Skip to content
.github/workflows/ci.yml

Update first-party Pulumi dependencies to v3.216.0 #720

Sign in to view logs

Update first-party Pulumi dependencies to v3.216.0

Update first-party Pulumi dependencies to v3.216.0 #720

Workflow file for this run

.github/workflows/ci.yml at eff086d
on:
pull_request:
paths-ignore:
# Skip CI checks if the only things that have changed are CHANGELOG entries (which is typically the case when a PR
# or Push is occurring as part of a release process).
- 'CHANGELOG.md'
- '.changes/**'
push:
branches:
- main
tags:
- sdk/v*.*.*
paths-ignore:
# Skip CI checks if the only things that have changed are CHANGELOG entries (which is typically the case when a PR
# or Push is occurring as part of a release process).
- 'CHANGELOG.md'
- '.changes/**'
repository_dispatch:
types:
- run-acceptance-tests-command
schedule:
- cron: "43 6 * * *"
env:
PULUMI_API: https://api.pulumi-staging.io
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
AWS_REGION: us-west-2
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: [email protected]
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT_NUMBER: 895284651812
GOLANGCI_LINT_VERSION: v2.5.0
jobs:
prerequisites:
runs-on: ubuntu-latest
timeout-minutes: 15
outputs:
gotcloudcreds: ${{ steps.gotcloudcreds.outputs.gotcloudcreds }}
steps:
- uses: actions/checkout@v3
with:
submodules: recursive
- name: Fetch Tags
run: git fetch --quiet --prune --unshallow --tags
- name: Install Pulumi CLI
uses: pulumi/actions@8582a9e8cc630786854029b4e09281acd6794b58 # v6
with:
pulumi-version: dev
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
tag: v0.0.31
cache: enable
- run: ./scripts/versions.sh | tee versions.txt
- name: Setup versioning env vars
run: cat versions.txt | tee $GITHUB_ENV
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'temurin'
cache: 'gradle'
- name: Set up Go
uses: actions/setup-go@v6
with:
go-version: stable
cache-dependency-path: "**/go.sum"
- name: Setup Gradle
uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
with:
gradle-version: 8.14.1
- name: Build and unit-test Pulumi Java SDK
run: |
cd sdk/java && gradle build testAll
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v5
with:
directory: sdk/java/pulumi/build/reports/jacoco/allTests
token: ${{ secrets.CODECOV_TOKEN }}
- run: make build_go
- run: make bin/pulumi-java-gen
- run: make bin/pulumi-language-java
- uses: actions/upload-artifact@v4
with:
name: versions.txt
path: versions.txt
- uses: actions/upload-artifact@v4
with:
name: go-binaries
path: bin/
- name: Setup Gradle
uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
with:
gradle-version: 8.14.1
- name: Publish Pulumi Java SDK to Maven Local
run: |
cd sdk/java && gradle publishToMavenLocal
- uses: actions/upload-artifact@v4
with:
name: java-sdk
path: ~/.m2/repository/com/pulumi
- name: Check whether cloud creds for test envs are available
id: gotcloudcreds
env:
KEY: ${{ secrets.AWS_ACCESS_KEY_ID }}
run: |
echo "Enable testing against cloud environments: ${{ env.KEY != '' }}"
echo "gotcloudcreds=${{ env.KEY != '' }}" >> "$GITHUB_OUTPUT"
strategy:
fail-fast: true
# Run Go tests, most notably codegen tests. These are in a separate
# job not to block other validations.
go-tests:
runs-on: ubuntu-latest
needs: prerequisites
timeout-minutes: 30
strategy:
fail-fast: false
steps:
- uses: actions/checkout@v3
with:
submodules: recursive
- name: Install Pulumi CLI
uses: pulumi/actions@8582a9e8cc630786854029b4e09281acd6794b58 # v6
with:
pulumi-version: latest
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'temurin'
cache: 'gradle'
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: stable
cache-dependency-path: "**/go.sum"
- name: Download go-binaries
uses: actions/download-artifact@v5
with:
name: go-binaries
path: ~/bin
- name: Activate go-binaries
run: |
chmod a+x ~/bin/pulumi-language-java
chmod a+x ~/bin/pulumi-java-gen
- name: Download versions.txt
uses: actions/download-artifact@v5
with:
name: versions.txt
path: artifacts
- name: Setup versioning env vars
run: cat artifacts/versions.txt | tee $GITHUB_ENV
- name: Setup Gradle
uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
with:
gradle-version: 8.14.1
- name: Publish Pulumi Java SDK to Maven Local to enable codegen tests
run: |
cd sdk/java && gradle publishToMavenLocal
env:
# Override to match gen_test.go
PULUMI_JAVA_SDK_VERSION: 0.0.1
- name: Download Java SDK
uses: actions/download-artifact@v5
with:
name: java-sdk
path: ~/.m2/repository/com/pulumi
- run: cd pkg && go test -timeout 25m ./... -v
examples:
runs-on: ubuntu-latest
needs: prerequisites
if: needs.prerequisites.outputs.gotcloudcreds == 'true'
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
example:
- aws-java-eks-minimal
- aws-java-webserver
- aws-native-java-s3-folder
- azure-java-appservice-sql
- azure-java-static-website
- gcp-java-gke-hello-world
- kubernetes
- minimal
- minimalsbt
- random
permissions:
contents: read
id-token: write
steps:
- uses: actions/checkout@v3
with:
submodules: recursive
- name: Install Pulumi CLI
uses: pulumi/actions@8582a9e8cc630786854029b4e09281acd6794b58 # v6
with:
