Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update GitHub Actions workflows. #547

Closed
wants to merge 1 commit into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions .github/workflows/prerelease.yml
Original file line number Diff line number Diff line change
Expand Up @@ -279,6 +279,20 @@ jobs:
- dotnet
- go
- java
verify-release:
name: verify-release
needs:
- prerequisites
- publish
- publish_sdk
- publish_go_sdk
uses: ./.github/workflows/verify-release.yml
secrets: inherit
with:
providerVersion: ${{ needs.prerequisites.outputs.version }}
# Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release.
enableMacosRunner: false

name: prerelease
on:
push:
Expand Down
19 changes: 16 additions & 3 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:

create_docs_build:
name: create_docs_build
needs: tag_sdk
needs: publish_go_sdk
runs-on: ubuntu-latest
steps:
- name: Dispatch Metadata build
Expand Down Expand Up @@ -146,8 +146,8 @@ jobs:
if: failure()
name: Send Publish Failure To Slack
uses: rtCamp/action-slack-notify@v2
tag_sdk:
name: tag_sdk
publish_go_sdk:
name: publish_go_sdk
needs:
- prerequisites
- publish_sdk
Expand Down Expand Up @@ -312,6 +312,19 @@ jobs:
- dotnet
- go
- java
verify-release:
name: verify-release
needs:
- prerequisites
- publish
- publish_sdk
- publish_go_sdk
uses: ./.github/workflows/verify-release.yml
secrets: inherit
with:
providerVersion: ${{ needs.prerequisites.outputs.version }}
enableMacosRunner: true

name: release
on:
push:
Expand Down
66 changes: 66 additions & 0 deletions .github/workflows/verify-release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
name: "Verify Release"

on:
workflow_dispatch:
inputs:
providerVersion:
description: "The version of the provider to verify"
required: true
type: string
enableMacRunner:
description: "Enable the MacOS runner in addition to Linux and Windows. Defaults to 'false'."
required: false
type: boolean
workflow_call:
inputs:
providerVersion:
description: "The version of the provider to verify"
required: true
type: string
enableMacosRunner:
description: "Enable the macos-latest runner in addition to ubuntu-latest and windows-latest. Defaults to 'false'."
required: false
type: boolean
default: false

env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
PYPI_USERNAME: __token__
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
TF_APPEND_USER_AGENT: pulumi
VAULT_DEV_ROOT_TOKEN_ID: root

jobs:
verify-release:
name: verify-release
# We don't have any release verification configurations, so we never run this workflow.
# Configure your .ci-mgmt.yaml files to include the release verification configurations e.g.
# releaseVerification:
# nodejs: path/to/nodejs/project
# python: path/to/python/project
# dotnet: path/to/dotnet/project
# go: path/to/go/project
if: false
strategy:
matrix:
# We don't have any release verification configurations, so we only run on Linux to print warnings to help users configure the release verification.
runner: ["ubuntu-latest"]
runs-on: ${{ matrix.runner }}
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Setup tools
uses: ./.github/actions/setup-tools
4 changes: 2 additions & 2 deletions scripts/upstream.sh
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ start_rebase() {

for patch in ../patches/*.patch; do
echo "Applying $patch"
if ! git am --3way "$patch"; then
if ! git am --3way "$patch" --allow-empty; then
echo
echo "Failed to apply ${patch}. Please run 'make upstream.rebase FROM=$TAG' where '$TAG' allows the patch set to apply cleanly"
echo
Expand Down Expand Up @@ -138,7 +138,7 @@ apply() {
# apply the patch using a 3-way merge strategy. This mirrors the default behavior of 'git merge'
cd upstream
for patch in ../patches/*.patch; do
if ! git apply --3way "$patch" --allow-empty; then
if ! git apply --3way "$patch"; then
cat <<EOF

make "$1"' failed to apply ${patch}. This is because there is a conflict between
Expand Down
Loading