}# -PULUMI_PROVIDER_BUILD_PARALLELISM ?= -p #{{ .Config.GoBuildParallelism }}# -#{{- else }}# -PULUMI_PROVIDER_BUILD_PARALLELISM ?= -#{{- end }}# -#{{- if .Config.PulumiConvert }}# -PULUMI_CONVERT := 1 -#{{- else }}# -PULUMI_CONVERT := 0 -#{{- end }}# -PULUMI_MISSING_DOCS_ERROR := true - -# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable -# Local & branch builds will just used this fixed default version unless specified -PROVIDER_VERSION ?= #{{ .Config.MajorVersion }}#.0.0-alpha.0+dev -# Use this normalised version everywhere rather than the raw input to ensure consistency. -VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)") - -LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC)#{{if .Config.ProviderVersion}}# -X #{{ .Config.ProviderVersion }}#=$(VERSION_GENERIC)#{{end}}# -#{{- if .Config.ProviderVersion }}# -LDFLAGS_UPSTREAM_VERSION=-X #{{ .Config.ProviderVersion }}#=v$(VERSION_GENERIC) -#{{- else }}# -LDFLAGS_UPSTREAM_VERSION= -#{{- end }}# -LDFLAGS_EXTRAS=#{{- range .Config.ExtraLDFlags }}# #{{ . }}# #{{- end }}# -LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS) - diff --git a/provider-ci/test-providers/eks/.mk/defaults.mk b/provider-ci/test-providers/eks/.mk/defaults.mk deleted file mode 100644 index 7f456fdfc2..0000000000 --- a/provider-ci/test-providers/eks/.mk/defaults.mk +++ /dev/null @@ -1,225 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made -# via https://github.com/pulumi/ci-mgmt. -# -# This file contains default make targets consumed by CI workflows. This targets are no-ops and are intended to be -# -# does not -# make any assumptions about the provider such as its language, file structure, -# etc. -# -# A top-level `Makefile` is required and must implement provider-specific -# targets like `test`. -# -# In order to use these targets, the top-level Makefile must include this file: -# -# include .mk/defaults.mk -# -# If the top-level Makefile implements a target like `test`, then this will be -# invoked in CI. Otherwise, the `default.test` target will be used. - -include .mk/vars.mk - -# Implement `prerequisites` to run custom logic before all SDK and provider build steps. -default.prebuild: - @echo "No prerequisites to build" - -default.development: install_plugins provider build_sdks install_sdks - -default.build: install_plugins provider build_sdks install_sdks - -default.build_sdks: build_nodejs build_python build_dotnet build_go build_java - -default.install_go_sdk: - -default.install_java_sdk: - -default.install_python_sdk: - -default.install_sdks: install_dotnet_sdk install_python_sdk install_nodejs_sdk install_java_sdk - - -default.build_dotnet: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_dotnet: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_dotnet: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_dotnet: prebuild - rm -rf sdk/dotnet - PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) dotnet --out sdk/dotnet/ - cd sdk/dotnet/ && \ - printf "module fake_dotnet_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - echo "$(VERSION_GENERIC)" >version.txt && \ - dotnet build - -default.build_go: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_go: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_go: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_go: prebuild - PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) go --out sdk/go/ - cd sdk && go list "$$(grep -e "^module" go.mod | cut -d ' ' -f 2)/go/..." | xargs -I {} bash -c 'go build {} && go clean -i {}' - -default.build_java: PACKAGE_VERSION := $(VERSION_GENERIC) -default.build_java: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_java: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_java: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_java: bin/pulumi-java-gen -default.build_java: prebuild - rm -rf sdk/java/ - $(WORKING_DIR)/bin/$(JAVA_GEN) generate --schema $(SCHEMA_PATH) --out sdk/java --build gradle-nexus - cd sdk/java/ && \ - printf "module fake_java_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - gradle --console=plain build && \ - gradle --console=plain javadoc - -default.build_nodejs: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_nodejs: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_nodejs: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_nodejs: prebuild - rm -rf sdk/nodejs/ - cd sdk/nodejs/ && \ - printf "module fake_nodejs_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - yarn install && \ - yarn run tsc && \ - cp ../../README.md ../../LICENSE* package.json yarn.lock ./bin/ - -default.build_python: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_python: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_python: export PULggUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_python: prebuild - rm -rf sdk/python/ - cd sdk/python/ && \ - printf "module fake_python_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - cp ../../README.md . && \ - rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \ - rm ./bin/go.mod && \ - python3 -m venv venv && \ - ./venv/bin/python -m pip install build==1.2.1 && \ - cd ./bin && \ - ../venv/bin/python -m build . - -default.clean: - rm -rf sdk/{dotnet,nodejs,go,python} - rm -rf $(WORKING_DIR)/bin - -default.docs: - @echo "Define a `docs` target to generate docs." - -default.install_dotnet_sdk: - mkdir -p $(WORKING_DIR)/nuget - find . -name '*.nupkg' -print -exec cp -p {} $(WORKING_DIR)/nuget \; - -default.install_nodejs_sdk: - yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin - -default.install_plugins: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.install_plugins: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.install_plugins: .pulumi/bin/pulumi - -default.lint_provider: provider - cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml - -# `lint_provider.fix` is a utility target meant to be run manually -# that will run the linter and fix errors when possible. -default.lint_provider.fix: - cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml --fix - -# `make provider_no_deps` builds the provider binary directly, without ensuring that -# `cmd/pulumi-resource-eks/schema.json` is valid and up to date. -# To create a release ready binary, you should use `make provider`. -default.provider: - (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)) - -default.test: export PATH := $(WORKING_DIR)/bin:$(PATH) -default.test: - cd examples && go test -v -tags=all -parallel $(TESTPARALLELISM) -timeout 2h - -default.test_provider: - @echo "" - @echo "== test_provider ===================================================================" - @echo "" - cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) - -default.bin/pulumi-java-gen: - mkdir -p bin/ - pulumictl download-binary -n pulumi-language-java -v $(JAVA_GEN_VERSION) -r pulumi/pulumi-java - -# To make an immediately observable change to .ci-mgmt.yaml: -# -# - Edit .ci-mgmt.yaml -# - Run make ci-mgmt to apply the change locally. -# -default.ci-mgmt: .ci-mgmt.yaml - go run github.com/pulumi/ci-mgmt/provider-ci@master generate \ - --name $(ORG)/pulumi-$(PACK) \ - --out . \ - --template generic \ - --config $< - -# Because some codegen depends on the version of the CLI used, we install a local CLI -# version pinned to the same version as `provider/go.mod`. -# -# This logic compares the version of .pulumi/bin/pulumi already installed. If it matches -# the desired version, we just print. Otherwise we (re)install pulumi at the desired -# version. -default..pulumi/bin/pulumi: .pulumi/version - @if [ -x .pulumi/bin/pulumi ] && [ "v$$(cat .pulumi/version)" = "$$(.pulumi/bin/pulumi version)" ]; then \ - echo "pulumi/bin/pulumi version: v$$(cat .pulumi/version)"; \ - else \ - curl -fsSL https://get.pulumi.com | \ - HOME=$(WORKING_DIR) sh -s -- --version "$$(cat .pulumi/version)"; \ - fi - -# Compute the version of Pulumi to use by inspecting the Go dependencies of the provider. -default..pulumi/version: provider/go.mod - @mkdir -p .pulumi - @cd provider && go list -f "{{slice .Version 1}}" -m github.com/pulumi/pulumi/pkg/v3 | tee ../$@ - -.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test prerequisites ci-mgmt test_provider - -# Provider cross-platform build & packaging - -# These targets assume that the schema-embed.json exists - it's generated by tfgen. -# We disable CGO to ensure that the binary is statically linked. -bin/linux-amd64/$(PROVIDER): TARGET := linux-amd64 -bin/linux-arm64/$(PROVIDER): TARGET := linux-arm64 -bin/darwin-amd64/$(PROVIDER): TARGET := darwin-amd64 -bin/darwin-arm64/$(PROVIDER): TARGET := darwin-arm64 -bin/windows-amd64/$(PROVIDER).exe: TARGET := windows-amd64 -bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: - @# check the TARGET is set - test $(TARGET) - cd provider && \ - export GOOS=$$(echo "$(TARGET)" | cut -d "-" -f 1) && \ - export GOARCH=$$(echo "$(TARGET)" | cut -d "-" -f 2) && \ - export CGO_ENABLED=0 && \ - go build -o "${WORKING_DIR}/$@" $(PULUMI_PROVIDER_BUILD_PARALLELISM) -ldflags "$(LDFLAGS)" "$(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)" - -bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe -bin/$(PROVIDER)-v$(VERSION_GENERIC)-%.tar.gz: - @mkdir -p dist - @# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz - @# $@ is the current target e.g. bin/pulumi-resource-xyz-v1.2.3-linux-amd64.tar.gz - tar --gzip -cf $@ README.md LICENSE -C $$(dirname $<) . - -provider_dist-linux-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz -provider_dist-linux-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz -provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz -provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz -provider_dist-windows-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz -provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 -.PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist - -help: - grep '^[^.