From c5739762814d25f421eab4a20249ea0a3a1b6470 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Tue, 5 Nov 2024 09:42:14 -0800 Subject: [PATCH 01/16] Move COC to pulumi-provider --- .../{bridged-provider => pulumi-provider}/CODE-OF-CONDUCT.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename provider-ci/internal/pkg/templates/{bridged-provider => pulumi-provider}/CODE-OF-CONDUCT.md (100%) diff --git a/provider-ci/internal/pkg/templates/bridged-provider/CODE-OF-CONDUCT.md b/provider-ci/internal/pkg/templates/pulumi-provider/CODE-OF-CONDUCT.md similarity index 100% rename from provider-ci/internal/pkg/templates/bridged-provider/CODE-OF-CONDUCT.md rename to provider-ci/internal/pkg/templates/pulumi-provider/CODE-OF-CONDUCT.md From 853581ec8707a74e881612c2ccd803ad38ca211f Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Tue, 5 Nov 2024 11:56:40 -0800 Subject: [PATCH 02/16] Add a generic template derived from bridged-provider --- .../.github/actions/download-bin/action.yml | 16 ++ .../.github/actions/upload-bin/action.yml | 15 ++ .../.github/workflows/build_provider.yml | 70 +++++ .../generic/.github/workflows/build_sdk.yml | 70 +++++ .../generic/.github/workflows/main.yml | 255 ++++++++++++++++++ .../.github/workflows/nightly-test.yml | 152 +++++++++++ .../generic/.github/workflows/prerelease.yml | 188 +++++++++++++ .../.github/workflows/prerequisites.yml | 130 +++++++++ .../generic/.github/workflows/publish.yml | 195 ++++++++++++++ .../generic/.github/workflows/release.yml | 188 +++++++++++++ .../.github/workflows/resync-build.yml | 77 ++++++ .../workflows/run-acceptance-tests.yml | 250 +++++++++++++++++ .../.github/workflows/upgrade-bridge.yml | 108 ++++++++ .../.github/workflows/upgrade-provider.yml | 74 +++++ .../pkg/templates/generic/.mk/defaults.mk | 234 ++++++++++++++++ .../pkg/templates/generic/.mk/vars.mk | 47 ++++ 16 files changed, 2069 insertions(+) create mode 100644 provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/build_sdk.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/publish.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml create mode 100644 provider-ci/internal/pkg/templates/generic/.mk/defaults.mk create mode 100644 provider-ci/internal/pkg/templates/generic/.mk/vars.mk diff --git a/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml b/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml new file mode 100644 index 0000000000..f925c04369 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml @@ -0,0 +1,16 @@ +name: Download binary assets +description: Downloads the provider and tfgen binaries to `bin/`. + +runs: + using: "composite" + steps: + - name: Download provider + tfgen binaries + uses: #{{ .Config.ActionVersions.DownloadArtifact }}# + with: + name: #{{ .Config.Provider }}#-provider.tar.gz + path: ${{ github.workspace }}/bin + - name: Untar provider binaries + shell: bash + run: | + tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace}}/bin + find ${{ github.workspace }} -name "pulumi-*-#{{ .Config.Provider }}#" -print -exec chmod +x {} \; diff --git a/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml b/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml new file mode 100644 index 0000000000..0eb4de272c --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml @@ -0,0 +1,15 @@ +name: Upload bin assets +description: Uploads the provider and tfgen binaries to `bin/`. + +runs: + using: "composite" + steps: + - name: Tar provider binaries + shell: bash + run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-#{{ .Config.Provider }}# pulumi-tfgen-#{{ .Config.Provider }}# + - name: Upload artifacts + uses: #{{ .Config.ActionVersions.UploadArtifact }}# + with: + name: #{{ .Config.Provider }}#-provider.tar.gz + path: ${{ github.workspace }}/bin/provider.tar.gz + retention-days: 30 diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml new file mode 100644 index 0000000000..b02e5ceec2 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml @@ -0,0 +1,70 @@ +name: "Build Provider" + +on: + workflow_call: + inputs: + version: + required: true + type: string + description: Version of the provider to build + +jobs: + build_provider: + name: Build ${{ matrix.platform.os }}-${{ matrix.platform.arch }} + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ inputs.version }} + strategy: + fail-fast: true + matrix: + platform: + - os: linux + arch: amd64 + - os: linux + arch: arm64 + - os: darwin + arch: amd64 + - os: darwin + arch: arm64 + - os: windows + arch: amd64 + steps: + #{{- if .Config.FreeDiskSpaceBeforeBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, go + - name: Download schema-embed.json + uses: #{{ .Config.ActionVersions.DownloadArtifact }}# + with: + # Use a pattern to avoid failing if the artifact doesn't exist + pattern: schema-embed.