Optimize RAM usage for the provider (#3172) #223
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt | |
env: | |
PROVIDER: aws | |
AWS_REGION: us-west-2 | |
DOTNETVERSION: | | |
6.0.x | |
3.1.301 | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GOVERSION: 1.21.x | |
GRADLEVERSION: "7.6" | |
JAVAVERSION: "11" | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
NODEVERSION: 20.x | |
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} | |
OIDC_ROLE_ARN: ${{ secrets.OIDC_ROLE_ARN }} | |
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | |
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | |
PULUMI_API: https://api.pulumi-staging.io | |
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. | |
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget | |
PULUMI_MISSING_DOCS_ERROR: true | |
PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} | |
PYTHONVERSION: "3.9" | |
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} | |
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} | |
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
TF_APPEND_USER_AGENT: pulumi | |
TRAVIS_OS_NAME: linux | |
jobs: | |
build_sdk: | |
name: build_sdk | |
needs: prerequisites | |
runs-on: pulumi-ubuntu-8core | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
with: | |
submodules: true | |
- name: Checkout Scripts Repo | |
uses: actions/checkout@v3 | |
with: | |
path: ci-scripts | |
repository: pulumi/scripts | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
cache-dependency-path: | | |
sdk/go.sum | |
go-version: 1.21.x | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v4 | |
with: | |
pulumi-version: v3.77.1 | |
- name: Setup Node | |
uses: actions/setup-node@v2 | |
with: | |
node-version: ${{ env.NODEVERSION }} | |
registry-url: https://registry.npmjs.org | |
- name: Setup DotNet | |
uses: actions/setup-dotnet@v3 | |
with: | |
dotnet-version: ${{ env.DOTNETVERSION }} | |
- name: Setup Python | |
uses: actions/setup-python@v2 | |
with: | |
python-version: ${{ env.PYTHONVERSION }} | |
- name: Setup Java | |
uses: actions/setup-java@v3 | |
with: | |
cache: gradle | |
distribution: temurin | |
java-version: ${{ env.JAVAVERSION }} | |
- name: Setup Gradle | |
uses: gradle/gradle-build-action@v2 | |
with: | |
gradle-version: ${{ env.GRADLEVERSION }} | |
- name: Download provider + tfgen binaries | |
uses: actions/download-artifact@v2 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin | |
- name: Untar provider binaries | |
run: >- | |
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | |
github.workspace}}/bin | |
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; | |
- name: Install plugins | |
run: make install_plugins | |
- name: Update path | |
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | |
- name: Set PACKAGE_VERSION to Env | |
run: echo "PACKAGE_VERSION=$(pulumictl get version --language generic)" >> | |
"$GITHUB_ENV" | |
- name: Build SDK | |
run: make build_${{ matrix.language }} | |
- name: Check worktree clean | |
run: ./ci-scripts/ci/check-worktree-is-clean | |
- name: Compress SDK folder | |
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v2 | |
with: | |
name: ${{ matrix.language }}-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz | |
- if: failure() && github.event_name == 'push' | |
name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
with: | |
author_name: Failure in building ${{ matrix.language }} sdk | |
fields: repo,commit,author,action | |
status: ${{ job.status }} | |
strategy: | |
fail-fast: true | |
matrix: | |
language: | |
- nodejs | |
- python | |
- dotnet | |
- go | |
- java | |
create_docs_build: | |
name: create_docs_build | |
needs: tag_sdk | |
runs-on: ubuntu-latest | |
steps: | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- env: | |
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} | |
name: Dispatch Event | |
run: pulumictl create docs-build pulumi-${{ env.PROVIDER }} | |
"${GITHUB_REF#refs/tags/}" | |
license_check: | |
name: License Check | |
uses: ./.github/workflows/license.yml | |
secrets: inherit | |
prerequisites: | |
name: prerequisites | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
with: | |
submodules: true | |
- name: Checkout Scripts Repo | |
uses: actions/checkout@v3 | |
with: | |
path: ci-scripts | |
repository: pulumi/scripts | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
cache-dependency-path: | | |
sdk/go.sum | |
go-version: 1.21.x | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v4 | |
with: | |
pulumi-version: v3.77.1 | |
- if: github.event_name == 'pull_request' | |
name: Install Schema Tools | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/schema-tools | |
- name: Clear GitHub Actions Ubuntu runner disk space | |
uses: jlumbroso/free-disk-space@main | |
with: | |
android: true | |
dotnet: false | |
haskell: true | |
large-packages: false | |
swap-storage: true | |
tool-cache: false | |
- name: Build tfgen & provider binaries | |
run: make provider | |
- name: Unit-test provider code | |
run: make test_provider | |
- if: github.event_name == 'pull_request' | |
name: Check Schema is Valid | |
run: | | |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) | |
