Pass tags to IAM roles (#1359) #65
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
env: | |
ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} | |
ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} | |
ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} | |
AWS_REGION: us-west-2 | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GOLANGCI_LINT_VERSION: v1.59.0 | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} | |
PROVIDER: eks | |
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | |
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | |
PULUMI_API: https://api.pulumi-staging.io | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
PYPI_USERNAME: __token__ | |
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} | |
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} | |
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} | |
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} | |
PULUMI_ENABLE_RESOURCE_REFERENCES: 1 | |
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget | |
GOVERSION: "1.21.x" | |
DOTNETVERSION: "6.x" | |
PYTHONVERSION: "3.8" | |
JAVAVERSION: "11" | |
IS_PRERELEASE: ${{ contains(github.ref_name,'-') }} | |
jobs: | |
lint: | |
name: Lint and unit test | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .node-version | |
registry-url: https://registry.npmjs.org | |
- name: Install Yarn | |
run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.13.0 | |
- name: Update PATH for Yarn | |
run: | | |
echo "$HOME/.yarn/bin" >> "$GITHUB_PATH" | |
echo "$HOME/.config/yarn/global/node_modules/.bin" >> "$GITHUB_PATH" | |
- name: Run nodejs linter | |
run: make lint | |
- name: golangci-lint | |
uses: golangci/golangci-lint-action@v6 | |
with: | |
version: ${{ env.GOLANGCI_LINT_VERSION }} | |
args: -c ../.golangci.yml | |
working-directory: provider | |
- name: Run unit tests | |
run: make test_unit_tests | |
build_sdk: | |
name: build_sdk | |
runs-on: ubuntu-latest | |
needs: prerequisites | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GOVERSION }} | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v5 | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHONVERSION }} | |
- name: Setup DotNet | |
uses: actions/setup-dotnet@v4 | |
with: | |
dotnet-version: ${{ env.DOTNETVERSION }} | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .node-version | |
registry-url: https://registry.npmjs.org | |
- name: Setup Java | |
uses: actions/setup-java@v4 | |
with: | |
cache: gradle | |
distribution: temurin | |
java-version: ${{ env.JAVAVERSION }} | |
- name: Setup Gradle | |
uses: gradle/[email protected] | |
with: | |
gradle-version: "7.6" | |
- name: Install Yarn | |
run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.13.0 | |
- name: Update PATH for Yarn | |
run: | | |
echo "$HOME/.yarn/bin" >> "$GITHUB_PATH" | |
echo "$HOME/.config/yarn/global/node_modules/.bin" >> "$GITHUB_PATH" | |
- name: Build SDK | |
run: make build_${{ matrix.language }} | |
- name: Check worktree clean | |
uses: pulumi/git-status-check-action@v1 | |
with: | |
allowed-changes: | | |
sdk/**/pulumi-plugin.json | |
sdk/dotnet/Pulumi.*.csproj | |
sdk/go/**/pulumiUtilities.go | |
sdk/nodejs/package.json | |
sdk/python/pyproject.toml | |
- name: Compress NodeJS SDK folder | |
if: matrix.language == 'nodejs' | |
run: tar -zcf ${{ matrix.language }}.tar.gz -C ${{ matrix.language }}/ . | |
- name: Upload NodeJS artifacts | |
if: matrix.language == 'nodejs' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ matrix.language }}-sdk.tar.gz | |
path: ${{ github.workspace}}/${{ matrix.language }}.tar.gz | |
- name: Compress Other Lang SDK folder | |
if: matrix.language != 'nodejs' | |
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }}/ . | |
- name: Upload Other Lang artifacts | |
if: matrix.language != 'nodejs' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ matrix.language }}-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz | |
strategy: | |
fail-fast: true | |
matrix: | |
language: | |
- nodejs | |
- python | |
- dotnet | |
- java | |
- go | |
prerequisites: | |
name: prerequisites | |
runs-on: ubuntu-latest | |
outputs: | |
version: ${{ steps.provider-version.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- uses: pulumi/provider-version-action@v1 | |
id: provider-version | |
with: | |
set-env: "PROVIDER_VERSION" | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GOVERSION }} | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v5 | |
- name: Build provider binary + schema | |
run: make schema provider | |
- name: Check worktree clean | |
uses: pulumi/git-status-check-action@v1 | |
with: | |
allowed-changes: | | |
sdk/**/pulumi-plugin.json | |
sdk/dotnet/Pulumi.*.csproj | |
sdk/go/**/pulumiUtilities.go | |
sdk/nodejs/package.json | |
sdk/python/pyproject.toml | |
- name: Tar provider binaries | |
run: | |
tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace | |
}}/bin/ pulumi-resource-${{ env.PROVIDER }} | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin/provider.tar.gz | |
strategy: | |
fail-fast: true | |
publish: | |
name: publish | |
needs: | |
- prerequisites | |
- test-nodejs | |
- test-python | |
- test-dotnet | |
- test-go | |
runs-on: ubuntu-latest | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: us-east-2 | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 7200 | |
