From b26e774cc2dc6b7a6526ca40407d8772afcca1fa Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 23 Dec 2024 12:43:43 -0800 Subject: [PATCH 1/2] Commit bridged SDK --- .../.github/workflows/build_sdk.yml | 42 ++++++++++++++++++- .../acme/.github/workflows/build_sdk.yml | 42 ++++++++++++++++++- .../aws/.github/workflows/build_sdk.yml | 42 ++++++++++++++++++- .../.github/workflows/build_sdk.yml | 42 ++++++++++++++++++- .../docker/.github/workflows/build_sdk.yml | 42 ++++++++++++++++++- 5 files changed, 205 insertions(+), 5 deletions(-) diff --git a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_sdk.yml b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_sdk.yml index 9ee4bd132a..bf52b667ca 100644 --- a/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_sdk.yml +++ b/provider-ci/internal/pkg/templates/bridged-provider/.github/workflows/build_sdk.yml @@ -18,7 +18,9 @@ jobs: name: build_sdk runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# strategy: - fail-fast: true + # We normally fail fast unless this is a PR from Renovate in which case + # we'll always build all SDKs in case there are any changes to commit. + fail-fast: ${{ ! contains(github.actor, 'renovate') }} matrix: language: #{{ .Config.Languages | toYaml | indent 8 }}# @@ -60,14 +62,52 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@v1 with: + # Keep these in sync with the Renovate step below to avoid them getting checked in. allowed-changes: | sdk/**/pulumi-plugin.json sdk/dotnet/*.csproj sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + # If the worktree is dirty and this is a Renovate PR to bump + # dependencies, commit the updated SDK and push it back to the PR. The + # job will still be marked as a failure. + if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') + shell: bash + run: | + git config --global user.email "bot@pulumi.com" + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + git stash + git fetch + git checkout "origin/$HEAD_REF" + + # Apply and add our changes, but don't commit any files we expect to + # always change due to versioning. + git stash pop + git add sdk + git reset \ + sdk/python/*/pulumi-plugin.json \ + sdk/dotnet/Pulumi.*.csproj \ + sdk/go/*/internal/pulumiUtilities.go \ + sdk/nodejs/package.json \ + sdk/python/pyproject.toml + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + # Push with pulumi-bot credentials to trigger a re-run of the + # workflow. https://github.com/orgs/community/discussions/25702 + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} \ + "HEAD:$HEAD_REF" + env: + # head_ref is untrusted so it's recommended to pass via env var to + # avoid injections. + HEAD_REF: ${{ github.head_ref }} + - name: Upload SDK uses: ./.github/actions/upload-sdk with: diff --git a/provider-ci/test-providers/acme/.github/workflows/build_sdk.yml b/provider-ci/test-providers/acme/.github/workflows/build_sdk.yml index b132ef7f8f..714904351f 100644 --- a/provider-ci/test-providers/acme/.github/workflows/build_sdk.yml +++ b/provider-ci/test-providers/acme/.github/workflows/build_sdk.yml @@ -33,7 +33,9 @@ jobs: name: build_sdk runs-on: ubuntu-latest strategy: - fail-fast: true + # We normally fail fast unless this is a PR from Renovate in which case + # we'll always build all SDKs in case there are any changes to commit. + fail-fast: ${{ ! contains(github.actor, 'renovate') }} matrix: language: - dotnet @@ -66,14 +68,52 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@v1 with: + # Keep these in sync with the Renovate step below to avoid them getting checked in. allowed-changes: | sdk/**/pulumi-plugin.json sdk/dotnet/*.csproj sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + # If the worktree is dirty and this is a Renovate PR to bump + # dependencies, commit the updated SDK and push it back to the PR. The + # job will still be marked as a failure. + if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') + shell: bash + run: | + git config --global user.email "bot@pulumi.com" + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + git stash + git fetch + git checkout "origin/$HEAD_REF" + + # Apply and add our changes, but don't commit any files we expect to + # always change due to versioning. + git stash pop + git add sdk + git reset \ + sdk/python/*/pulumi-plugin.json \ + sdk/dotnet/Pulumi.