Skip to content

Upgrade publishing workflows (#1390) #71

Upgrade publishing workflows (#1390)

Upgrade publishing workflows (#1390) #71

Workflow file for this run

env:
ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }}
ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }}
ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }}
AWS_REGION: us-west-2
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GOLANGCI_LINT_VERSION: v1.59.0
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PROVIDER: eks
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_API: https://api.pulumi-staging.io
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
PULUMI_ENABLE_RESOURCE_REFERENCES: 1
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
GOVERSION: "1.21.x"
DOTNETVERSION: "6.x"
PYTHONVERSION: "3.8"
JAVAVERSION: "11"
IS_PRERELEASE: ${{ contains(github.ref_name,'-') }}
jobs:
lint:
name: Lint and unit test
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
registry-url: https://registry.npmjs.org
- name: Install Yarn
run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.22.22
- name: Update PATH for Yarn
run: |
echo "$HOME/.yarn/bin" >> "$GITHUB_PATH"
echo "$HOME/.config/yarn/global/node_modules/.bin" >> "$GITHUB_PATH"
- name: Run nodejs linter
run: make lint
- name: golangci-lint
uses: golangci/golangci-lint-action@v6
with:
version: ${{ env.GOLANGCI_LINT_VERSION }}
args: -c ../.golangci.yml
working-directory: provider
- name: Run unit tests
run: make test_unit_tests
build_sdk:
name: build_sdk
runs-on: ubuntu-latest
needs: prerequisites
env:
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }}
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GOVERSION }}
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@v5
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup DotNet
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
registry-url: https://registry.npmjs.org
- name: Setup Java
uses: actions/setup-java@v4
with:
cache: gradle
distribution: temurin
java-version: ${{ env.JAVAVERSION }}
- name: Setup Gradle
uses: gradle/[email protected]
with:
gradle-version: "7.6"
- name: Install Yarn
run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.22.22
- name: Update PATH for Yarn
run: |
echo "$HOME/.yarn/bin" >> "$GITHUB_PATH"
echo "$HOME/.config/yarn/global/node_modules/.bin" >> "$GITHUB_PATH"
- name: Build SDK
run: make build_${{ matrix.language }}
- name: Check worktree clean
uses: pulumi/git-status-check-action@v1
with:
allowed-changes: |
sdk/**/pulumi-plugin.json
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
- name: Compress ${{ matrix.language }} SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }}/ .
- name: Upload ${{ matrix.language }} artifacts
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
strategy:
fail-fast: true
matrix:
language:
- nodejs
- python
- dotnet
- java
- go
prerequisites:
name: prerequisites
runs-on: ubuntu-latest
outputs:
version: ${{ steps.provider-version.outputs.version }}
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- uses: pulumi/provider-version-action@v1
id: provider-version
with:
set-env: "PROVIDER_VERSION"
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GOVERSION }}
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@v5
- name: Build provider binary + schema
run: make schema provider
- name: Check worktree clean
uses: pulumi/git-status-check-action@v1
with:
allowed-changes: |
sdk/**/pulumi-plugin.json
sdk/dotnet/Pulumi.*.csproj
sdk/go/**/pulumiUtilities.go
sdk/nodejs/package.json
sdk/python/pyproject.toml
- name: Tar provider binaries
run:
tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace
}}/bin/ pulumi-resource-${{ env.PROVIDER }}
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: ${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
strategy:
fail-fast: true
publish:
name: publish
needs:
- prerequisites
- test-nodejs
- test-python
- test-dotnet
- test-go
uses: ./.github/workflows/publish.yml
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}
isPrerelease: ${{ env.IS_PRERELEASE }}