#]\+:\s\+.*#' Makefile | \ - sed "s/\(.\+\):\s*\(.*\) #\s*\(.*\)/`printf "\033[93m"`\1`printf "\033[0m"` \3 [\2]/" | \ - expand -t20 - - -# Delegate any undefined target "foo" to its respective "default.foo" target, -# if it exists. -%: - @$(MAKE) -f defaults.mk "default.$@" - - diff --git a/provider-ci/test-providers/eks/.mk/vars.mk b/provider-ci/test-providers/eks/.mk/vars.mk deleted file mode 100644 index df27b0ca50..0000000000 --- a/provider-ci/test-providers/eks/.mk/vars.mk +++ /dev/null @@ -1,31 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made -# via https://github.com/pulumi/ci-mgmt. -# -# This file contains default variables consumed by CI workflows. -# -PACK := eks -ORG := pulumi -PROJECT := github.com/$(ORG)/pulumi-$(PACK) -PROVIDER_PATH := provider/v3 -VERSION_PATH := $(PROVIDER_PATH)/pkg/version.Version -SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json -PROVIDER := pulumi-resource-$(PACK) -JAVA_GEN := pulumi-java-gen -JAVA_GEN_VERSION := v0.16.1 -TESTPARALLELISM := 10 -WORKING_DIR := $(shell pwd) -PULUMI_PROVIDER_BUILD_PARALLELISM ?= -PULUMI_CONVERT := 0 -PULUMI_MISSING_DOCS_ERROR := true - -# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable -# Local & branch builds will just used this fixed default version unless specified -PROVIDER_VERSION ?= 3.0.0-alpha.0+dev -# Use this normalised version everywhere rather than the raw input to ensure consistency. -VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)") - -LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC) -LDFLAGS_UPSTREAM_VERSION= -LDFLAGS_EXTRAS= -LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS) - From c329cbf5cb952aaa5fdacca7278e07d587df3271 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:53:17 -0800 Subject: [PATCH 14/14] regenerate eks --- provider-ci/test-providers/eks/.ci-mgmt.yaml | 2 +- .../eks/.github/workflows/build_provider.yml | 5 +- .../eks/.github/workflows/build_sdk.yml | 1 - .../.github/workflows/command-dispatch.yml | 1 - .../eks/.github/workflows/license.yml | 1 - .../eks/.github/workflows/lint.yml | 1 - .../eks/.github/workflows/master.yml | 61 +++---------- .../eks/.github/workflows/prerelease.yml | 17 ++-- .../eks/.github/workflows/prerequisites.yml | 13 ++- .../eks/.github/workflows/publish.yml | 1 - .../eks/.github/workflows/pull-request.yml | 1 - .../eks/.github/workflows/release.yml | 17 ++-- .../eks/.github/workflows/resync-build.yml | 1 - .../workflows/run-acceptance-tests.yml | 87 ++++++++++++------- .../eks/.github/workflows/verify-release.yml | 1 - 15 files changed, 96 insertions(+), 114 deletions(-) diff --git a/provider-ci/test-providers/eks/.ci-mgmt.yaml b/provider-ci/test-providers/eks/.ci-mgmt.yaml index abe552ea0a..23c7d95dbf 100644 --- a/provider-ci/test-providers/eks/.ci-mgmt.yaml +++ b/provider-ci/test-providers/eks/.ci-mgmt.yaml @@ -4,7 +4,6 @@ aws: true env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} GOLANGCI_LINT_VERSION: v1.61.0 @@ -23,3 +22,4 @@ env: PULUMI_ENABLE_RESOURCE_REFERENCES: 1 PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget template: generic +freeDiskSpaceBeforeTest: true # TODO: https://github.com/pulumi/pulumi/issues/17718 diff --git a/provider-ci/test-providers/eks/.github/workflows/build_provider.yml b/provider-ci/test-providers/eks/.github/workflows/build_provider.yml index afccb150e8..dd151611e9 100644 --- a/provider-ci/test-providers/eks/.github/workflows/build_provider.yml +++ b/provider-ci/test-providers/eks/.github/workflows/build_provider.yml @@ -45,14 +45,11 @@ jobs: # Avoid creating directories for each artifact merge-multiple: true path: provider/cmd/pulumi-resource-eks/schema-embed.json - - name: Prepare for build - # This installs plugins and prepares upstream - run: make upstream - name: Build & package provider run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} - name: Upload artifacts uses: actions/upload-artifact@v4 with: name: pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz - path: bin/pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: dist/pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml b/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml index 61ed3fe297..00292ce7a2 100644 --- a/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml +++ b/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml @@ -9,7 +9,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml index 323780c891..6118880b97 