-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Handle sdk-gen during prerequisites (#1252)
Some native providers, particularly go-providers like p-docker-build and p-command, generate their SDKs during the prerequisites step. This is a roadblock for Renovate https://github.com/pulumi/pulumi-command/actions/runs/12519817033/job/34924483839?pr=609 This tweaks our native workflows to allow committing SDK changes during the prerequisites step. This ends up touching release, prerelease, and other workflows as a result. I added an additional check -- `github.event_name == 'pull_request'` -- to safeguard against any of this running during releases etc. I also added a check to confirm `sdk` was touched before we try to commit it, to avoid situations where `prerequisites` might touch something else like `schema.json`. I had a couple changes locally which I forgot to push to #1248 which also bring native behavior more in line with bridged: checking out the repo with `persist-credentials: false` (without this tests won't re-run after we push) and `fail-fast: false` for Renovate PRs.
- Loading branch information
Showing
36 changed files
with
1,394 additions
and
105 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -117,6 +117,47 @@ jobs: | |
| sdk/go/**/pulumiUtilities.go | ||
| sdk/nodejs/package.json | ||
| sdk/python/pyproject.toml | ||
| - name: Commit ${{ matrix.language }} SDK changes for Renovate | ||
| if: failure() && steps.worktreeClean.outcome == 'failure' && | ||
| contains(github.actor, 'renovate') && github.event_name == | ||
| 'pull_request' | ||
| shell: bash | ||
| run: > | ||
| git diff --quiet -- sdk && echo "no changes to sdk" && exit | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "pulumi-bot" | ||
| # Stash local changes and check out the PR's branch directly. | ||
| git stash | ||
| git fetch | ||
| git checkout "origin/$HEAD_REF" | ||
| # Apply and add our changes, but don't commit any files we expect to | ||
| # always change due to versioning. | ||
| git stash pop | ||
| git add sdk | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json | ||
| git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' | ||
| # Push with pulumi-bot credentials to trigger a re-run of the | ||
| # workflow. https://github.com/orgs/community/discussions/25702 | ||
| git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" | ||
| env: | ||
| HEAD_REF: ${{ github.head_ref }} | ||
| - run: git status --porcelain | ||
| - name: Tar provider binaries | ||
| run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | ||
|
|
@@ -153,7 +194,7 @@ jobs: | |
| needs: prerequisites | ||
| runs-on: pulumi-ubuntu-8core | ||
| strategy: | ||
| fail-fast: true | ||
| fail-fast: ${{ ! contains(github.actor, 'renovate') }} | ||
| matrix: | ||
| language: | ||
| - nodejs | ||
|
|
@@ -237,9 +278,12 @@ jobs: | |
| sdk/python/pyproject.toml | ||
| - name: Commit ${{ matrix.language }} SDK changes for Renovate | ||
| if: failure() && steps.worktreeClean.outcome == 'failure' && | ||
| contains(github.actor, 'renovate') | ||
| contains(github.actor, 'renovate') && github.event_name == | ||
| 'pull_request' | ||
| shell: bash | ||
| run: > | ||
| git diff --quiet -- sdk && echo "no changes to sdk" && exit | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "pulumi-bot" | ||
|
|
@@ -261,7 +305,7 @@ jobs: | |
| git add sdk | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json | ||
| git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -109,6 +109,47 @@ jobs: | |
| sdk/go/**/pulumiUtilities.go | ||
| sdk/nodejs/package.json | ||
| sdk/python/pyproject.toml | ||
| - name: Commit ${{ matrix.language }} SDK changes for Renovate | ||
| if: failure() && steps.worktreeClean.outcome == 'failure' && | ||
| contains(github.actor, 'renovate') && github.event_name == | ||
| 'pull_request' | ||
| shell: bash | ||
| run: > | ||
| git diff --quiet -- sdk && echo "no changes to sdk" && exit | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "pulumi-bot" | ||
| # Stash local changes and check out the PR's branch directly. | ||
| git stash | ||
| git fetch | ||
| git checkout "origin/$HEAD_REF" | ||
| # Apply and add our changes, but don't commit any files we expect to | ||
| # always change due to versioning. | ||
| git stash pop | ||
| git add sdk | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json | ||
| git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' | ||
| # Push with pulumi-bot credentials to trigger a re-run of the | ||
| # workflow. https://github.com/orgs/community/discussions/25702 | ||
| git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" | ||
| env: | ||
| HEAD_REF: ${{ github.head_ref }} | ||
| - run: git status --porcelain | ||
| - name: Tar provider binaries | ||
| run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | ||
|
|
@@ -145,7 +186,7 @@ jobs: | |
| needs: prerequisites | ||
| runs-on: pulumi-ubuntu-8core | ||
| strategy: | ||
| fail-fast: true | ||
| fail-fast: ${{ ! contains(github.actor, 'renovate') }} | ||
| matrix: | ||
| language: | ||
| - nodejs | ||
|
|
@@ -229,9 +270,12 @@ jobs: | |
| sdk/python/pyproject.toml | ||
| - name: Commit ${{ matrix.language }} SDK changes for Renovate | ||
| if: failure() && steps.worktreeClean.outcome == 'failure' && | ||
| contains(github.actor, 'renovate') | ||
| contains(github.actor, 'renovate') && github.event_name == | ||
| 'pull_request' | ||
| shell: bash | ||
| run: > | ||
| git diff --quiet -- sdk && echo "no changes to sdk" && exit | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "pulumi-bot" | ||