role-external-id: upload-pulumi-release | |
role-session-name: ${{ env.PROVIDER}}@githubActions | |
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} | |
- uses: MOZGIII/install-ldid-action@v1 | |
with: | |
tag: v2.1.5-procursus2 | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v5 | |
- name: Create Provider Binaries | |
run: make dist | |
- name: Upload Provider Binaries | |
run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive | |
- name: Create GH Release | |
uses: softprops/action-gh-release@v2 | |
with: | |
generate_release_notes: true | |
files: | | |
dist/*.tar.gz | |
prerelease: ${{ env.IS_PRERELEASE }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} | |
publish_sdk: | |
name: publish_sdk | |
needs: | |
- prerequisites | |
- publish | |
runs-on: ubuntu-latest | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
PACKAGE_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GOVERSION }} | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v5 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
always-auth: true | |
node-version-file: .node-version | |
registry-url: https://registry.npmjs.org | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHONVERSION }} | |
- name: Download NodeJS SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: nodejs-sdk.tar.gz | |
path: ${{ github.workspace}} | |
- name: Uncompress NodeJS SDK folder | |
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs | |
- name: Download Python SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: python-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress Python SDK folder | |
run: tar -zxf ${{ github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python | |
- name: Install Twine | |
run: python -m pip install pip twine | |
- name: Download DotNet SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: dotnet-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress DotNet SDK folder | |
run: tar -zxf ${{ github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet | |
- env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
name: Publish SDK | |
run: ./scripts/publish_packages.sh | |
publish_java_sdk: | |
continue-on-error: true | |
name: publish_java_sdk | |
needs: | |
- prerequisites | |
- publish | |
runs-on: ubuntu-latest | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
PACKAGE_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GOVERSION }} | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v5 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
always-auth: true | |
node-version-file: .node-version | |
registry-url: https://registry.npmjs.org | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHONVERSION }} | |
- name: Setup Java | |
uses: actions/setup-java@v4 | |
with: | |
cache: gradle | |
distribution: temurin | |
java-version: ${{ env.JAVAVERSION }} | |
- name: Download Java SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: java-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress Java SDK folder | |
run: tar -zxf ${{ github.workspace}}/sdk/java.tar.gz -C ${{github.workspace}}/sdk/java | |
- name: Publish Java SDK | |
uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 | |
with: | |
arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository | |
build-root-directory: ./sdk/java | |
gradle-version: 7.4.1 | |
create_docs_build: | |
name: Create docs build | |
needs: | |
- prerequisites | |
- publish_sdk | |
runs-on: ubuntu-latest | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- env: | |
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} | |
name: Dispatch event | |
run: pulumictl create docs-build pulumi-${{ env.PROVIDER }} "${GITHUB_REF#refs/tags/}" | |
test-nodejs: | |
name: Run NodeJS Tests | |
needs: | |
- prerequisites | |
- build_sdk | |
runs-on: ubuntu-latest | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GOVERSION }} | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHONVERSION }} | |
- name: Install awscli | |
run: | | |
python -m pip install --upgrade pip | |
pip install awscli --upgrade | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v5 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .node-version | |
registry-url: https://registry.npmjs.org | |
- name: Download provider binary | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin | |
- name: Untar provider binaries | |
run: | |
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace | |
}}/bin | |
- name: Restore binary perms | |
run: | |
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print | |
-exec chmod +x {} \; | |
- name: Update path | |
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | |
- name: Download SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: nodejs-sdk.tar.gz | |
path: ${{ github.workspace}} | |
- name: Uncompress SDK folder | |
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs | |
- name: Install dependencies | |
run: make install_nodejs_sdk | |
- name: Install gotestfmt | |
uses: GoTestTools/gotestfmt-action@v2 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
version: v2.4.0 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 7200 | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
- name: Configure AWS CLI | |