*.csproj \ + sdk/go/*/internal/pulumiUtilities.go \ + sdk/nodejs/package.json \ + sdk/python/pyproject.toml + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + # Push with pulumi-bot credentials to trigger a re-run of the + # workflow. https://github.com/orgs/community/discussions/25702 + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} \ + "HEAD:$HEAD_REF" + env: + # head_ref is untrusted so it's recommended to pass via env var to + # avoid injections. + HEAD_REF: ${{ github.head_ref }} + - name: Upload SDK uses: ./.github/actions/upload-sdk with: diff --git a/provider-ci/test-providers/aws/.github/workflows/build_sdk.yml b/provider-ci/test-providers/aws/.github/workflows/build_sdk.yml index b917db8cc8..ce98e79952 100644 --- a/provider-ci/test-providers/aws/.github/workflows/build_sdk.yml +++ b/provider-ci/test-providers/aws/.github/workflows/build_sdk.yml @@ -36,7 +36,9 @@ jobs: name: build_sdk runs-on: ubuntu-latest strategy: - fail-fast: true + # We normally fail fast unless this is a PR from Renovate in which case + # we'll always build all SDKs in case there are any changes to commit. + fail-fast: ${{ ! contains(github.actor, 'renovate') }} matrix: language: - nodejs @@ -78,14 +80,52 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@v1 with: + # Keep these in sync with the Renovate step below to avoid them getting checked in. allowed-changes: | sdk/**/pulumi-plugin.json sdk/dotnet/*.csproj sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + # If the worktree is dirty and this is a Renovate PR to bump + # dependencies, commit the updated SDK and push it back to the PR. The + # job will still be marked as a failure. + if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') + shell: bash + run: | + git config --global user.email "bot@pulumi.com" + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + git stash + git fetch + git checkout "origin/$HEAD_REF" + + # Apply and add our changes, but don't commit any files we expect to + # always change due to versioning. + git stash pop + git add sdk + git reset \ + sdk/python/*/pulumi-plugin.json \ + sdk/dotnet/Pulumi.*.csproj \ + sdk/go/*/internal/pulumiUtilities.go \ + sdk/nodejs/package.json \ + sdk/python/pyproject.toml + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + # Push with pulumi-bot credentials to trigger a re-run of the + # workflow. https://github.com/orgs/community/discussions/25702 + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} \ + "HEAD:$HEAD_REF" + env: + # head_ref is untrusted so it's recommended to pass via env var to + # avoid injections. + HEAD_REF: ${{ github.head_ref }} + - name: Upload SDK uses: ./.github/actions/upload-sdk with: diff --git a/provider-ci/test-providers/cloudflare/.github/workflows/build_sdk.yml b/provider-ci/test-providers/cloudflare/.github/workflows/build_sdk.yml index 29ee29e450..f39e182ac5 100644 --- a/provider-ci/test-providers/cloudflare/.github/workflows/build_sdk.yml +++ b/provider-ci/test-providers/cloudflare/.github/workflows/build_sdk.yml @@ -35,7 +35,9 @@ jobs: name: build_sdk runs-on: ubuntu-latest strategy: - fail-fast: true + # We normally fail fast unless this is a PR from Renovate in which case + # we'll always build all SDKs in case there are any changes to commit. + fail-fast: ${{ ! contains(github.actor, 'renovate') }} matrix: language: - nodejs @@ -69,14 +71,52 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@v1 with: + # Keep these in sync with the Renovate step below to avoid them getting checked in. allowed-changes: | sdk/**/pulumi-plugin.json sdk/dotnet/*.csproj sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + # If the worktree is dirty and this is a Renovate PR to bump + # dependencies, commit the updated SDK and push it back to the PR. The + # job will still be marked as a failure. + if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') + shell: bash + run: | + git config --global user.email "bot@pulumi.com" + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + git stash + git fetch + git checkout "origin/$HEAD_REF" + + # Apply and add our changes, but don't commit any files we expect to + # always change due to versioning. + git stash pop + git add sdk + git reset \ + sdk/python/*/pulumi-plugin.json \ + sdk/dotnet/Pulumi.