{ | |
echo "SCHEMA_CHANGES<<$EOF"; | |
schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json; | |
echo "$EOF"; | |
} >> "$GITHUB_ENV" | |
- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' | |
name: Comment on PR with Details of Schema Check | |
uses: thollander/actions-comment-pull-request@v2 | |
with: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
comment_tag: schemaCheck | |
message: >+ | |
### Does the PR have any schema changes? | |
${{ env.SCHEMA_CHANGES }} | |
Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes. | |
- name: Tar provider binaries | |
run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | |
github.workspace }}/bin/ pulumi-resource-${{ env.PROVIDER }} | |
pulumi-tfgen-${{ env.PROVIDER }} | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v2 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin/provider.tar.gz | |
retention-days: 30 | |
- if: failure() && github.event_name == 'push' | |
name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
with: | |
author_name: Failure in building provider prerequisites | |
fields: repo,commit,author,action | |
status: ${{ job.status }} | |
publish: | |
name: publish | |
needs: | |
- test | |
- license_check | |
- go_test_shim | |
- test_oidc | |
runs-on: pulumi-ubuntu-8core | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
with: | |
submodules: true | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
cache-dependency-path: | | |
sdk/go.sum | |
go-version: 1.21.x | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v4 | |
with: | |
pulumi-version: v3.77.1 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: us-east-2 | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 7200 | |
role-external-id: upload-pulumi-release | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} | |
- name: Set PreRelease Version | |
run: echo "GORELEASER_CURRENT_TAG=v$(pulumictl get version --language generic)" >> "$GITHUB_ENV" | |
- name: Run GoReleaser | |
uses: goreleaser/goreleaser-action@v2 | |
with: | |
args: -p 1 release --rm-dist --timeout 150m0s | |
version: latest | |
- if: failure() && github.event_name == 'push' | |
name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
with: | |
author_name: Failure in publishing binaries | |
fields: repo,commit,author,action | |
status: ${{ job.status }} | |
publish_sdk: | |
name: publish_sdk | |
needs: publish | |
runs-on: ubuntu-latest | |
steps: | |
- name: Publish SDKs | |
uses: pulumi/[email protected] | |
- env: | |
SLACK_CHANNEL: provider-upgrade-publish-status | |
SLACK_COLOR: "#FF0000" | |
SLACK_ICON_EMOJI: ":taco:" | |
SLACK_MESSAGE: "Publish failed :x:" | |
SLACK_TITLE: ${{ github.event.repository.name }} upgrade result | |
SLACK_USERNAME: provider-bot | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }} | |
if: failure() | |
name: Send Publish Failure To Slack | |
uses: rtCamp/action-slack-notify@v2 | |
tag_sdk: | |
name: tag_sdk | |
needs: publish_sdk | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
with: | |
submodules: true | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Add SDK version tag | |
run: git tag "sdk/v$(pulumictl get version --language generic)" && git push origin | |
"sdk/v$(pulumictl get version --language generic)" | |
clean_up_release_labels: | |
name: Clean up release labels | |
needs: create_docs_build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
- name: Unshallow clone for PR merge bases | |
run: git fetch --prune --unshallow --tags | |
- name: Clean up release labels | |
uses: pulumi/action-release-by-pr-label@main | |
with: | |
command: "clean-up-release-labels" | |
repo: ${{ github.repository }} | |
commit: ${{ github.sha }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
test: | |
name: test | |
needs: build_sdk | |
permissions: | |
contents: read | |
id-token: write | |
runs-on: pulumi-ubuntu-8core | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
with: | |
submodules: true | |
- name: Checkout Scripts Repo | |
uses: actions/checkout@v3 | |
with: | |
path: ci-scripts | |
repository: pulumi/scripts | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
cache-dependency-path: | | |
sdk/go.sum | |
go-version: 1.21.x | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v4 | |
with: | |
pulumi-version: v3.77.1 | |
- name: Setup Node | |
uses: actions/setup-node@v2 | |
with: | |
node-version: ${{ env.NODEVERSION }} | |
registry-url: https://registry.npmjs.org | |
- name: Setup DotNet | |
uses: actions/setup-dotnet@v3 | |
with: | |
dotnet-version: ${{ env.DOTNETVERSION }} | |
- name: Setup Python | |
uses: actions/setup-python@v2 | |
with: | |
python-version: ${{ env.PYTHONVERSION }} | |
- name: Setup Java | |
uses: actions/setup-java@v3 | |
with: | |
cache: gradle | |
distribution: temurin | |
java-version: ${{ env.JAVAVERSION }} | |
- name: Setup Gradle | |
uses: gradle/gradle-build-action@v2 | |
with: | |
gradle-version: ${{ env.GRADLEVERSION }} | |
- name: Download provider + tfgen binaries | |
uses: actions/download-artifact@v2 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin | |
- name: Untar provider binaries | |
run: >- | |
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ | |
github.workspace}}/bin | |