pulumi-version: latest
- run: make clone_examples
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: '17'
distribution: 'temurin'
cache: 'gradle'
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: stable
cache-dependency-path: "**/go.sum"
- name: Install Pulumi CLI
uses: pulumi/actions@8582a9e8cc630786854029b4e09281acd6794b58 # v6
- name: Download versions.txt
uses: actions/download-artifact@v5
with:
name: versions.txt
path: artifacts
- name: Setup versioning env vars
run: cat artifacts/versions.txt | tee $GITHUB_ENV
- name: Download Java SDK
uses: actions/download-artifact@v5
with:
name: java-sdk
path: ~/.m2/repository/com/pulumi
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: ${{ env.AWS_REGION }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 3600
role-session-name: ${{ env.PROVIDER }}@githubActions
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@v2
with:
install_components: gke-gcloud-auth-plugin
- name: Run ${{ matrix.example }} example
env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
run: make test_example.${{ matrix.example }}
go-lint:
runs-on: ubuntu-latest
timeout-minutes: 10
name: Lint pkg
steps:
- name: Checkout Repo
uses: actions/checkout@v3
with:
ref: ${{ env.PR_COMMIT_SHA }}
submodules: recursive
- name: Set up Go
uses: actions/setup-go@v6
with:
go-version: stable
- name: golangci-lint
uses: golangci/golangci-lint-action@v8
with:
version: ${{ env.GOLANGCI_LINT_VERSION }}
working-directory: pkg
args: --config ../.golangci.yml ./...
- name: Ensure no pulumi/pkg
run: make lint_pkg_dependencies
test_integrations:
runs-on: ubuntu-latest
needs: prerequisites
timeout-minutes: 10
strategy:
fail-fast: false
steps:
- uses: actions/checkout@v5
with:
fetch-tags: true
fetch-depth: 0
submodules: recursive
- name: Install Pulumi CLI
uses: pulumi/actions@8582a9e8cc630786854029b4e09281acd6794b58 # v6
with:
pulumi-version: latest
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'temurin'
cache: 'gradle'
- name: Setup Gradle
uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
with:
gradle-version: 8.14.1
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: stable
- name: Configure Go cache
id: go-cache-paths
run: |
echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT"
echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT"
- name: Set up Go cache
uses: actions/cache@v4
id: go-cache
with:
path: |
${{ steps.go-cache-paths.outputs.go-build }}
${{ steps.go-cache-paths.outputs.go-mod }}
key: go-cache-integrations-${{ hashFiles('**/go.sum') }}
- name: Install Pulumi CLI
uses: pulumi/action-install-pulumi-cli@b374ceb6168550de27c6eba92e01c1a774040e11 # v2
- name: Download versions.txt
uses: actions/download-artifact@v5
with:
name: versions.txt
path: artifacts
- name: Setup versioning env vars
run: cat artifacts/versions.txt | tee $GITHUB_ENV
- name: Download Java SDK
uses: actions/download-artifact@v5
with:
name: java-sdk
path: ~/.m2/repository/com/pulumi
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
tag: v0.0.31
cache: enable
- name: Run integration tests
env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
run: make test_integrations
test_templates:
runs-on: ubuntu-latest
needs: prerequisites
if: needs.prerequisites.outputs.gotcloudcreds == 'true'
timeout-minutes: 30
permissions:
contents: read
id-token: write
steps:
- uses: actions/checkout@v3
with:
submodules: recursive
- name: Install Pulumi CLI
uses: pulumi/actions@8582a9e8cc630786854029b4e09281acd6794b58 # v6
with:
pulumi-version: latest
- run: make clone_templates
- name: Set up JDK 11
uses: actions/setup-java@v4
with:
java-version: '11'
distribution: 'temurin'
cache: 'gradle'
- name: Setup Gradle
uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
with:
gradle-version: 8.14.1
- name: Set up Go
uses: actions/setup-go@v6
with:
go-version: stable
cache-dependency-path: "**/go.sum"
- name: Download versions.txt
uses: actions/download-artifact@v5
with:
name: versions.txt
path: artifacts
- name: Setup versioning env vars
run: cat artifacts/versions.txt | tee $GITHUB_ENV
- name: Download Java SDK
uses: actions/download-artifact@v5
with:
name: java-sdk
path: ~/.m2/repository/com/pulumi
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: ${{ env.AWS_REGION }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 3600
role-session-name: ${{ env.PROVIDER }}@githubActions
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
}}/locations/global/workloadIdentityPools/${{
env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
- name: Setup gcloud auth
uses: google-github-actions/setup-gcloud@v2
with:
install_components: gke-gcloud-auth-plugin
- env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
run: make test_templates
ci-ok:
name: ci-ok
needs: [prerequisites, go-tests, examples, go-lint, test_integrations, test_templates]
if: always()
runs-on: ubuntu-latest
steps:
- name: CI failed
if: ${{ needs.go-tests.result != 'success' || needs.examples.result != 'success' || needs.go-lint.result != 'success' || needs.test_integrations.result != 'success' || needs.test_templates.result != 'success' }}
run: exit 1
- name: CI succeeded
run: exit 0