*.csproj \ + sdk/go/*/internal/pulumiUtilities.go \ + sdk/nodejs/package.json \ + sdk/python/pyproject.toml + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + # Push with pulumi-bot credentials to trigger a re-run of the + # workflow. https://github.com/orgs/community/discussions/25702 + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} \ + "HEAD:$HEAD_REF" + env: + # head_ref is untrusted so it's recommended to pass via env var to + # avoid injections. + HEAD_REF: ${{ github.head_ref }} + - name: Upload SDK uses: ./.github/actions/upload-sdk with: diff --git a/provider-ci/test-providers/docker/.github/workflows/build_sdk.yml b/provider-ci/test-providers/docker/.github/workflows/build_sdk.yml index 3de66ac81b..7a847d8590 100644 --- a/provider-ci/test-providers/docker/.github/workflows/build_sdk.yml +++ b/provider-ci/test-providers/docker/.github/workflows/build_sdk.yml @@ -48,7 +48,9 @@ jobs: name: build_sdk runs-on: ubuntu-latest strategy: - fail-fast: true + # We normally fail fast unless this is a PR from Renovate in which case + # we'll always build all SDKs in case there are any changes to commit. + fail-fast: ${{ ! contains(github.actor, 'renovate') }} matrix: language: - nodejs @@ -82,14 +84,52 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@v1 with: + # Keep these in sync with the Renovate step below to avoid them getting checked in. allowed-changes: | sdk/**/pulumi-plugin.json sdk/dotnet/*.csproj sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + # If the worktree is dirty and this is a Renovate PR to bump + # dependencies, commit the updated SDK and push it back to the PR. The + # job will still be marked as a failure. + if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') + shell: bash + run: | + git config --global user.email "bot@pulumi.com" + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + git stash + git fetch + git checkout "origin/$HEAD_REF" + + # Apply and add our changes, but don't commit any files we expect to + # always change due to versioning. + git stash pop + git add sdk + git reset \ + sdk/python/*/pulumi-plugin.json \ + sdk/dotnet/Pulumi.*.csproj \ + sdk/go/*/internal/pulumiUtilities.go \ + sdk/nodejs/package.json \ + sdk/python/pyproject.toml + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + # Push with pulumi-bot credentials to trigger a re-run of the + # workflow. https://github.com/orgs/community/discussions/25702 + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} \ + "HEAD:$HEAD_REF" + env: + # head_ref is untrusted so it's recommended to pass via env var to + # avoid injections. + HEAD_REF: ${{ github.head_ref }} + - name: Upload SDK uses: ./.github/actions/upload-sdk with: From e39b9702ef345a21b261042adaa6fe56cfd79a9c Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 23 Dec 2024 12:55:35 -0800 Subject: [PATCH 2/2] Commit native SDK --- .../repo/.github/workflows/build.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/prerelease.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/release.yml | 40 ++++++++++++++++++ .../workflows/run-acceptance-tests.yml | 40 ++++++++++++++++++ .../command/repo/.github/workflows/build.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/prerelease.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/release.yml | 40 ++++++++++++++++++ .../workflows/run-acceptance-tests.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/build.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/prerelease.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/release.yml | 40 ++++++++++++++++++ .../workflows/run-acceptance-tests.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/build.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/prerelease.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/release.yml | 40 ++++++++++++++++++ .../workflows/run-acceptance-tests.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/build.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/prerelease.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/release.yml | 40 ++++++++++++++++++ .../workflows/run-acceptance-tests.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/build.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/prerelease.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/release.yml | 40 ++++++++++++++++++ .../workflows/run-acceptance-tests.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/build.