From d79e9e0870c628328196687e6775d48169030366 Mon Sep 17 00:00:00 2001 From: Pulumi Bot <30351955+pulumi-bot@users.noreply.github.com> Date: Wed, 27 Nov 2024 10:57:59 -0800 Subject: [PATCH] Update GitHub Actions workflows. (#4848) This PR was automatically generated by the update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt repo, from commit a43cd0db18f1e71b792b0c79b6f5327c4f39f98b. --------- Co-authored-by: Daniel Bradley --- .ci-mgmt.yaml | 10 ++-------- .github/actions/download-bin/action.yml | 2 +- .github/actions/download-sdk/action.yml | 2 +- .github/actions/upload-bin/action.yml | 2 +- .github/actions/upload-sdk/action.yml | 2 +- .github/workflows/build_provider.yml | 13 +++++------- .github/workflows/build_sdk.yml | 15 +++----------- .github/workflows/command-dispatch.yml | 2 +- .github/workflows/community-moderation.yml | 8 ++++---- .github/workflows/license.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/master.yml | 23 +++++++--------------- .github/workflows/nightly-test.yml | 9 +++------ .github/workflows/prerelease.yml | 19 +++++------------- .github/workflows/prerequisites.yml | 14 ++++--------- .github/workflows/publish.yml | 10 +++++----- .github/workflows/pull-request.yml | 4 ++-- .github/workflows/release.yml | 19 +++++------------- .github/workflows/release_command.yml | 2 +- .github/workflows/resync-build.yml | 4 ++-- .github/workflows/run-acceptance-tests.yml | 21 ++++++-------------- .github/workflows/upgrade-bridge.yml | 13 +++++++++--- .github/workflows/upgrade-provider.yml | 12 ++++++++--- .github/workflows/verify-release.yml | 2 +- .mk/minimal_schema.mk | 1 + Makefile | 4 ++-- 26 files changed, 84 insertions(+), 133 deletions(-) diff --git a/.ci-mgmt.yaml b/.ci-mgmt.yaml index 78765f700f6..b55955056c9 100644 --- a/.ci-mgmt.yaml +++ b/.ci-mgmt.yaml @@ -162,10 +162,7 @@ extraTests: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install dependencies @@ -227,10 +224,7 @@ extraTests: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps diff --git a/.github/actions/download-bin/action.yml b/.github/actions/download-bin/action.yml index 68f0db20837..d4ce00be851 100644 --- a/.github/actions/download-bin/action.yml +++ b/.github/actions/download-bin/action.yml @@ -5,7 +5,7 @@ runs: using: "composite" steps: - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v4.1.8 with: name: aws-provider.tar.gz path: ${{ github.workspace }}/bin diff --git a/.github/actions/download-sdk/action.yml b/.github/actions/download-sdk/action.yml index 1fd54841b40..272e3317704 100644 --- a/.github/actions/download-sdk/action.yml +++ b/.github/actions/download-sdk/action.yml @@ -10,7 +10,7 @@ runs: using: "composite" steps: - name: Download ${{ inputs.language }} SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v4.1.8 with: name: ${{ inputs.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ diff --git a/.github/actions/upload-bin/action.yml b/.github/actions/upload-bin/action.yml index 89b8a7363f3..8afcc7999cf 100644 --- a/.github/actions/upload-bin/action.yml +++ b/.github/actions/upload-bin/action.yml @@ -8,7 +8,7 @@ runs: shell: bash run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-aws pulumi-tfgen-aws - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v4.4.3 with: name: aws-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz diff --git a/.github/actions/upload-sdk/action.yml b/.github/actions/upload-sdk/action.yml index 77d4849426b..c8c88de9695 100644 --- a/.github/actions/upload-sdk/action.yml +++ b/.github/actions/upload-sdk/action.yml @@ -13,7 +13,7 @@ runs: shell: bash run: tar -zcf sdk/${{ inputs.language }}.tar.gz -C sdk/${{ inputs.language }} . - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v4.4.3 with: name: ${{ inputs.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ inputs.language }}.tar.gz diff --git a/.github/workflows/build_provider.yml b/.github/workflows/build_provider.yml index 1a45200306b..d7ee1969b91 100644 --- a/.github/workflows/build_provider.yml +++ b/.github/workflows/build_provider.yml @@ -31,13 +31,13 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false @@ -48,7 +48,7 @@ jobs: - name: Prepare local workspace before restoring previously built run: make prepare_local_workspace - name: Download schema-embed.json - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v4.1.8 with: # Use a pattern to avoid failing if the artifact doesn't exist pattern: schema-embed.* @@ -56,14 +56,11 @@ jobs: merge-multiple: true path: provider/cmd/pulumi-resource-aws/schema-embed.json - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: prerequisites.make - path: .make + run: make --touch provider schema - name: Build & package provider run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v4.4.3 with: name: pulumi-resource-aws-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz path: bin/pulumi-resource-aws-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz diff --git a/.github/workflows/build_sdk.yml b/.github/workflows/build_sdk.yml index cf0f81f315f..8a9ce57d341 100644 --- a/.github/workflows/build_sdk.yml +++ b/.github/workflows/build_sdk.yml @@ -45,13 +45,13 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false @@ -72,10 +72,7 @@ jobs: - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: prerequisites.make - path: .make + run: make --touch provider schema - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean @@ -91,9 +88,3 @@ jobs: uses: ./.github/actions/upload-sdk with: language: ${{ matrix.language }} - - name: Save makefile progress - uses: actions/upload-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make - include-hidden-files: true diff --git a/.github/workflows/command-dispatch.yml b/.github/workflows/command-dispatch.yml index 7482963d581..ac56412725f 100644 --- a/.github/workflows/command-dispatch.yml +++ b/.github/workflows/command-dispatch.