Check failure on line 194 in .github/workflows/release.yml

View workflow run for this annotation

GitHub Actions / release

Invalid workflow file

The workflow is not valid. .github/workflows/release.yml (Line: 194, Col: 21): Unrecognized named-value: 'env'. Located at position 1 within expression: env.IS_PRERELEASE
test-nodejs:
name: Run NodeJS Tests
needs:
- prerequisites
- build_sdk
runs-on: ubuntu-latest
env:
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }}
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GOVERSION }}
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Install awscli
run: |
python -m pip install --upgrade pip
pip install awscli --upgrade
- name: Install Pulumi CLI
uses: pulumi/actions@v5
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
registry-url: https://registry.npmjs.org
- name: Download provider binary
uses: actions/download-artifact@v4
with:
name: ${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: Untar provider binaries
run:
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace
}}/bin
- name: Restore binary perms
run:
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
- name: Download SDK
uses: actions/download-artifact@v4
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}
- name: Uncompress SDK folder
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs
- name: Install dependencies
run: make install_nodejs_sdk
- name: Install gotestfmt
uses: GoTestTools/gotestfmt-action@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
version: v2.4.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: ${{ env.AWS_REGION }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
- name: Configure AWS CLI
run: |
aws configure set default.aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
aws configure set default.aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws configure set aws_access_key_id ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} --profile ${{ secrets.ALT_AWS_PROFILE }}
aws configure set aws_secret_access_key ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} --profile ${{ secrets.ALT_AWS_PROFILE }}
- name: Link nodejs binary for testing
run: |
cd ${{ github.workspace }}/bin
yarn install && yarn link @pulumi/eks
- name: Generate go test Slice
id: test_split
uses: hashicorp-forge/[email protected]
with:
working-directory: examples
flags: -tags=nodejs
total: ${{ matrix.total }}
index: ${{ matrix.index }}
- name: Run tests
run: cd examples && go test -tags=nodejs -v -json -count=1 -cover -timeout 3h -parallel 6 . --run="${{ steps.test_split.outputs.run}}" 2>&1 | tee /tmp/gotest.log | gotestfmt
strategy:
fail-fast: false
max-parallel: 10
matrix:
total: [15]
index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14]
test-python:
name: Run Python Tests
needs:
- prerequisites
- build_sdk
runs-on: ubuntu-latest
env:
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }}
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GOVERSION }}
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@v5
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
registry-url: https://registry.npmjs.org
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Install awscli
run: |
python -m pip install --upgrade pip
pip install awscli --upgrade
- name: Install Python deps
run: |-
pip3 install virtualenv==20.0.23
pip3 install pipenv
- name: Download provider binary
uses: actions/download-artifact@v4
with:
name: ${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: Untar provider binaries
run:
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace
}}/bin
- name: Restore binary perms
run:
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
- name: Download NodeJS SDK
uses: actions/download-artifact@v4
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}
- name: Uncompress NodeJS SDK folder
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs
- name: Install NodeJS SDK
run: make install_nodejs_sdk
- name: Download Python SDK
uses: actions/download-artifact@v4
with:
name: python-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress Python SDK folder
run: tar -zxf ${{ github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python
- name: Install dependencies
run: make install_python_sdk
- name: Install gotestfmt
uses: GoTestTools/gotestfmt-action@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
version: v2.4.0
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: ${{ env.AWS_REGION }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
- name: Configure AWS CLI
run: |
aws configure set default.aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
aws configure set default.aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws configure set aws_access_key_id ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} --profile ${{ secrets.ALT_AWS_PROFILE }}
aws configure set aws_secret_access_key ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} --profile ${{ secrets.ALT_AWS_PROFILE }}
- name: Link nodejs binary for testing
run: |
cd ${{ github.workspace }}/bin
yarn install && yarn link @pulumi/eks
- name: Generate go test Slice
id: test_split
uses: hashicorp-forge/[email protected]
with:
working-directory: examples
flags: -tags=python
total: ${{ matrix.total }}
index: ${{ matrix.index }}