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/prerelease.yml | 40 ++++++++++++++++++ .../repo/.github/workflows/release.yml | 40 ++++++++++++++++++ .../workflows/run-acceptance-tests.yml | 40 ++++++++++++++++++ native-provider-ci/src/steps.ts | 41 +++++++++++++++++++ native-provider-ci/src/workflows.ts | 1 + 30 files changed, 1162 insertions(+) diff --git a/native-provider-ci/providers/aws-native/repo/.github/workflows/build.yml b/native-provider-ci/providers/aws-native/repo/.github/workflows/build.yml index 140939bc53..84e67a3fda 100644 --- a/native-provider-ci/providers/aws-native/repo/.github/workflows/build.yml +++ b/native-provider-ci/providers/aws-native/repo/.github/workflows/build.yml @@ -108,6 +108,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -225,6 +226,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -233,6 +235,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/aws-native/repo/.github/workflows/prerelease.yml b/native-provider-ci/providers/aws-native/repo/.github/workflows/prerelease.yml index f36f56d8ad..01c9f7db5d 100644 --- a/native-provider-ci/providers/aws-native/repo/.github/workflows/prerelease.yml +++ b/native-provider-ci/providers/aws-native/repo/.github/workflows/prerelease.yml @@ -100,6 +100,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +218,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -225,6 +227,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/aws-native/repo/.github/workflows/release.yml b/native-provider-ci/providers/aws-native/repo/.github/workflows/release.yml index cf5b998040..f61aadac74 100644 --- a/native-provider-ci/providers/aws-native/repo/.github/workflows/release.yml +++ b/native-provider-ci/providers/aws-native/repo/.github/workflows/release.yml @@ -100,6 +100,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +218,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -225,6 +227,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/aws-native/repo/.github/workflows/run-acceptance-tests.yml b/native-provider-ci/providers/aws-native/repo/.github/workflows/run-acceptance-tests.yml index d132ed82b1..7528d03f22 100644 --- a/native-provider-ci/providers/aws-native/repo/.github/workflows/run-acceptance-tests.yml +++ b/native-provider-ci/providers/aws-native/repo/.github/workflows/run-acceptance-tests.yml @@ -122,6 +122,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -242,6 +243,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -250,6 +252,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/command/repo/.github/workflows/build.yml b/native-provider-ci/providers/command/repo/.github/workflows/build.yml index 22231e1668..e931670415 100644 --- a/native-provider-ci/providers/command/repo/.github/workflows/build.yml +++ b/native-provider-ci/providers/command/repo/.github/workflows/build.yml @@ -73,6 +73,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -176,6 +177,7 @@ jobs: - name: Generate SDK run: make ${{ matrix.language }}_sdk - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -184,6 +186,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/command/repo/.github/workflows/prerelease.yml b/native-provider-ci/providers/command/repo/.github/workflows/prerelease.yml index b8176b9654..f9ca3affb8 100644 --- a/native-provider-ci/providers/command/repo/.github/workflows/prerelease.yml +++ b/native-provider-ci/providers/command/repo/.github/workflows/prerelease.yml @@ -65,6 +65,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -168,6 +169,7 @@ jobs: - name: Generate SDK run: make ${{ matrix.language }}_sdk - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -176,6 +178,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/command/repo/.github/workflows/release.yml b/native-provider-ci/providers/command/repo/.github/workflows/release.yml index 16f1ab8c77..0be694f6a7 100644 --- a/native-provider-ci/providers/command/repo/.github/workflows/release.yml +++ b/native-provider-ci/providers/command/repo/.github/workflows/release.yml @@ -65,6 +65,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -168,6 +169,7 @@ jobs: - name: Generate SDK run: make ${{ matrix.language }}_sdk - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -176,6 +178,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/command/repo/.github/workflows/run-acceptance-tests.yml b/native-provider-ci/providers/command/repo/.github/workflows/run-acceptance-tests.yml index eb79b83a81..0ba6f076e8 100644 --- a/native-provider-ci/providers/command/repo/.github/workflows/run-acceptance-tests.yml +++ b/native-provider-ci/providers/command/repo/.github/workflows/run-acceptance-tests.yml @@ -87,6 +87,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -193,6 +194,7 @@ jobs: - name: Generate SDK run: make ${{ matrix.language }}_sdk - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -201,6 +203,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/docker-build/repo/.github/workflows/build.yml b/native-provider-ci/providers/docker-build/repo/.github/workflows/build.yml