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false diff --git a/.github/workflows/community-moderation.yml b/.github/workflows/community-moderation.yml index f11f3858bb8..b4a52a60b32 100644 --- a/.github/workflows/community-moderation.yml +++ b/.github/workflows/community-moderation.yml @@ -8,25 +8,25 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false - id: schema_changed name: Check for diff in schema - uses: dorny/paths-filter@v2 + uses: dorny/paths-filter@v2.12.0 with: filters: "changed: 'provider/cmd/**/schema.json'" - id: sdk_changed if: steps.schema_changed.outputs.changed == 'false' name: Check for diff in sdk/** - uses: dorny/paths-filter@v2 + uses: dorny/paths-filter@v2.12.0 with: filters: "changed: 'sdk/**'" - if: steps.sdk_changed.outputs.changed == 'true' && github.event.pull_request.head.repo.full_name != github.repository name: Send codegen warning as comment on PR - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@v2.5.0 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} message: > diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml index 50646fd6865..51bd46b3b85 100644 --- a/.github/workflows/license.yml +++ b/.github/workflows/license.yml @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: persist-credentials: false - name: Setup tools diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index fbec6c8feb0..86abc8da4f8 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index ee28cb403e7..4551b3d98cc 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -58,12 +58,12 @@ jobs: tool-cache: false swap-storage: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} aws-region: us-west-2 @@ -142,13 +142,13 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false @@ -165,10 +165,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps @@ -273,10 +270,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps @@ -346,10 +340,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install dependencies diff --git a/.github/workflows/nightly-test.yml b/.github/workflows/nightly-test.yml index 4c09d7f2730..0075fb120f7 100644 --- a/.github/workflows/nightly-test.yml +++ b/.github/workflows/nightly-test.yml @@ -58,13 +58,13 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false @@ -81,10 +81,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index 55750f31e54..49a2bbdf3b3 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -83,13 +83,13 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false @@ -106,10 +106,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps @@ -214,10 +211,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps @@ -287,10 +281,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install dependencies diff --git a/.github/workflows/prerequisites.yml b/.github/workflows/prerequisites.yml index 1478d57d76b..b2fad8b2c7a 100644 --- a/.github/workflows/prerequisites.yml +++ b/.github/workflows/prerequisites.yml @@ -47,13 +47,13 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false @@ -88,15 +88,9 @@ jobs: schema-tools compare -r github://api.github.com/pulumi -p aws -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-aws/schema.json; echo "$EOF"; } >> "$GITHUB_ENV" - - name: Save makefile progress - uses: actions/upload-artifact@v4 - with: - name: prerequisites.make - path: .make - include-hidden-files: true - if: inputs.is_pr && inputs.is_automated == false name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@v2.5.0 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} comment_tag: schemaCheck @@ -110,7 +104,7 @@ jobs: uses: ./.github/actions/upload-bin - name: Upload schema-embed.json - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v4.4.3 with: name: schema-embed.json path: provider/cmd/pulumi-resource-aws/schema-embed.json diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 6b0490ad396..4c338581ab5 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -49,7 +49,7 @@ jobs: if: inputs.skipGoSdk && inputs.isPrerelease == false run: echo "Can't skip Go SDK for stable releases. This is likely a bug in the calling workflow." && exit 1 - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false @@ -58,7 +58,7 @@ jobs: with: tools: pulumictl, pulumicli, go, schema-tools - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -70,7 +70,7 @@ jobs: - name: Create dist directory run: mkdir -p dist - name: Download provider assets - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v4.1.8 with: pattern: pulumi-resource-aws-v${{ inputs.version }}-* path: dist @@ -114,7 +114,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true # Persist credentials so we can push back to the repo @@ -175,7 +175,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: persist-credentials: false - name: Clean up release labels diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index a389ebe7d9d..344ee0def5c 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -27,12 +27,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false - name: Comment PR - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@v2.5.0 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} message: > diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9962d099264..5d101e36ba4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -89,13 +89,13 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false @@ -112,10 +112,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps @@ -220,10 +217,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps @@ -293,10 +287,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install dependencies diff --git a/.github/workflows/release_command.yml b/.github/workflows/release_command.yml index f199952c889..ea43de936d7 100644 --- a/.github/workflows/release_command.yml +++ b/.github/workflows/release_command.