- name: Run tests
run: cd examples && go test -tags=python -v -json -count=1 -cover -timeout 3h -parallel 6 . --run="${{ steps.test_split.outputs.run}}" 2>&1 | tee /tmp/gotest.log | gotestfmt
strategy:
fail-fast: false
max-parallel: 4
matrix:
total: [6]
index: [0, 1, 2, 3, 4, 5]
test-dotnet:
name: Run DotNet Tests
needs:
- prerequisites
- build_sdk
runs-on: ubuntu-latest
env:
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }}
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GOVERSION }}
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@v5
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Install awscli
run: |
python -m pip install --upgrade pip
pip install awscli --upgrade
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
registry-url: https://registry.npmjs.org
- name: Setup DotNet
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Download provider binary
uses: actions/download-artifact@v4
with:
name: ${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: Untar provider binaries
run:
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace
}}/bin
- name: Restore binary perms
run:
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
- name: Download NodeJS SDK
uses: actions/download-artifact@v4
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}
- name: Uncompress NodeJS SDK folder
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs
- name: Install NodeJS SDK
run: make install_nodejs_sdk
- name: Download DotNet SDK
uses: actions/download-artifact@v4
with:
name: dotnet-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress DotNet SDK folder
run: tar -zxf ${{ github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet
- name: Install dependencies
run: make install_dotnet_sdk
- name: Install gotestfmt
uses: GoTestTools/gotestfmt-action@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
version: v2.4.0
- run: dotnet nuget add source ${{ github.workspace }}/nuget
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: ${{ env.AWS_REGION }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
- name: Configure AWS CLI
run: |
aws configure set default.aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
aws configure set default.aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws configure set aws_access_key_id ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} --profile ${{ secrets.ALT_AWS_PROFILE }}
aws configure set aws_secret_access_key ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} --profile ${{ secrets.ALT_AWS_PROFILE }}
- name: Link nodejs binary for testing
run: |
cd ${{ github.workspace }}/bin
yarn install && yarn link @pulumi/eks
- name: Run tests
run: cd examples && go test -tags=dotnet -v -json -count=1 -cover -timeout 3h -parallel 6 . 2>&1 | tee /tmp/gotest.log | gotestfmt
test-go:
name: Run Go Tests
needs:
- prerequisites
- build_sdk
runs-on: ubuntu-latest
env:
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }}
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GOVERSION }}
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@v5
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version-file: .node-version
registry-url: https://registry.npmjs.org
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Install awscli
run: |
python -m pip install --upgrade pip
pip install awscli --upgrade
- name: Setup DotNet
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Download provider binary
uses: actions/download-artifact@v4
with:
name: ${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: Untar provider binaries
run:
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace
}}/bin
- name: Restore binary perms
run:
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Update path
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
- name: Download NodeJS SDK
uses: actions/download-artifact@v4
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}
- name: Uncompress NodeJS SDK folder
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs
- name: Install NodeJS SDK
run: make install_nodejs_sdk
- name: Install gotestfmt
uses: GoTestTools/gotestfmt-action@v2
with:
token: ${{ secrets.GITHUB_TOKEN }}
version: v2.4.0
- name: Download Go SDK
uses: actions/download-artifact@v4
with:
name: go-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress Go SDK folder
run: tar -zxf ${{ github.workspace}}/sdk/go.tar.gz -C ${{github.workspace}}/sdk/go
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: ${{ env.AWS_REGION }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
- name: Configure AWS CLI
run: |
aws configure set default.aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
aws configure set default.aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws configure set aws_access_key_id ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} --profile ${{ secrets.ALT_AWS_PROFILE }}
aws configure set aws_secret_access_key ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} --profile ${{ secrets.ALT_AWS_PROFILE }}
- name: Link nodejs binary for testing
run: |
cd ${{ github.workspace }}/bin
yarn install && yarn link @pulumi/eks
- name: Run tests
run: cd examples && go test -tags=go -v -json -count=1 -cover -timeout 3h -parallel 6 . 2>&1 | tee /tmp/gotest.log | gotestfmt
name: release
"on":
push:
tags:
- v*.*.*