Update GitHub Actions workflows. #2679

Workflow file for this run

.github/workflows/run-acceptance-tests.yml at 6c3d584

	# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt

	name: run-acceptance-tests
	on:
	repository_dispatch:
	types:
	- run-acceptance-tests-command
	pull_request:
	paths-ignore:
	- CHANGELOG.md
	workflow_dispatch: {}
	env:
	GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
	PROVIDER: kubernetes
	PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
	PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
	NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
	NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
	NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
	PYPI_USERNAME: __token__
	PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
	TRAVIS_OS_NAME: linux
	SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
	PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
	PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
	PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
	SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
	SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
	SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
	GOVERSION: 1.21.x
	NODEVERSION: 20.x
	PYTHONVERSION: "3.11"
	DOTNETVERSION: \|
	6.0.x
	3.1.301
	JAVAVERSION: "11"
	AWS_REGION: us-west-2
	PULUMI_TEST_OWNER: moolumi
	GOLANGCI_LINT_VERSION: v1.61.0
	GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: [email protected]
	GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
	GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
	GOOGLE_PROJECT_NUMBER: 637339343727
	PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }}
	jobs:
	comment-notification:
	runs-on: ubuntu-latest
	name: comment-notification
	steps:
	- name: Create URL to the run output
	id: vars
	run: echo
	run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
	>> "$GITHUB_OUTPUT"
	- name: Update with Result
	uses: peter-evans/[email protected]
	with:
	token: ${{ secrets.PULUMI_BOT_TOKEN }}
	repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
	issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
	body: "Please view the PR build: ${{ steps.vars.outputs.run-url }}"
	if: github.event_name == 'repository_dispatch'
	prerequisites:
	runs-on: ubuntu-latest
	name: prerequisites
	steps:
	- name: Checkout Repo
	uses: actions/[email protected]
	with:
	lfs: true
	ref: ${{ env.PR_COMMIT_SHA }}
	- id: version
	name: Set Provider Version
	uses: pulumi/[email protected]
	with:
	set-env: PROVIDER_VERSION
	- name: Install Go
	uses: actions/[email protected]
	with:
	go-version: ${{ env.GOVERSION }}
	cache-dependency-path: "*/.sum"
	- name: Install pulumictl
	uses: jaxxstorm/[email protected]
	with:
	repo: pulumi/pulumictl
	- name: Install Pulumi CLI
	uses: pulumi/[email protected]
	with:
	pulumi-version-file: .pulumi.version
	- if: github.event_name == 'pull_request'
	name: Install Schema Tools
	uses: jaxxstorm/[email protected]
	with:
	repo: pulumi/schema-tools
	- name: Build K8sgen
	run: make k8sgen
	- name: Prepare OpenAPI file
	run: make openapi_file
	- name: Prepare Schema
	run: make schema
	- name: Make Kubernetes provider
	run: make k8sprovider
	- if: github.event_name == 'pull_request'
	name: Check Schema is Valid
	run: >-
	echo 'SCHEMA_CHANGES<<EOF' >> $GITHUB_ENV

	schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json >> $GITHUB_ENV

	echo 'EOF' >> $GITHUB_ENV
	env:
	GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
	- if: github.event_name == 'pull_request'
	name: Comment on PR with Details of Schema Check
	uses: thollander/[email protected]
	with:
	message: \|
	${{ env.SCHEMA_CHANGES }}
	comment_tag: schemaCheck
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') &&
	github.actor == 'pulumi-bot'
	name: Add label if no breaking changes
	uses: actions-ecosystem/[email protected]
	with:
	labels: impact/no-changelog-required
	number: ${{ github.event.issue.number }}
	github_token: ${{ secrets.GITHUB_TOKEN }}
	- name: Check worktree clean
	uses: pulumi/[email protected]
	with:
	allowed-changes: \|-
	sdk/**/pulumi-plugin.json
	sdk/dotnet/Pulumi.*.csproj
	sdk/go/**/pulumiUtilities.go
	sdk/nodejs/package.json
	sdk/python/pyproject.toml
	- run: git status --porcelain
	- name: Tar provider binaries
	run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
	github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
	pulumi-gen-${{ env.PROVIDER}}
	- name: Upload artifacts
	uses: actions/[email protected]
	with:
	name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
	path: ${{ github.workspace }}/bin/provider.tar.gz
	- name: Test Provider Library
	run: make test_provider
	- name: Upload coverage reports to Codecov
	uses: codecov/[email protected]
	env:
	CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
	- if: failure() && github.event_name == 'push'
	name: Notify Slack
	uses: 8398a7/[email protected]
	with:
	author_name: Failure in building provider prerequisites
	fields: repo,commit,author,action
	status: ${{ job.status }}
	if: github.event_name == 'repository_dispatch' \|\|
	github.event.pull_request.head.repo.full_name == github.repository
	build_sdks:
	needs: prerequisites
	runs-on: pulumi-ubuntu-8core
	strategy:
	fail-fast: true
	matrix:
	language:
	- nodejs
	- python
	- dotnet
	- go
	- java
	name: build_sdks
	steps:
	- name: Checkout Repo
	uses: actions/[email protected]
	with:
	lfs: true
	ref: ${{ env.PR_COMMIT_SHA }}
	- id: version
	name: Set Provider Version
	uses: pulumi/[email protected]
	with:
	set-env: PROVIDER_VERSION
	- name: Install Go
	uses: actions/[email protected]
	with:
	go-version: ${{ env.GOVERSION }}
	cache-dependency-path: "*/.sum"
	- name: Install pulumictl
	uses: jaxxstorm/[email protected]
	with:
	repo: pulumi/pulumictl
	- name: Install Pulumi CLI
	uses: pulumi/[email protected]
	with:
	pulumi-version-file: .pulumi.version
	- name: Setup Node
	uses: actions/[email protected]
	with:
	node-version: ${{ env.NODEVERSION }}
	registry-url: https://registry.npmjs.org
	- name: Setup DotNet
	uses: actions/[email protected]
	with:
	dotnet-version: ${{ env.DOTNETVERSION }}
	- name: Setup Python
	uses: actions/[email protected]
	with:
	python-version: ${{ env.PYTHONVERSION }}
	- name: Setup Java
	uses: actions/[email protected]
	with:
	java-version: ${{ env.JAVAVERSION }}
	distribution: temurin
	cache: gradle
	- name: Setup Gradle
	uses: gradle/[email protected]
	with:
	gradle-version: "7.6"
	- name: Download provider + tfgen binaries
	uses: actions/[email protected]
	with:
	name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
	path: ${{ github.workspace }}/bin
	- name: UnTar provider binaries
	run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
	github.workspace}}/bin
	- name: Restore Binary Permissions
	run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
	-exec chmod +x {} \;
	- name: Generate SDK
	run: make ${{ matrix.language }}_sdk
	- name: Check worktree clean
	uses: pulumi/[email protected]
	with:
	allowed-changes: \|-
	sdk/**/pulumi-plugin.json
	sdk/dotnet/Pulumi.*.csproj
	sdk/go/**/pulumiUtilities.go
	sdk/nodejs/package.json
	sdk/python/pyproject.toml
	- run: git status --porcelain
	- name: Tar SDK folder
	run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
	- name: Upload artifacts
	uses: actions/[email protected]
	with:
	name: ${{ matrix.language }}-sdk.tar.gz
	path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
	retention-days: 30
	- if: failure() && github.event_name == 'push'
	name: Notify Slack
	uses: 8398a7/[email protected]
	with:
	author_name: Failure while building SDKs
	fields: repo,commit,author,action
	status: ${{ job.status }}
	if: github.event_name == 'repository_dispatch' \|\|
	github.event.pull_request.head.repo.full_name == github.repository
	test:
	runs-on: pulumi-ubuntu-8core
	needs:
	- build_sdks
	strategy:
	fail-fast: false
	matrix:
	language:
	- nodejs
	- python
	- dotnet
	- go
	- java
	name: test
	permissions:
	contents: read
	id-token: write
	steps:
	- name: Checkout Repo
	uses: actions/[email protected]
	with:
	lfs: true
	ref: ${{ env.PR_COMMIT_SHA }}
	- id: version
	name: Set Provider Version
	uses: pulumi/[email protected]
	with:
	set-env: PROVIDER_VERSION
	- name: Install Go
	uses: actions/[email protected]
	with:
	go-version: ${{ env.GOVERSION }}
	cache-dependency-path: "*/.sum"
	- name: Install pulumictl
	uses: jaxxstorm/[email protected]
	with:
	repo: pulumi/pulumictl
	- name: Install Pulumi CLI
	uses: pulumi/[email protected]
	with:
	pulumi-version-file: .pulumi.version
	- name: Setup Node
	uses: actions/[email protected]
	with:
	node-version: ${{ env.NODEVERSION }}
	registry-url: https://registry.npmjs.org
	- name: Setup DotNet
	uses: actions/[email protected]
	with:
	dotnet-version: ${{ env.DOTNETVERSION }}
	- name: Setup Python
	uses: actions/[email protected]
	with:
	python-version: ${{ env.PYTHONVERSION }}
	- name: Setup Java
	uses: actions/[email protected]
	with:
	java-version: ${{ env.JAVAVERSION }}
	distribution: temurin
	cache: gradle
	- name: Setup Gradle
	uses: gradle/[email protected]
	with:
	gradle-version: "7.6"
	- name: Download provider + tfgen binaries
	uses: actions/[email protected]
	with:
	name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
	path: ${{ github.workspace }}/bin
	- name: UnTar provider binaries
	run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
	github.workspace}}/bin
	- name: Restore Binary Permissions
	run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
	-exec chmod +x {} \;
	- name: Download SDK
	uses: actions/[email protected]
	with:
	name: ${{ matrix.language }}-sdk.tar.gz
	path: ${{ github.workspace}}/sdk/
	- name: UnTar SDK folder
	run: tar -zxf ${{ github.workspace}}/sdk/${{ matrix.language}}.tar.gz -C ${{
	github.workspace}}/sdk/${{ matrix.language}}
	- name: Update path
	run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
	- name: Install Node dependencies
	run: yarn global add typescript
	- run: dotnet nuget add source ${{ github.workspace }}/nuget
	- name: Install Python deps
	run: \|-
	pip3 install virtualenv==20.0.23
	pip3 install pipenv
	- name: Install dependencies
	run: make install_${{ matrix.language}}_sdk
	- name: Configure AWS Credentials
	uses: aws-actions/[email protected]
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-region: ${{ env.AWS_REGION }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	role-duration-seconds: 3600
	role-session-name: ${{ env.PROVIDER }}@githubActions
	role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
	- name: Authenticate to Google Cloud
	uses: google-github-actions/[email protected]
	with:
	workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER
	}}/locations/global/workloadIdentityPools/${{
	env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{
	env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }}
	service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }}
	- name: Setup gcloud auth
	uses: google-github-actions/[email protected]
	with:
	install_components: gke-gcloud-auth-plugin
	- name: Install Kubectl
	run: >
	curl -LO
	https://storage.googleapis.com/kubernetes-release/release/$(curl -s
	https://storage.googleapis.com/kubernetes-release/release/stable-1.28.txt)/bin/linux/amd64/kubectl