run: | | |
aws configure set default.aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws configure set default.aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws configure set aws_access_key_id ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} --profile ${{ secrets.ALT_AWS_PROFILE }} | |
aws configure set aws_secret_access_key ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} --profile ${{ secrets.ALT_AWS_PROFILE }} | |
- name: Link nodejs binary for testing | |
run: | | |
cd ${{ github.workspace }}/bin | |
yarn install && yarn link @pulumi/eks | |
- name: Generate go test Slice | |
id: test_split | |
uses: hashicorp-forge/[email protected] | |
with: | |
working-directory: examples | |
flags: -tags=nodejs | |
total: ${{ matrix.total }} | |
index: ${{ matrix.index }} | |
- name: Run tests | |
run: cd examples && go test -tags=nodejs -v -json -count=1 -cover -timeout 3h -parallel 6 . --run="${{ steps.test_split.outputs.run}}" 2>&1 | tee /tmp/gotest.log | gotestfmt | |
strategy: | |
fail-fast: false | |
max-parallel: 10 | |
matrix: | |
total: [15] | |
index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14] | |
test-python: | |
name: Run Python Tests | |
needs: | |
- prerequisites | |
- build_sdk | |
runs-on: ubuntu-latest | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GOVERSION }} | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v5 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .node-version | |
registry-url: https://registry.npmjs.org | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHONVERSION }} | |
- name: Install awscli | |
run: | | |
python -m pip install --upgrade pip | |
pip install awscli --upgrade | |
- name: Install Python deps | |
run: |- | |
pip3 install virtualenv==20.0.23 | |
pip3 install pipenv | |
- name: Download provider binary | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin | |
- name: Untar provider binaries | |
run: | |
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace | |
}}/bin | |
- name: Restore binary perms | |
run: | |
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print | |
-exec chmod +x {} \; | |
- name: Update path | |
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | |
- name: Download NodeJS SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: nodejs-sdk.tar.gz | |
path: ${{ github.workspace}} | |
- name: Uncompress NodeJS SDK folder | |
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs | |
- name: Install NodeJS SDK | |
run: make install_nodejs_sdk | |
- name: Download Python SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: python-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress Python SDK folder | |
run: tar -zxf ${{ github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python | |
- name: Install dependencies | |
run: make install_python_sdk | |
- name: Install gotestfmt | |
uses: GoTestTools/gotestfmt-action@v2 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
version: v2.4.0 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 7200 | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
- name: Configure AWS CLI | |
run: | | |
aws configure set default.aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws configure set default.aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws configure set aws_access_key_id ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} --profile ${{ secrets.ALT_AWS_PROFILE }} | |
aws configure set aws_secret_access_key ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} --profile ${{ secrets.ALT_AWS_PROFILE }} | |
- name: Link nodejs binary for testing | |
run: | | |
cd ${{ github.workspace }}/bin | |
yarn install && yarn link @pulumi/eks | |
- name: Generate go test Slice | |
id: test_split | |
uses: hashicorp-forge/[email protected] | |
with: | |
working-directory: examples | |
flags: -tags=python | |
total: ${{ matrix.total }} | |
index: ${{ matrix.index }} | |
- name: Run tests | |
run: cd examples && go test -tags=python -v -json -count=1 -cover -timeout 3h -parallel 6 . --run="${{ steps.test_split.outputs.run}}" 2>&1 | tee /tmp/gotest.log | gotestfmt | |
strategy: | |
fail-fast: false | |
max-parallel: 4 | |
matrix: | |
total: [6] | |
index: [0, 1, 2, 3, 4, 5] | |
test-dotnet: | |
name: Run DotNet Tests | |
needs: | |
- prerequisites | |
- build_sdk | |
runs-on: ubuntu-latest | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GOVERSION }} | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v5 | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHONVERSION }} | |
- name: Install awscli | |
run: | | |
python -m pip install --upgrade pip | |
pip install awscli --upgrade | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .node-version | |
registry-url: https://registry.npmjs.org | |
- name: Setup DotNet | |
uses: actions/setup-dotnet@v4 | |
with: | |
dotnet-version: ${{ env.DOTNETVERSION }} | |
- name: Download provider binary | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin | |
- name: Untar provider binaries | |
run: | |
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace | |
}}/bin | |
- name: Restore binary perms | |
run: | |
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print | |
-exec chmod +x {} \; | |
- name: Update path | |
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | |
- name: Download NodeJS SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: nodejs-sdk.tar.gz | |
path: ${{ github.workspace}} | |
- name: Uncompress NodeJS SDK folder | |
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs | |
- name: Install NodeJS SDK | |
run: make install_nodejs_sdk | |
- name: Download DotNet SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: dotnet-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress DotNet SDK folder | |
run: tar -zxf ${{ github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet | |
- name: Install dependencies | |
run: make install_dotnet_sdk | |
- name: Install gotestfmt | |
uses: GoTestTools/gotestfmt-action@v2 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
version: v2.4.0 | |
- run: dotnet nuget add source ${{ github.workspace }}/nuget | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 7200 | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
- name: Configure AWS CLI | |
run: | | |
aws configure set default.aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws configure set default.aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws configure set aws_access_key_id ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} --profile ${{ secrets.ALT_AWS_PROFILE }} | |
aws configure set aws_secret_access_key ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} --profile ${{ secrets.ALT_AWS_PROFILE }} | |
- name: Link nodejs binary for testing | |
run: | | |
cd ${{ github.workspace }}/bin | |
yarn install && yarn link @pulumi/eks | |
- name: Run tests | |
run: cd examples && go test -tags=dotnet -v -json -count=1 -cover -timeout 3h -parallel 6 . 2>&1 | tee /tmp/gotest.log | gotestfmt | |
test-go: | |
name: Run Go Tests | |
needs: | |
- prerequisites | |
- build_sdk | |
runs-on: ubuntu-latest | |
if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GOVERSION }} | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/actions@v5 | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: .node-version | |
registry-url: https://registry.npmjs.org | |
- name: Setup Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ env.PYTHONVERSION }} | |
- name: Install awscli | |
run: | | |
python -m pip install --upgrade pip | |
pip install awscli --upgrade | |
- name: Setup DotNet | |
uses: actions/setup-dotnet@v4 | |
with: | |
dotnet-version: ${{ env.DOTNETVERSION }} | |
- name: Download provider binary | |
uses: actions/download-artifact@v4 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin | |
- name: Untar provider binaries | |
run: | |
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace | |
}}/bin | |
- name: Restore binary perms | |
run: | |
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print | |
-exec chmod +x {} \; | |
- name: Update path | |
run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" | |
- name: Download NodeJS SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: nodejs-sdk.tar.gz | |
path: ${{ github.workspace}} | |
- name: Uncompress NodeJS SDK folder | |
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs | |
- name: Install NodeJS SDK | |
run: make install_nodejs_sdk | |
- name: Install gotestfmt | |
uses: GoTestTools/gotestfmt-action@v2 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
version: v2.4.0 | |
- name: Download Go SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: go-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress Go SDK folder | |
run: tar -zxf ${{ github.workspace}}/sdk/go.tar.gz -C ${{github.workspace}}/sdk/go | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 7200 | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
- name: Configure AWS CLI | |
run: | | |
aws configure set default.aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws configure set default.aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws configure set aws_access_key_id ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} --profile ${{ secrets.ALT_AWS_PROFILE }} | |
aws configure set aws_secret_access_key ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} --profile ${{ secrets.ALT_AWS_PROFILE }} | |
- name: Link nodejs binary for testing | |
run: | | |
cd ${{ github.workspace }}/bin | |
yarn install && yarn link @pulumi/eks | |
- name: Run tests | |
run: cd examples && go test -tags=go -v -json -count=1 -cover -timeout 3h -parallel 6 . 2>&1 | tee /tmp/gotest.log | gotestfmt | |
publish_go_sdk: | |
name: publish_go_sdk | |
needs: | |
- prerequisites | |
- publish_sdk | |
runs-on: ubuntu-latest | |
env: | |
PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Download Go SDK | |
uses: actions/download-artifact@v4 | |
with: | |
name: go-sdk.tar.gz | |
path: ${{ github.workspace }}/sdk/ | |
- name: Uncompress Go SDK | |
run: tar -zxf ${{ github.workspace }}/sdk/go.tar.gz -C | |
${{ github.workspace }}/sdk/go | |
shell: bash | |
- uses: pulumi/publish-go-sdk-action@v1 | |
with: | |
repository: ${{ github.repository }} | |
base-ref: ${{ github.sha }} | |
source: sdk | |
path: sdk | |
version: ${{ needs.prerequisites.outputs.version }} | |
additive: false | |
# Avoid including other language SDKs & artifacts in the commit | |
files: | | |
go.* | |
go/** | |
!*.tar.gz | |
name: release | |
"on": | |
push: | |
tags: | |
- v*.*.* |