index bd81c28b70..b9dc92057e 100644 --- a/native-provider-ci/providers/docker-build/repo/.github/workflows/build.yml +++ b/native-provider-ci/providers/docker-build/repo/.github/workflows/build.yml @@ -118,6 +118,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -222,6 +223,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -230,6 +232,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/docker-build/repo/.github/workflows/prerelease.yml b/native-provider-ci/providers/docker-build/repo/.github/workflows/prerelease.yml index 3aebd1d276..f436ab9271 100644 --- a/native-provider-ci/providers/docker-build/repo/.github/workflows/prerelease.yml +++ b/native-provider-ci/providers/docker-build/repo/.github/workflows/prerelease.yml @@ -110,6 +110,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -214,6 +215,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -222,6 +224,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/docker-build/repo/.github/workflows/release.yml b/native-provider-ci/providers/docker-build/repo/.github/workflows/release.yml index 1ead9920e8..17b667a5f9 100644 --- a/native-provider-ci/providers/docker-build/repo/.github/workflows/release.yml +++ b/native-provider-ci/providers/docker-build/repo/.github/workflows/release.yml @@ -110,6 +110,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -214,6 +215,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -222,6 +224,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/docker-build/repo/.github/workflows/run-acceptance-tests.yml b/native-provider-ci/providers/docker-build/repo/.github/workflows/run-acceptance-tests.yml index e9e1b84e2a..04bb598137 100644 --- a/native-provider-ci/providers/docker-build/repo/.github/workflows/run-acceptance-tests.yml +++ b/native-provider-ci/providers/docker-build/repo/.github/workflows/run-acceptance-tests.yml @@ -132,6 +132,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -239,6 +240,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -247,6 +249,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/google-native/repo/.github/workflows/build.yml b/native-provider-ci/providers/google-native/repo/.github/workflows/build.yml index b62d08eba6..6af9aea796 100644 --- a/native-provider-ci/providers/google-native/repo/.github/workflows/build.yml +++ b/native-provider-ci/providers/google-native/repo/.github/workflows/build.yml @@ -112,6 +112,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -218,6 +219,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -226,6 +228,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/google-native/repo/.github/workflows/prerelease.yml b/native-provider-ci/providers/google-native/repo/.github/workflows/prerelease.yml index 4739704e0f..c32a2fd0a5 100644 --- a/native-provider-ci/providers/google-native/repo/.github/workflows/prerelease.yml +++ b/native-provider-ci/providers/google-native/repo/.github/workflows/prerelease.yml @@ -104,6 +104,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -210,6 +211,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -218,6 +220,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/google-native/repo/.github/workflows/release.yml b/native-provider-ci/providers/google-native/repo/.github/workflows/release.yml index 733279124c..de9537a764 100644 --- a/native-provider-ci/providers/google-native/repo/.github/workflows/release.yml +++ b/native-provider-ci/providers/google-native/repo/.github/workflows/release.yml @@ -104,6 +104,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -210,6 +211,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -218,6 +220,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/google-native/repo/.github/workflows/run-acceptance-tests.yml b/native-provider-ci/providers/google-native/repo/.github/workflows/run-acceptance-tests.yml index 3ebb05ef54..5e306d61bb 100644 --- a/native-provider-ci/providers/google-native/repo/.github/workflows/run-acceptance-tests.yml +++ b/native-provider-ci/providers/google-native/repo/.github/workflows/run-acceptance-tests.yml @@ -126,6 +126,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -235,6 +236,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -243,6 +245,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/build.yml b/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/build.yml index 602553bb8c..e54cc2874d 100644 --- a/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/build.yml +++ b/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/build.yml @@ -111,6 +111,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +218,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -225,6 +227,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/prerelease.yml b/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/prerelease.yml index e9c272b618..06d4c8b98c 100644 --- a/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/prerelease.yml +++ b/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/prerelease.yml @@ -103,6 +103,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -209,6 +210,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +219,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/release.yml b/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/release.yml index ada66ea3cd..b90018e611 100644 --- a/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/release.yml +++ b/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/release.yml @@ -103,6 +103,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -209,6 +210,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +219,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/run-acceptance-tests.yml b/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/run-acceptance-tests.yml index b7a9779307..880e17f7a3 100644 --- a/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/run-acceptance-tests.yml +++ b/native-provider-ci/providers/kubernetes-cert-manager/repo/.github/workflows/run-acceptance-tests.yml @@ -125,6 +125,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -234,6 +235,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -242,6 +244,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/build.yml b/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/build.yml index 4faeb321ef..a9f64e1c9d 100644 --- a/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/build.yml +++ b/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/build.yml @@ -111,6 +111,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +218,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -225,6 +227,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/prerelease.yml b/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/prerelease.yml index 2e16e09558..918994a71f 100644 --- a/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/prerelease.yml +++ b/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/prerelease.yml @@ -103,6 +103,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -209,6 +210,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +219,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/release.yml b/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/release.yml index 8f1b97969e..6968a0353e 100644 --- a/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/release.yml +++ b/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/release.yml @@ -103,6 +103,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -209,6 +210,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +219,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/run-acceptance-tests.yml b/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/run-acceptance-tests.yml index 5522c1ce6b..57da15aae7 100644 --- a/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/run-acceptance-tests.yml +++ b/native-provider-ci/providers/kubernetes-ingress-nginx/repo/.github/workflows/run-acceptance-tests.yml @@ -125,6 +125,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -234,6 +235,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -242,6 +244,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes/repo/.github/workflows/build.yml b/native-provider-ci/providers/kubernetes/repo/.github/workflows/build.yml index 3871463c7d..ad45aa59bd 100644 --- a/native-provider-ci/providers/kubernetes/repo/.github/workflows/build.yml +++ b/native-provider-ci/providers/kubernetes/repo/.github/workflows/build.yml @@ -113,6 +113,7 @@ jobs: number: ${{ github.event.issue.number }} github_token: ${{ secrets.GITHUB_TOKEN }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +218,7 @@ jobs: - name: Generate SDK run: make ${{ matrix.language }}_sdk - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -225,6 +227,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes/repo/.github/workflows/prerelease.yml b/native-provider-ci/providers/kubernetes/repo/.github/workflows/prerelease.yml index bf6519b9ec..1dc785b9ca 100644 --- a/native-provider-ci/providers/kubernetes/repo/.github/workflows/prerelease.yml +++ b/native-provider-ci/providers/kubernetes/repo/.github/workflows/prerelease.yml @@ -105,6 +105,7 @@ jobs: number: ${{ github.event.issue.number }} github_token: ${{ secrets.GITHUB_TOKEN }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -209,6 +210,7 @@ jobs: - name: Generate SDK run: make ${{ matrix.language }}_sdk - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +219,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes/repo/.github/workflows/release.yml b/native-provider-ci/providers/kubernetes/repo/.github/workflows/release.yml index aa1057f792..8b5f3a72dd 100644 --- a/native-provider-ci/providers/kubernetes/repo/.github/workflows/release.yml +++ b/native-provider-ci/providers/kubernetes/repo/.github/workflows/release.yml @@ -105,6 +105,7 @@ jobs: number: ${{ github.event.issue.number }} github_token: ${{ secrets.GITHUB_TOKEN }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -209,6 +210,7 @@ jobs: - name: Generate SDK run: make ${{ matrix.language }}_sdk - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -217,6 +219,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/providers/kubernetes/repo/.github/workflows/run-acceptance-tests.yml b/native-provider-ci/providers/kubernetes/repo/.github/workflows/run-acceptance-tests.yml index 1474cefa6c..00ef4255a3 100644 --- a/native-provider-ci/providers/kubernetes/repo/.github/workflows/run-acceptance-tests.yml +++ b/native-provider-ci/providers/kubernetes/repo/.github/workflows/run-acceptance-tests.yml @@ -127,6 +127,7 @@ jobs: number: ${{ github.event.issue.number }} github_token: ${{ secrets.GITHUB_TOKEN }} - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -234,6 +235,7 @@ jobs: - name: Generate SDK run: make ${{ matrix.language }}_sdk - name: Check worktree clean + id: worktreeClean uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- @@ -242,6 +244,44 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') + shell: bash + run: > + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . diff --git a/native-provider-ci/src/steps.ts b/native-provider-ci/src/steps.ts index 24ad87437a..9c2c130858 100644 --- a/native-provider-ci/src/steps.ts +++ b/native-provider-ci/src/steps.ts @@ -495,7 +495,9 @@ export function ZipSDKsStep(): Step { export function CheckCleanWorkTree(): Step { return { name: "Check worktree clean", + id: "worktreeClean", uses: action.gitStatusCheck, + // Keep these in sync with the Renovate step below to avoid them getting checked in. with: { "allowed-changes": `\ sdk/**/pulumi-plugin.json @@ -507,6 +509,45 @@ sdk/python/pyproject.toml`, }; } +export function CommitSDKChangesForRenovate(): Step { + // If the worktree is dirty and this is a Renovate PR to bump dependencies, + // commit the updated SDK and push it back to the PR. The job will still be + // marked as a failure. + + return { + name: "Commit ${{ matrix.language }} SDK changes for Renovate", + if: "failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate')", + shell: "bash", + run: `git config --global user.email "bot@pulumi.com" +git config --global user.name "pulumi-bot" +\ +# Stash local changes and check out the PR's branch directly. +git stash +git fetch +git checkout "origin/$HEAD_REF" + +# Apply and add our changes, but don't commit any files we expect to +# always change due to versioning. +git stash pop +git add sdk +git reset \ + sdk/python/*/pulumi-plugin.json \ + sdk/dotnet/Pulumi.*.csproj \ + sdk/go/*/internal/pulumiUtilities.go \ + sdk/nodejs/package.json \ + sdk/python/pyproject.toml +git commit -m 'Commit \${{ matrix.language }} SDK for Renovate' + +# Push with pulumi-bot credentials to trigger a re-run of the +# workflow. https://github.com/orgs/community/discussions/25702 +git push https://pulumi-bot:\${{ secrets.PULUMI_BOT_TOKEN }}@github.com/\${{ github.repository }} \ + "HEAD:$HEAD_REF" +`, + // head_ref is untrusted so it's recommended to pass via env var to avoid injections. + env: { HEAD_REF: "${{ github.head_ref }}" }, + }; +} + export function SetNugetSource(): Step { return { run: "dotnet nuget add source ${{ github.workspace }}/nuget", diff --git a/native-provider-ci/src/workflows.ts b/native-provider-ci/src/workflows.ts index 624399a95b..e3c58122ad 100644 --- a/native-provider-ci/src/workflows.ts +++ b/native-provider-ci/src/workflows.ts @@ -463,6 +463,7 @@ export class BuildSdkJob implements NormalJob { steps.GenerateSDKs(opts.provider), steps.BuildSDKs(opts.provider), steps.CheckCleanWorkTree(), + steps.CommitSDKChangesForRenovate(), steps.Porcelain(), steps.ZipSDKsStep(), steps.UploadSDKs(tag),