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: persist-credentials: false - name: Should release PR diff --git a/.github/workflows/resync-build.yml b/.github/workflows/resync-build.yml index 309486bd797..7accc711047 100644 --- a/.github/workflows/resync-build.yml +++ b/.github/workflows/resync-build.yml @@ -28,13 +28,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true # Persist credentials so we can push a new branch. persist-credentials: true - name: Checkout repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: path: ci-mgmt repository: pulumi/ci-mgmt diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 89c0a2eca54..c7067d3f21e 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -128,20 +128,20 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: ref: ${{ env.PR_COMMIT_SHA }} submodules: true persist-credentials: false - name: Checkout p/examples if: matrix.testTarget == 'pulumiExamples' - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: repository: pulumi/examples path: p-examples @@ -158,10 +158,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps @@ -275,10 +272,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps @@ -348,10 +342,7 @@ jobs: with: language: ${{ matrix.language }} - name: Restore makefile progress - uses: actions/download-artifact@v4 - with: - name: build_${{ matrix.language }}.make - path: .make + run: make --touch provider schema build_${{ matrix.language }} - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install dependencies diff --git a/.github/workflows/upgrade-bridge.yml b/.github/workflows/upgrade-bridge.yml index ea7135e86e9..62f8fe2e1e6 100644 --- a/.github/workflows/upgrade-bridge.yml +++ b/.github/workflows/upgrade-bridge.yml @@ -49,9 +49,16 @@ on: required: false type: boolean default: false + +permissions: + contents: write + issues: write + pull-requests: write + env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GH_TOKEN: ${{ secrets.PULUMI_PROVIDER_AUTOMATION_TOKEN || secrets.PULUMI_BOT_TOKEN || secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + jobs: upgrade_provider: name: upgrade-provider @@ -59,13 +66,13 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true persist-credentials: false diff --git a/.github/workflows/upgrade-provider.yml b/.github/workflows/upgrade-provider.yml index 62f5084c22e..954e4e5d946 100644 --- a/.github/workflows/upgrade-provider.yml +++ b/.github/workflows/upgrade-provider.yml @@ -22,9 +22,15 @@ on: # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. - cron: 0 3 * * * +permissions: + contents: write + issues: write + pull-requests: write + env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GH_TOKEN: ${{ secrets.PULUMI_PROVIDER_AUTOMATION_TOKEN || secrets.PULUMI_BOT_TOKEN || secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + jobs: upgrade_provider: name: upgrade-provider @@ -32,13 +38,13 @@ jobs: steps: # Run as first step so we don't delete things that have just been installed - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + uses: jlumbroso/free-disk-space@v1.3.1 with: tool-cache: false swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: submodules: true # Persist credentials so upgrade-provider can push a new branch. diff --git a/.github/workflows/verify-release.yml b/.github/workflows/verify-release.yml index 8f1ff835581..b7ea98ae990 100644 --- a/.github/workflows/verify-release.yml +++ b/.github/workflows/verify-release.yml @@ -72,7 +72,7 @@ jobs: runs-on: ${{ matrix.runner }} steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: persist-credentials: false - name: Setup tools diff --git a/.mk/minimal_schema.mk b/.mk/minimal_schema.mk index e825efbc803..80ca6b990a4 100644 --- a/.mk/minimal_schema.mk +++ b/.mk/minimal_schema.mk @@ -3,6 +3,7 @@ minimal_schema: tfgen minimal_schema_no_deps minimal_schema_no_deps: echo "Computing minimal schema" cd provider/cmd/pulumi-resource-aws && PULUMI_AWS_MINIMAL_SCHEMA=true VERSION=$(VERSION_GENERIC) go generate +.PHONY: minimal_schema minimal_schema_no_deps # To work around CI limitations, ensure that minimal schema is rebuilt for embedding right before the provider binary is # built for a given platform. diff --git a/Makefile b/Makefile index 0fbd70e7d79..704106b5543 100644 --- a/Makefile +++ b/Makefile @@ -249,12 +249,12 @@ tfgen_no_deps: .make/schema .make/schema: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache .make/schema: export PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION := $(PULUMI_CONVERT) .make/schema: export PULUMI_MISSING_DOCS_ERROR := $(PULUMI_MISSING_DOCS_ERROR) -.make/schema: bin/$(TFGEN) provider/resources.go provider/go.mod .make/install_plugins .make/upstream +.make/schema: bin/$(TFGEN) .make/install_plugins .make/upstream $(WORKING_DIR)/bin/$(TFGEN) schema --out provider/cmd/$(PROVIDER) (cd provider && VERSION=$(VERSION_GENERIC) go generate cmd/$(PROVIDER)/main.go) @touch $@ tfgen_build_only: bin/$(TFGEN) -bin/$(TFGEN): +bin/$(TFGEN): provider/*.go provider/go.* .make/upstream (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(TFGEN) -ldflags "$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_EXTRAS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(TFGEN)) .PHONY: tfgen schema tfgen_no_deps tfgen_build_only