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; | |
- run: dotnet nuget add source ${{ github.workspace }}/nuget | |
- name: Download SDK | |
uses: actions/download-artifact@v2 | |
with: | |
name: ${{ matrix.language }}-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress SDK folder | |
run: tar -zxf ${{ github.workspace }}/sdk/${{ matrix.language }}.tar.gz -C ${{ | |
github.workspace }}/sdk/${{ matrix.language }} | |
- name: Update path | |
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | |
- name: Install Python deps | |
run: |- | |
pip3 install virtualenv==20.0.23 | |
pip3 install pipenv | |
- name: Install dependencies | |
run: make install_${{ matrix.language}}_sdk | |
- name: Install gotestfmt | |
uses: GoTestTools/gotestfmt-action@v2 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
version: v2.4.0 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 3600 | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
- name: Make upstream | |
run: make upstream | |
- name: Run provider tests | |
run: | | |
cd provider && go test -v -json -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | |
- name: Run tests | |
run: cd examples && go test -v -json -count=1 -cover -timeout 2h -tags=${{ | |
matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | |
- if: failure() && github.event_name == 'push' | |
name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
with: | |
author_name: Failure in running ${{ matrix.language }} tests | |
fields: repo,commit,author,action | |
status: ${{ job.status }} | |
strategy: | |
fail-fast: false | |
matrix: | |
language: | |
- nodejs | |
- python | |
- dotnet | |
- go | |
- java | |
go_test_shim: | |
name: Run test of provider shim | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{ env.PR_COMMIT_SHA }} | |
submodules: true | |
- name: Make upstream | |
run: make upstream | |
- uses: actions/setup-go@v4 | |
with: | |
cache-dependency-path: provider/go.sum | |
go-version-file: provider/go.mod | |
- name: go test | |
run: | | |
cd upstream | |
go get github.com/hashicorp/[email protected] | |
cd shim | |
go test -v -coverprofile="coverage.txt" . | |
- env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
name: Upload coverage reports to Codecov | |
uses: codecov/codecov-action@v3 | |
timeout-minutes: 60 | |
test_oidc: | |
if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository | |
name: test_oidc | |
needs: build_sdk | |
permissions: | |
contents: read | |
id-token: write | |
runs-on: pulumi-ubuntu-8core | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{ env.PR_COMMIT_SHA }} | |
submodules: true | |
- name: Checkout Scripts Repo | |
uses: actions/checkout@v3 | |
with: | |
path: ci-scripts | |
repository: pulumi/scripts | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
cache-dependency-path: | | |
sdk/go.sum | |
go-version: 1.21.x | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v4 | |
with: | |
pulumi-version: v3.77.1 | |
- name: Setup Node | |
uses: actions/setup-node@v2 | |
with: | |
node-version: ${{ env.NODEVERSION }} | |
registry-url: https://registry.npmjs.org | |
- name: Download provider + tfgen binaries | |
uses: actions/download-artifact@v2 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin | |
- name: Untar provider binaries | |
run: |- | |
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace}}/bin | |
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; | |
- name: Download SDK | |
uses: actions/download-artifact@v2 | |
with: | |
name: ${{ matrix.language }}-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress SDK folder | |
run: tar -zxf ${{ github.workspace }}/sdk/${{ matrix.language }}.tar.gz -C ${{ github.workspace }}/sdk/${{ matrix.language }} | |
- name: Update path | |
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | |
- name: Install dependencies | |
run: make install_${{ matrix.language}}_sdk | |
- name: Install gotestfmt | |
uses: GoTestTools/gotestfmt-action@v2 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
version: v2.4.0 | |
- name: Make upstream | |
run: make upstream | |
- name: Run selected tests with manual web identity/OIDC auth | |
run: cd examples && go test -v -json -count=1 -run TestAccCloudWatchOidcManual -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | |
- name: Configure AWS Credentials for OIDC | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: ${{ env.AWS_REGION }} | |
role-duration-seconds: 3600 | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.OIDC_ROLE_ARN }} | |
unset-current-credentials: true | |
- name: Run selected tests with configure-aws-credentials web identity/OIDC auth | |
run: cd examples && go test -v -json -count=1 -run TestAccCloudWatch -tags=${{ matrix.language }} -parallel 4 . 2>&1 | tee /tmp/gotest.log | gotestfmt | |
- if: failure() && github.event_name == 'push' | |
name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
with: | |
author_name: Failure in running ${{ matrix.language }} tests | |
fields: repo,commit,author,action | |
status: ${{ job.status }} | |
strategy: | |
fail-fast: false | |
matrix: | |
language: | |
- nodejs | |
name: release | |
on: | |
push: | |
tags: | |
- v*.*.* | |
- "!v*.*.*-**" |