100644 --- a/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml +++ b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml @@ -2,7 +2,6 @@ env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/license.yml b/provider-ci/test-providers/eks/.github/workflows/license.yml index daa10f0a6a..0edf104363 100644 --- a/provider-ci/test-providers/eks/.github/workflows/license.yml +++ b/provider-ci/test-providers/eks/.github/workflows/license.yml @@ -8,7 +8,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/lint.yml b/provider-ci/test-providers/eks/.github/workflows/lint.yml index adf5e979a0..6d12e18d9a 100644 --- a/provider-ci/test-providers/eks/.github/workflows/lint.yml +++ b/provider-ci/test-providers/eks/.github/workflows/lint.yml @@ -8,7 +8,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/master.yml b/provider-ci/test-providers/eks/.github/workflows/master.yml index 26af09bf2e..904923fa9f 100644 --- a/provider-ci/test-providers/eks/.github/workflows/master.yml +++ b/provider-ci/test-providers/eks/.github/workflows/master.yml @@ -2,7 +2,6 @@ env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -49,46 +48,6 @@ jobs: with: version: ${{ needs.prerequisites.outputs.version }} - generate_coverage_data: - continue-on-error: true - env: - COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }} - name: generate_coverage_data - needs: prerequisites - runs-on: ubuntu-latest - steps: - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@v1.3.1 - with: - tool-cache: false - swap-storage: false - - name: Checkout Repo - uses: actions/checkout@v4 - with: - persist-credentials: false - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} - aws-region: us-west-2 - aws-secret-access-key: ${{ secrets.AWS_CORP_S3_UPLOAD_SECRET_ACCESS_KEY }} - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, go, schema-tools - - name: Echo Coverage Output Dir - run: 'echo "Coverage output directory: ${{ env.COVERAGE_OUTPUT_DIR }}"' - - name: Generate Coverage Data - run: PULUMI_MISSING_DOCS_ERROR=true make tfgen - - name: Summarize Provider Coverage Results - run: cat ${{ env.COVERAGE_OUTPUT_DIR }}/shortSummary.txt - - name: Upload coverage data to S3 - run: >- - summaryName="${PROVIDER}_summary_$(date +"%Y-%m-%d_%H-%M-%S").json" - - s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" - - aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control lint: name: lint uses: ./.github/workflows/lint.yml @@ -144,6 +103,13 @@ jobs: env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + tool-cache: false + swap-storage: false + dotnet: false - name: Checkout Repo uses: actions/checkout@v4 with: @@ -179,13 +145,12 @@ jobs: role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: diff --git a/provider-ci/test-providers/eks/.github/workflows/prerelease.yml b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml index 19ccfebec6..81845a3291 100644 --- a/provider-ci/test-providers/eks/.github/workflows/prerelease.yml +++ b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml @@ -3,7 +3,6 @@ env: IS_PRERELEASE: true ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -86,6 +85,13 @@ jobs: env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + tool-cache: false + swap-storage: false + dotnet: false - name: Checkout Repo uses: actions/checkout@v4 with: @@ -121,13 +127,8 @@ jobs: role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: diff --git a/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml b/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml index 1c727afa03..26d0611ed1 100644 --- a/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml +++ b/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml @@ -19,7 +19,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -64,22 +63,22 @@ jobs: path: | .pulumi/examples-cache key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} - - name: Prepare upstream code - run: make upstream - name: Setup tools uses: ./.github/actions/setup-tools with: tools: go, pulumictl, pulumicli, schema-tools - - name: Build schema generator binary - run: make tfgen_build_only - name: Install plugins run: make install_plugins - name: Generate schema - run: make tfgen_no_deps + run: make schema - name: Build provider binary - run: make provider_no_deps + run: make provider - name: Unit-test provider code run: make test_provider + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: inputs.is_pr name: Check Schema is Valid run: | diff --git a/provider-ci/test-providers/eks/.github/workflows/publish.yml b/provider-ci/test-providers/eks/.github/workflows/publish.yml index 9d65db1ccc..334f20f95a 100644 --- a/provider-ci/test-providers/eks/.github/workflows/publish.yml +++ b/provider-ci/test-providers/eks/.github/workflows/publish.yml @@ -18,7 +18,6 @@ on: env: IS_PRERELEASE: ${{ inputs.isPrerelease }} ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/pull-request.yml b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml index 6a305605f9..6dfee6450d 100644 --- a/provider-ci/test-providers/eks/.github/workflows/pull-request.yml +++ b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml @@ -2,7 +2,6 @@ env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/release.yml b/provider-ci/test-providers/eks/.github/workflows/release.yml index d46e68714a..a04ede3013 100644 --- a/provider-ci/test-providers/eks/.github/workflows/release.yml +++ b/provider-ci/test-providers/eks/.github/workflows/release.yml @@ -8,7 +8,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -92,6 +91,13 @@ jobs: env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + tool-cache: false + swap-storage: false + dotnet: false - name: Checkout Repo uses: actions/checkout@v4 with: @@ -127,13 +133,8 @@ jobs: role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: diff --git a/provider-ci/test-providers/eks/.github/workflows/resync-build.yml b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml index 5b194351b2..80c0e5eccd 100644 --- a/provider-ci/test-providers/eks/.github/workflows/resync-build.yml +++ b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml @@ -4,7 +4,6 @@ env: PULUMI_EXTRA_MAPPING_ERROR: true PULUMI_MISSING_MAPPING_ERROR: true ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml index fedba7ef9b..0abf5abcd9 100644 --- a/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml @@ -13,7 +13,6 @@ on: env: PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -120,6 +119,7 @@ jobs: # otherwise use the current SHA for any other type of build. sha: ${{ github.event.pull_request.head.sha || github.sha }} + # TODO: Extract into shared action. test: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository @@ -134,34 +134,49 @@ jobs: env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + tool-cache: false + swap-storage: false + dotnet: false - name: Checkout Repo uses: actions/checkout@v4 with: ref: ${{ env.PR_COMMIT_SHA }} persist-credentials: false - - name: Checkout p/examples - if: matrix.testTarget == 'pulumiExamples' - uses: actions/checkout@v4 - with: - repository: pulumi/examples - path: p-examples - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumictl, pulumicli, ${{ matrix.language }} + tools: pulumictl, pulumicli, go, nodejs, python, dotnet, java - name: Download bin uses: ./.github/actions/download-bin - name: Add NuGet source - if: matrix.language == 'dotnet' run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK + - name: Download nodejs SDK + uses: ./.github/actions/download-sdk + with: + language: nodejs + - name: Download python SDK + uses: ./.github/actions/download-sdk + with: + language: python + - name: Download dotnet SDK + uses: ./.github/actions/download-sdk + with: + language: dotnet + - name: Download go SDK uses: ./.github/actions/download-sdk with: - language: ${{ matrix.language }} + language: go + - name: Download java SDK + uses: ./.github/actions/download-sdk + with: + language: java - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps - if: matrix.language == 'python' run: |- pip3 install virtualenv==20.0.23 pip3 install pipenv @@ -175,28 +190,40 @@ jobs: role-session-name: eks@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 + run: make install_sdks + - name: Generate shard + id: shard + uses: hashicorp-forge/go-test-split-action@v2.0.0 with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - if: matrix.testTarget == 'local' - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . - - name: Run pulumi/examples tests - if: matrix.testTarget == 'pulumiExamples' - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . + working-directory: examples # TODO: Parameterize this. + flags: -tags=all + total: ${{ matrix.total }} + index: ${{ matrix.index }} + - name: Run example tests + run: make test_shard + env: + TAGS: all + TESTS: ${{ steps.shard.outputs.run}} + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} strategy: fail-fast: false matrix: - language: - - nodejs - - python - - dotnet - - go - - java - testTarget: [local] + total: + - 10 + index: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + - 8 + - 9 license_check: name: License Check uses: ./.github/workflows/license.yml diff --git a/provider-ci/test-providers/eks/.github/workflows/verify-release.yml b/provider-ci/test-providers/eks/.github/workflows/verify-release.yml index e35f022e01..aae2bc6c06 100644 --- a/provider-ci/test-providers/eks/.github/workflows/verify-release.yml +++ b/provider-ci/test-providers/eks/.github/workflows/verify-release.yml @@ -35,7 +35,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}