|
|
@@ -253,7 +297,7 @@ jobs: | |
| git add sdk | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json | ||
| git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -109,6 +109,47 @@ jobs: | |
| sdk/go/**/pulumiUtilities.go | ||
| sdk/nodejs/package.json | ||
| sdk/python/pyproject.toml | ||
| - name: Commit ${{ matrix.language }} SDK changes for Renovate | ||
| if: failure() && steps.worktreeClean.outcome == 'failure' && | ||
| contains(github.actor, 'renovate') && github.event_name == | ||
| 'pull_request' | ||
| shell: bash | ||
| run: > | ||
| git diff --quiet -- sdk && echo "no changes to sdk" && exit | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "pulumi-bot" | ||
| # Stash local changes and check out the PR's branch directly. | ||
| git stash | ||
| git fetch | ||
| git checkout "origin/$HEAD_REF" | ||
| # Apply and add our changes, but don't commit any files we expect to | ||
| # always change due to versioning. | ||
| git stash pop | ||
| git add sdk | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json | ||
| git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' | ||
| # Push with pulumi-bot credentials to trigger a re-run of the | ||
| # workflow. https://github.com/orgs/community/discussions/25702 | ||
| git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" | ||
| env: | ||
| HEAD_REF: ${{ github.head_ref }} | ||
| - run: git status --porcelain | ||
| - name: Tar provider binaries | ||
| run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | ||
|
|
@@ -145,7 +186,7 @@ jobs: | |
| needs: prerequisites | ||
| runs-on: pulumi-ubuntu-8core | ||
| strategy: | ||
| fail-fast: true | ||
| fail-fast: ${{ ! contains(github.actor, 'renovate') }} | ||
| matrix: | ||
| language: | ||
| - nodejs | ||
|
|
@@ -229,9 +270,12 @@ jobs: | |
| sdk/python/pyproject.toml | ||
| - name: Commit ${{ matrix.language }} SDK changes for Renovate | ||
| if: failure() && steps.worktreeClean.outcome == 'failure' && | ||
| contains(github.actor, 'renovate') | ||
| contains(github.actor, 'renovate') && github.event_name == | ||
| 'pull_request' | ||
| shell: bash | ||
| run: > | ||
| git diff --quiet -- sdk && echo "no changes to sdk" && exit | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "pulumi-bot" | ||
|
|
@@ -253,7 +297,7 @@ jobs: | |
| git add sdk | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json | ||
| git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -63,6 +63,7 @@ jobs: | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | ||
| with: | ||
| lfs: true | ||
| persist-credentials: false | ||
| ref: ${{ env.PR_COMMIT_SHA }} | ||
| - id: version | ||
| name: Set Provider Version | ||
|
|
@@ -131,6 +132,47 @@ jobs: | |
| sdk/go/**/pulumiUtilities.go | ||
| sdk/nodejs/package.json | ||
| sdk/python/pyproject.toml | ||
| - name: Commit ${{ matrix.language }} SDK changes for Renovate | ||
| if: failure() && steps.worktreeClean.outcome == 'failure' && | ||
| contains(github.actor, 'renovate') && github.event_name == | ||
| 'pull_request' | ||
| shell: bash | ||
| run: > | ||
| git diff --quiet -- sdk && echo "no changes to sdk" && exit | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "pulumi-bot" | ||
| # Stash local changes and check out the PR's branch directly. | ||
| git stash | ||
| git fetch | ||
| git checkout "origin/$HEAD_REF" | ||
| # Apply and add our changes, but don't commit any files we expect to | ||
| # always change due to versioning. | ||
| git stash pop | ||
| git add sdk | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json | ||
| git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' | ||
| # Push with pulumi-bot credentials to trigger a re-run of the | ||
| # workflow. https://github.com/orgs/community/discussions/25702 | ||
| git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" | ||
| env: | ||
| HEAD_REF: ${{ github.head_ref }} | ||
| - run: git status --porcelain | ||
| - name: Tar provider binaries | ||
| run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | ||
|
|
@@ -169,7 +211,7 @@ jobs: | |
| needs: prerequisites | ||
| runs-on: pulumi-ubuntu-8core | ||
| strategy: | ||
| fail-fast: true | ||
| fail-fast: ${{ ! contains(github.actor, 'renovate') }} | ||
| matrix: | ||
| language: | ||
| - nodejs | ||
|
|
@@ -183,6 +225,7 @@ jobs: | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | ||
| with: | ||
| lfs: true | ||
| persist-credentials: false | ||
| ref: ${{ env.PR_COMMIT_SHA }} | ||
| - id: version | ||
| name: Set Provider Version | ||
|
|
@@ -254,9 +297,12 @@ jobs: | |
| sdk/python/pyproject.toml | ||
| - name: Commit ${{ matrix.language }} SDK changes for Renovate | ||
| if: failure() && steps.worktreeClean.outcome == 'failure' && | ||
| contains(github.actor, 'renovate') | ||
| contains(github.actor, 'renovate') && github.event_name == | ||
| 'pull_request' | ||
| shell: bash | ||
| run: > | ||
| git diff --quiet -- sdk && echo "no changes to sdk" && exit | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "pulumi-bot" | ||
|
|
@@ -278,7 +324,7 @@ jobs: | |
| git add sdk | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml | ||
| git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json | ||
| git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' | ||
|
|
@@ -330,6 +376,7 @@ jobs: | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | ||
| with: | ||
| lfs: true | ||
| persist-credentials: false | ||
| ref: ${{ env.PR_COMMIT_SHA }} | ||
| - id: version | ||
| name: Set Provider Version | ||
|
|
||
Oops, something went wrong.