	chmod +x ./kubectl

	sudo mv kubectl /usr/local/bin
	- name: Install and configure Helm
	run: \|
	curl -LO https://get.helm.sh/helm-v3.8.0-linux-amd64.tar.gz
	tar -xvf helm-v3.8.0-linux-amd64.tar.gz
	sudo mv linux-amd64/helm /usr/local/bin
	helm repo add stable https://charts.helm.sh/stable
	helm repo update
	- name: Install gotestfmt
	uses: GoTestTools/gotestfmt-action@v2
	with:
	version: v2.5.0
	token: ${{ secrets.GITHUB_TOKEN }}
	- name: Setup KinD cluster
	uses: helm/[email protected]
	with:
	cluster_name: kind-integration-tests-${{ matrix.language }}
	node_image: kindest/node:v1.29.2
	- name: Run tests
	run: cd tests/sdk/${{ matrix.language }} && go test -v -count=1 -cover -timeout
	2h -parallel 4 -short ./...
	- if: failure() && github.event_name == 'push'
	name: Notify Slack
	uses: 8398a7/[email protected]
	with:
	author_name: Failure in SDK tests
	fields: repo,commit,author,action
	status: ${{ job.status }}
	if: github.event_name == 'repository_dispatch' \|\|
	github.event.pull_request.head.repo.full_name == github.repository
	sentinel:
	runs-on: ubuntu-latest
	name: sentinel
	steps:
	- name: Mark workflow as successful
	uses: guibranco/[email protected]
	with:
	authToken: ${{ secrets.GITHUB_TOKEN }}
	context: Sentinel
	state: success
	description: Sentinel checks passed
	sha: ${{ github.event.pull_request.head.sha \|\| github.sha }}
	if: github.event_name == 'repository_dispatch' \|\|
	github.event.pull_request.head.repo.full_name == github.repository
	needs:
	- test
	- lint
	lint:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout Repo
	uses: actions/[email protected]
	with:
	lfs: true
	ref: ${{ env.PR_COMMIT_SHA }}
	- name: Install Go
	uses: actions/[email protected]
	with:
	go-version: ${{ env.GOVERSION }}
	cache-dependency-path: "*/.sum"
	- name: golangci-lint provider pkg
	uses: golangci/[email protected]
	with:
	version: ${{ env.GOLANGCI_LINT_VERSION }}
	args: -c ../.golangci.yml
	working-directory: provider
	name: lint
	if: github.event_name == 'repository_dispatch' \|\|
	github.event.pull_request.head.repo.full_name == github.repository

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update GitHub Actions workflows. #2679

Workflow file

Update GitHub Actions workflows. #2679

Jobs

Run details

Workflow file for this run