* + # Avoid creating directories for each artifact + merge-multiple: true + path: provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema-embed.json + - name: Prepare for build + # This installs plugins and prepares upstream + run: make upstream + - name: Build & package provider + run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} + - name: Upload artifacts + uses: #{{ .Config.ActionVersions.UploadArtifact }}# + with: + name: pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: bin/pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + retention-days: 30 diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_sdk.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_sdk.yml new file mode 100644 index 0000000000..5191f0430f --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_sdk.yml @@ -0,0 +1,70 @@ +name: "Build SDK" + +on: + workflow_call: + inputs: + version: + required: true + type: string + +env: +#{{ .Config.Env | toYaml | indent 2 }}# + PROVIDER_VERSION: ${{ inputs.version }} + +jobs: + build_sdk: + name: build_sdk + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + strategy: + fail-fast: true + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# + steps: + #{{- if .Config.FreeDiskSpaceBeforeSdkBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Cache examples generation + uses: actions/cache@v4 + with: + path: | + .pulumi/examples-cache + key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Install plugins + run: make install_plugins + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Build SDK + run: make build_${{ matrix.language }} + - name: Check worktree clean + uses: pulumi/git-status-check-action@v1 + with: + allowed-changes: | + sdk/**/pulumi-plugin.json + sdk/dotnet/*.csproj + sdk/go/**/pulumiUtilities.go + sdk/nodejs/package.json + sdk/python/pyproject.toml + - name: Upload SDK + uses: ./.github/actions/upload-sdk + with: + language: ${{ matrix.language }} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml new file mode 100644 index 0000000000..1599cb9750 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml @@ -0,0 +1,255 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + generate_coverage_data: + continue-on-error: true + env: + COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }} + name: generate_coverage_data + needs: prerequisites + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@v1.3.1 + with: + tool-cache: false + swap-storage: false + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} + aws-region: us-west-2 + aws-secret-access-key: ${{ secrets.AWS_CORP_S3_UPLOAD_SECRET_ACCESS_KEY }} + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, schema-tools + - name: Echo Coverage Output Dir + run: 'echo "Coverage output directory: ${{ env.COVERAGE_OUTPUT_DIR }}"' + - name: Generate Coverage Data + run: PULUMI_MISSING_DOCS_ERROR=true make tfgen + - name: Summarize Provider Coverage Results + run: cat ${{ env.COVERAGE_OUTPUT_DIR }}/shortSummary.txt + - name: Upload coverage data to S3 + run: >- + summaryName="${PROVIDER}_summary_$(date +"%Y-%m-%d_%H-%M-%S").json" + + s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" + + aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control + #{{ if .Config.Lint -}}# + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + #{{ end -}}# + + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + needs: + - prerequisites + - build_provider + - test + - license_check + #{{- range $action, $_ := .Config.ExtraTests }}# + - #{{ $action }}# + #{{- end }}# + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: true + skipGoSdk: true + + tag_release_if_labeled_needs_release: + name: Tag release if labeled as needs-release + needs: publish + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: check if this commit needs release + if: ${{ env.RELEASE_BOT_ENDPOINT != '' }} + uses: pulumi/action-release-by-pr-label@main + with: + command: "release-if-needed" + repo: ${{ github.repository }} + commit: ${{ github.sha }} + slack_channel: ${{ secrets.RELEASE_OPS_SLACK_CHANNEL }} + env: + RELEASE_BOT_ENDPOINT: ${{ secrets.RELEASE_BOT_ENDPOINT }} + RELEASE_BOT_KEY: ${{ secrets.RELEASE_BOT_KEY }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + #{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.Provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.SetupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# +#{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + #{{- end }}# + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# +#{{ end }}# +name: #{{ .Config.ProviderDefaultBranch }}# +on: + workflow_dispatch: {} + push: + branches: + - #{{ .Config.ProviderDefaultBranch }}# + paths-ignore: + - "**.md" + tags-ignore: + - v* + - sdk/* + - "**" +#{{- if .Config.TestMasterAndReleaseWorkflows }}# + pull_request: +#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml new file mode 100644 index 0000000000..ecaf9a8c6b --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml @@ -0,0 +1,152 @@ +#{{ if index .Config.GenerateNightlyTestWorkflow -}}# +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language}} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.SetupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + if: matrix.testTarget == 'local' + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + #{{- end }}# + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 10 }}# +name: cron +on: + schedule: + - cron: 0 6 * * * +#{{ end -}}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml new file mode 100644 index 0000000000..7564d14c58 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml @@ -0,0 +1,188 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + IS_PRERELEASE: true +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + #{{ if .Config.Lint -}}# + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + #{{ end -}}# + + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + needs: + - prerequisites + - build_provider + - test + - license_check + #{{- range $action, $_ := .Config.ExtraTests }}# + - #{{ $action }}# + #{{- end }}# + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: true + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.Provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.SetupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + #{{- end }}# + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# +#{{ end }}# + +name: prerelease +on: + push: + tags: + - v*.*.*-** +#{{- if .Config.TestMasterAndReleaseWorkflows }}# + pull_request: +#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml new file mode 100644 index 0000000000..7133fe35c0 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml @@ -0,0 +1,130 @@ +name: "Prerequisites" + +on: + workflow_call: + inputs: + is_pr: + type: boolean + required: true + is_automated: + type: boolean + required: true + default_branch: + type: string + required: true + outputs: + version: + description: "Provider version being built" + value: ${{ jobs.prerequisites.outputs.version }} + +env: +#{{ .Config.Env | toYaml | indent 2 }}# + +jobs: + prerequisites: + name: prerequisites + runs-on: #{{ .Config.Runner.Prerequisites }}# + outputs: + version: ${{ steps.provider-version.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - uses: pulumi/provider-version-action@v1 + id: provider-version + with: + set-env: 'PROVIDER_VERSION' + - name: Cache examples generation + uses: actions/cache@v4 + with: + path: | + .pulumi/examples-cache + key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} + - name: Prepare upstream code + run: make upstream + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go, pulumictl, pulumicli, schema-tools +#{{- if .Config.Actions.PreBuild }}# +#{{ .Config.Actions.PreBuild | toYaml | indent 4 }}# +#{{- end }}# + - name: Build schema generator binary + run: make tfgen_build_only + - name: Install plugins + run: make install_plugins + - name: Generate schema + run: make tfgen_no_deps + - name: Build provider binary + run: make provider_no_deps + - name: Unit-test provider code + run: make test_provider + - if: inputs.is_pr + name: Check Schema is Valid + run: | + EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) + { + echo "SCHEMA_CHANGES<<$EOF"; + schema-tools compare -r github://api.github.com/#{{ .Config.Organization }}# -p #{{ .Config.Provider }}# -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json; + echo "$EOF"; + } >> "$GITHUB_ENV" + - if: inputs.is_pr && inputs.is_automated == false + name: Comment on PR with Details of Schema Check + uses: #{{ .Config.ActionVersions.PrComment }}# + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + comment_tag: schemaCheck + message: >+ + ${{ env.SCHEMA_CHANGES }} + + + Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes. + +#{{- if .Config.EnableConfigurationCheck }}# + - if: inputs.is_pr + name: Check Configuration section + run: | + sed -n '/## Configuration/,$p' README.md | sed -n '/## Reference/q;p' >> config_section.txt + jq -r '.config | select(.variables) | .variables | keys[]' < provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json >> keys.txt + EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) + { + echo "MISSING_CONFIG<<$EOF"; + xargs -I {} sh -c "grep -q {} config_section.txt || echo \\\`{}\\\` not found in Configuration section" < keys.txt + echo "$EOF"; + } >> "$GITHUB_ENV" + + - if: inputs.is_pr && inputs.is_automated == false + name: Check for missing config + run: | + if [ ! -z "${{ env.MISSING_CONFIG }}" ]; then + cat < "pulumi-#{{ .Config.Provider }}#_${{ inputs.version }}_checksums.txt" + - name: Get Schema Change Summary + id: schema-summary + shell: bash + run: | + # Get latest stable release. Return only first column from result (tag). + LAST_VERSION=$(gh release view --repo #{{ .Config.Organization }}#/pulumi-#{{ .Config.Provider }}# --json tagName -q .tagName || echo "No stable release" ) + { + echo 'summary<> "$GITHUB_OUTPUT" +#{{- if .Config.Publish.CDN }}# + - name: Upload Provider Binaries + run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive +#{{- end }}# + - name: Create GH Release + uses: softprops/action-gh-release@v1 + if: inputs.isPrerelease == false + with: + tag_name: v${{ inputs.version }} + prerelease: ${{ inputs.isPrerelease }} + # We keep pre-releases as drafts so they're not visible until we manually publish them. + draft: ${{ inputs.isPrerelease }} + body: ${{ steps.schema-summary.outputs.summary }} + generate_release_notes: true + files: dist/* + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + publish_sdk: + name: publish_sdk + needs: publish + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + # Persist credentials so we can push back to the repo + persist-credentials: true + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + - name: Publish SDKs + uses: pulumi/pulumi-package-publisher@v0.0.20 + with: + sdk: #{{ .Config.Publish.SDK }}# + version: ${{ inputs.version }} + - name: Download Go SDK + uses: ./.github/actions/download-sdk + with: + language: go + - uses: pulumi/publish-go-sdk-action@v1 + if: inputs.skipGoSdk == false + with: + repository: ${{ github.repository }} + base-ref: ${{ github.sha }} + source: sdk + path: sdk + version: ${{ inputs.version }} + additive: false + # Avoid including other language SDKs & artifacts in the commit + files: | + go.* + go/** + !*.tar.gz + +#{{- if .Config.PublishRegistry }}# + create_docs_build: + name: create_docs_build + needs: publish_sdk + # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped + if: inputs.isPrerelease == false + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Dispatch Metadata build + uses: peter-evans/repository-dispatch@v3 + with: + token: ${{ secrets.PULUMI_BOT_TOKEN }} + repository: pulumi/registry + event-type: resource-provider + client-payload: |- + { + "project": "${{ github.repository }}", + "project-shortname": "#{{ .Config.Provider }}#", + "ref": "${{ github.ref_name }}" + } +#{{- end }}# + + clean_up_release_labels: + name: Clean up release labels + # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped + if: inputs.isPrerelease == false + #{{ if .Config.PublishRegistry -}}# + needs: create_docs_build + #{{ else }}# + needs: publish_sdk + #{{- end }}# + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + persist-credentials: false + - name: Clean up release labels + uses: pulumi/action-release-by-pr-label@main + with: + command: "clean-up-release-labels" + repo: ${{ github.repository }} + commit: ${{ github.sha }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + verify_release: + name: verify_release + needs: publish_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ inputs.version }} + # Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. + enableMacosRunner: ${{ inputs.isPrerelease == false }} + skipGoSdk: ${{ inputs.skipGoSdk }} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml new file mode 100644 index 0000000000..2482185733 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml @@ -0,0 +1,188 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +name: release +on: + push: + tags: + - v*.*.* + - "!v*.*.*-**" +#{{- if .Config.TestMasterAndReleaseWorkflows }}# + pull_request: +#{{ end }}# + +env: +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + #{{ if .Config.Lint -}}# + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + #{{ end -}}# + + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + pull-requests: write + needs: + - prerequisites + - build_provider + - test + - license_check + #{{- range $action, $_ := .Config.ExtraTests }}# + - #{{ $action }}# + #{{- end }}# + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: false + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.Provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.SetupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + #{{- end }}# + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# +#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml new file mode 100644 index 0000000000..83fdaf5c62 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml @@ -0,0 +1,77 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + PULUMI_EXTRA_MAPPING_ERROR: #{{ .Config.FailOnExtraMapping }}# + PULUMI_MISSING_MAPPING_ERROR: #{{ .Config.FailOnMissingMapping }}# +#{{ .Config.Env | toYaml | indent 2 }}# +jobs: + resync_build: + name: resync-build + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + # Persist credentials so we can push a new branch. + persist-credentials: true + - name: Checkout repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + path: ci-mgmt + repository: pulumi/ci-mgmt + persist-credentials: false + - id: run-url + name: Create URL to the run output + run: echo "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> "$GITHUB_OUTPUT" + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, nodejs, dotnet, python + - name: Sync with ci-mgmt + run: cp -r "ci-mgmt/provider-ci/providers/$PROVIDER/repo/." . + - name: Remove ci-mgmt directory + run: rm -rf ci-mgmt + - name: Required entries for gitignore + run: |- + cat <<- EOF > "$RUNNER_TEMP/gitignore" + sdk/java/build + sdk/java/.gradle + sdk/java/gradle + sdk/java/gradlew + sdk/java/gradlew.bat + EOF + shell: bash + - name: Adding missing lines to .gitignore + run: | + comm -23 <(sort "$RUNNER_TEMP/gitignore") <(sort .gitignore) >> .gitignore.temp + cat .gitignore.temp >> .gitignore + rm .gitignore.temp + shell: bash + - name: Build + run: make build + - name: Create PR (no linked issue) + uses: peter-evans/create-pull-request@v3.12.0 + with: + author: pulumi-bot + base: #{{ .Config.ProviderDefaultBranch }}# + body: This pull request was generated automatically by the resync-build workflow + in this repository. + branch: pulumi-bot/resync-${{ github.run_id}} + commit-message: Resync build for pulumi-#{{ .Config.Provider }}# + committer: pulumi-bot + labels: impact/no-changelog-required + team-reviewers: platform-integrations + title: Fix up build for pulumi-#{{ .Config.Provider }}# + token: ${{ secrets.PULUMI_BOT_TOKEN }} +name: Resync build +on: + workflow_dispatch: + inputs: + automerge: + default: false + description: Mark created PR for auto-merging? + required: true + type: boolean diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml new file mode 100644 index 0000000000..fa05977183 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml @@ -0,0 +1,250 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: run-acceptance-tests + +on: + pull_request: + paths-ignore: + - CHANGELOG.md + repository_dispatch: + types: + - run-acceptance-tests-command + +env: + PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} +#{{ .Config.Env | toYaml | indent 2 }}# + +# This should cancel any previous runs of the same workflow on the same branch which are still running. +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + prerequisites: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + permissions: + pull-requests: write + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + comment-notification: + if: github.event_name == 'repository_dispatch' + name: comment-notification + permissions: + pull-requests: write + runs-on: #{{ .Config.Runner.Default }}# + steps: + - id: run-url + name: Create URL to the run output + run: echo "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> "$GITHUB_OUTPUT" + - name: Update with Result + uses: peter-evans/create-or-update-comment@v1 + with: + body: "Please view the PR build: ${{ steps.run-url.outputs.run-url }}" + issue-number: ${{ github.event.client_payload.github.payload.issue.number }} + repository: ${{ github.event.client_payload.github.payload.repository.full_name }} + token: ${{ secrets.GITHUB_TOKEN }} + #{{ if .Config.Lint -}}# + lint: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + #{{ end -}}# + + sentinel: + name: sentinel + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + permissions: + statuses: write + needs: + - test + - build_provider + - license_check + #{{- if .Config.Lint }}# + - lint + #{{- end }}# + #{{- range $action, $_ := .Config.ExtraTests }}# + - #{{ $action }}# + #{{- end }}# + runs-on: #{{ .Config.Runner.Default }}# + steps: + - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 + with: + authToken: ${{secrets.GITHUB_TOKEN}} + # Write an explicit status check called "Sentinel" which will only pass if this code really runs. + # This should always be a required check for PRs. + context: 'Sentinel' + description: 'All required checks passed' + state: 'success' + # Write to the PR commit SHA if it's available as we don't want the merge commit sha, + # otherwise use the current SHA for any other type of build. + sha: ${{ github.event.pull_request.head.sha || github.sha }} + + test: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSdk }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + ref: ${{ env.PR_COMMIT_SHA }} + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Checkout p/examples + if: matrix.testTarget == 'pulumiExamples' + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + repository: pulumi/examples + path: p-examples + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.Provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + #{{- if .Config.SSHPrivateKey }}# + - name: Setup SSH key + uses: webfactory/ssh-agent@v0.7.0 + with: + ssh-private-key: #{{ .Config.SSHPrivateKey }}# + #{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Prepare upstream code + run: make upstream + #{{- end }}# + #{{- if index .Config.SetupScript }}# + - name: Run setup script + run: #{{ index .Config.setupScript }}# + #{{- end }}# + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 +#{{- if .Config.Actions.PreTest }}# +#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# +#{{- end }}# + #{{- if .Config.IntegrationTestProvider }}# + - name: Run provider tests + if: matrix.testTarget == 'local' + working-directory: provider + run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + #{{- end }}# + - name: Run tests + if: matrix.testTarget == 'local' + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . + - name: Run pulumi/examples tests + if: matrix.testTarget == 'pulumiExamples' + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . + strategy: + fail-fast: false + matrix: + language: +#{{ .Config.Languages | toYaml | indent 8 }}# + #{{- if .Config.TestPulumiExamples }}# + testTarget: [local, pulumiExamples] + #{{- else }}# + testTarget: [local] + #{{- end }}# + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit +#{{- if .Config.ExtraTests }}# +#{{ .Config.ExtraTests | toYaml | indent 2 }}# +#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml new file mode 100644 index 0000000000..a57f276099 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml @@ -0,0 +1,108 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: Upgrade bridge +on: + repository_dispatch: + types: + - upgrade-bridge + - upgrade-bridge-test + workflow_dispatch: + inputs: + kind: + description: Overrides the kind of upgrade. Must be one of `all`, `bridge`, `provider`, `code`, `pf`, or `pulumi`. + required: false + type: string + default: "bridge" + target-bridge-version: + description: pulumi-terraform-bridge version or hash reference + required: false + type: string + default: "latest" + target-pulumi-version: + description: | + Set the version of `pulumi/pkg` and `pulumi/sdk` to depend on for bridged providers. Currently, + these versions inform the linked runtime and SDK generation in all languages except Java. Valid + options are: + - "": Use the same version as pulumi-terraform-bridge + - A go version such as "v3.90.1" + - A commit SHA in pulumi/pulumi such as "ac71ebc1d34e5ccfd1a7fed61e6ff43a3160f3cb" + required: false + type: string + default: "" + pr-reviewers: + description: Reviewers to assign to the auto-opened pull request + required: false + type: string + default: "" + pr-description: + description: Extra description to add to the auto-opened pull request + required: false + type: string + default: "" + pr-title-prefix: + description: Prefix to add to the auto-opened pull request title + required: false + type: string + default: "" + automerge: + description: Mark created PR for auto-merging? + required: false + type: boolean + default: false +env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + upgrade_provider: + name: upgrade-provider + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + steps: + #{{- if .Config.FreeDiskSpaceBeforeBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + - name: Call upgrade provider action + if: github.event_name == 'workflow_dispatch' + uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# + with: + kind: ${{ inputs.kind }} + email: bot@pulumi.com + username: pulumi-bot + automerge: ${{ inputs.automerge }} + target-bridge-version: ${{ inputs.target-bridge-version }} + target-pulumi-version: ${{ inputs.target-pulumi-version }} + #{{- if .Config.JavaGenVersion }}# + target-java-version: #{{ .Config.JavaGenVersion }}# + #{{- end }}# + pr-reviewers: ${{ inputs.pr-reviewers }} + pr-description: ${{ inputs.pr-description }} + pr-title-prefix: ${{ inputs.pr-title-prefix }} + - name: Call upgrade provider action + if: github.event_name == 'repository_dispatch' + uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# + with: + kind: ${{ github.event.client_payload.kind || 'bridge' }} + email: bot@pulumi.com + username: pulumi-bot + automerge: ${{ github.event.client_payload.automerge }} + target-pulumi-version: ${{ github.event.client_payload.target-pulumi-version }} + target-bridge-version: ${{ github.event.client_payload.target-bridge-version }} + pr-reviewers: ${{ github.event.client_payload.pr-reviewers }} + pr-description: ${{ github.event.client_payload.pr-description }} + pr-title-prefix: ${{ github.event.client_payload.pr-title-prefix }} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml new file mode 100644 index 0000000000..b3fc44ce7c --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml @@ -0,0 +1,74 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: Upgrade provider +on: + workflow_dispatch: + inputs: + version: + description: | + The version of the upstream provider to upgrade to, without the 'v' prefix + + If no version is specified, it will be inferred from the upstream provider's release tags. + required: false + type: string + schedule: + # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. + - cron: 0 3 * * * + +env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + upgrade_provider: + name: upgrade-provider + runs-on: #{{ .Config.Runner.Default }}# + if: #{{ .Config.CheckUpstreamUpgrade }}# + steps: + #{{- if .Config.FreeDiskSpaceBeforeBuild }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false + #{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + # Persist credentials so upgrade-provider can push a new branch. + persist-credentials: true + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# + - name: Install upgrade-provider + run: go install github.com/pulumi/upgrade-provider@main + shell: bash + - name: "Set up git identity" + run: | + git config --global user.name 'bot@pulumi.com' + git config --global user.email 'bot@pulumi.com' + shell: bash + - name: Create issues for new upstream version + if: inputs.version == '' + id: upstream_version + # This step outputs `latest_version` if there is a pending upgrade + run: upgrade-provider "$REPO" --kind=check-upstream-version + env: + REPO: ${{ github.repository }} + shell: bash + - name: Calculate target version + id: target_version + # Prefer the manually specified version if it exists + # upstream_version will be empty if the provider is up-to-date + run: echo "version=${{ github.event.inputs.version || steps.upstream_version.outputs.latest_version }}" >> "$GITHUB_OUTPUT" + shell: bash + - name: Attempt provider upgrade + # Only attempt the upgrade if we have a target version + if: steps.target_version.outputs.version != '' + run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" #{{ if .Config.JavaGenVersion }}#--java-version="#{{ .Config.JavaGenVersion }}#"#{{ end }}# + shell: bash diff --git a/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk b/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk new file mode 100644 index 0000000000..8501b07248 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk @@ -0,0 +1,234 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made +# via https://github.com/pulumi/ci-mgmt. +# +# This file contains default make targets consumed by CI workflows. This targets are no-ops and are intended to be +# +# does not +# make any assumptions about the provider such as its language, file structure, +# etc. +# +# A top-level `Makefile` is required and must implement provider-specific +# targets like `test`. +# +# In order to use these targets, the top-level Makefile must include this file: +# +# include .mk/defaults.mk +# +# If the top-level Makefile implements a target like `test`, then this will be +# invoked in CI. Otherwise, the `default.test` target will be used. + +include .mk/vars.mk + +# Implement `prerequisites` to run custom logic before all SDK and provider build steps. +default.prebuild: + @echo "No prerequisites to build" + +default.development: install_plugins provider build_sdks install_sdks + +default.build: install_plugins provider build_sdks install_sdks + +default.build_sdks: #{{ range .Config.Languages }}#build_#{{ . }}# #{{ end }}##{{- if .Config.RegistryDocs }}#build_registry_docs#{{- end }}# + +default.install_go_sdk: + +default.install_java_sdk: + +default.install_python_sdk: + +default.install_sdks: install_dotnet_sdk install_python_sdk install_nodejs_sdk install_java_sdk + + +default.build_dotnet: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_dotnet: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_dotnet: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_dotnet: prebuild + rm -rf sdk/dotnet + PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) dotnet --out sdk/dotnet/ + cd sdk/dotnet/ && \ + printf "module fake_dotnet_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + echo "$(VERSION_GENERIC)" >version.txt && \ + dotnet build + +default.build_go: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_go: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_go: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_go: prebuild + PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) go --out sdk/go/ + cd sdk && go list "$$(grep -e "^module" go.mod | cut -d ' ' -f 2)/go/..." | xargs -I {} bash -c 'go build {} && go clean -i {}' + +default.build_java: PACKAGE_VERSION := $(VERSION_GENERIC) +default.build_java: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_java: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_java: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_java: bin/pulumi-java-gen +default.build_java: prebuild + rm -rf sdk/java/ + $(WORKING_DIR)/bin/$(JAVA_GEN) generate --schema $(SCHEMA_PATH) --out sdk/java --build gradle-nexus + cd sdk/java/ && \ + printf "module fake_java_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + gradle --console=plain build && \ + gradle --console=plain javadoc + +default.build_nodejs: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_nodejs: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_nodejs: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_nodejs: prebuild + rm -rf sdk/nodejs/ + cd sdk/nodejs/ && \ + printf "module fake_nodejs_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + yarn install && \ + yarn run tsc && \ + cp ../../README.md ../../LICENSE* package.json yarn.lock ./bin/ + +default.build_python: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_python: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_python: export PULggUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_python: prebuild + rm -rf sdk/python/ + cd sdk/python/ && \ + printf "module fake_python_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + cp ../../README.md . && \ + rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \ + rm ./bin/go.mod && \ + python3 -m venv venv && \ + ./venv/bin/python -m pip install build==1.2.1 && \ + cd ./bin && \ + ../venv/bin/python -m build . +#{{- if .Config.RegistryDocs }}# + +# Run the bridge's registry-docs command to generated the content of the installation docs/ folder at provider repo root +default.build_registry_docs: + $(WORKING_DIR)/bin/$(TFGEN) registry-docs --out $(WORKING_DIR)/docs +#{{- end }}# + +default.clean: + rm -rf sdk/{dotnet,nodejs,go,python} + rm -rf $(WORKING_DIR)/bin + +default.docs: + @echo "Define a `docs` target to generate docs." + +default.install_dotnet_sdk: + mkdir -p $(WORKING_DIR)/nuget + find . -name '*.nupkg' -print -exec cp -p {} $(WORKING_DIR)/nuget \; + +default.install_nodejs_sdk: + yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin + +default.install_plugins: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.install_plugins: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.install_plugins: .pulumi/bin/pulumi + #{{- range .Config.Plugins }}# + .pulumi/bin/pulumi plugin install #{{ or .Kind "resource" }}# #{{ .Name }}# #{{ .Version }}# + #{{- end }}# + +default.lint_provider: provider + cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml + +# `lint_provider.fix` is a utility target meant to be run manually +# that will run the linter and fix errors when possible. +default.lint_provider.fix: + cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml --fix + +# `make provider_no_deps` builds the provider binary directly, without ensuring that +# `cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json` is valid and up to date. +# To create a release ready binary, you should use `make provider`. +default.provider: + (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)) + +default.test: export PATH := $(WORKING_DIR)/bin:$(PATH) +default.test: + cd examples && go test -v -tags=all -parallel $(TESTPARALLELISM) -timeout 2h + +default.test_provider: + @echo "" + @echo "== test_provider ===================================================================" + @echo "" + cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) + +default.bin/pulumi-java-gen: + mkdir -p bin/ + pulumictl download-binary -n pulumi-language-java -v $(JAVA_GEN_VERSION) -r pulumi/pulumi-java + +# To make an immediately observable change to .ci-mgmt.yaml: +# +# - Edit .ci-mgmt.yaml +# - Run make ci-mgmt to apply the change locally. +# +default.ci-mgmt: .ci-mgmt.yaml + go run github.com/pulumi/ci-mgmt/provider-ci@master generate \ + --name $(ORG)/pulumi-$(PACK) \ + --out . \ + --template #{{ .Config.Template }}# \ + --config $< + +# Because some codegen depends on the version of the CLI used, we install a local CLI +# version pinned to the same version as `provider/go.mod`. +# +# This logic compares the version of .pulumi/bin/pulumi already installed. If it matches +# the desired version, we just print. Otherwise we (re)install pulumi at the desired +# version. +default..pulumi/bin/pulumi: .pulumi/version + @if [ -x .pulumi/bin/pulumi ] && [ "v$$(cat .pulumi/version)" = "$$(.pulumi/bin/pulumi version)" ]; then \ + echo "pulumi/bin/pulumi version: v$$(cat .pulumi/version)"; \ + else \ + curl -fsSL https://get.pulumi.com | \ + HOME=$(WORKING_DIR) sh -s -- --version "$$(cat .pulumi/version)"; \ + fi + +# Compute the version of Pulumi to use by inspecting the Go dependencies of the provider. +default..pulumi/version: provider/go.mod + @mkdir -p .pulumi + @cd provider && go list -f "{{slice .Version 1}}" -m github.com/pulumi/pulumi/pkg/v3 | tee ../$@ + +.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup#{{ if .Config.DocsCmd }}# docs#{{end}}# help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test prerequisites ci-mgmt test_provider + +# Provider cross-platform build & packaging + +# These targets assume that the schema-embed.json exists - it's generated by tfgen. +# We disable CGO to ensure that the binary is statically linked. +bin/linux-amd64/$(PROVIDER): TARGET := linux-amd64 +bin/linux-arm64/$(PROVIDER): TARGET := linux-arm64 +bin/darwin-amd64/$(PROVIDER): TARGET := darwin-amd64 +bin/darwin-arm64/$(PROVIDER): TARGET := darwin-arm64 +bin/windows-amd64/$(PROVIDER).exe: TARGET := windows-amd64 +bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: + @# check the TARGET is set + test $(TARGET) + cd provider && \ + export GOOS=$$(echo "$(TARGET)" | cut -d "-" -f 1) && \ + export GOARCH=$$(echo "$(TARGET)" | cut -d "-" -f 2) && \ + export CGO_ENABLED=0 && \ + go build -o "${WORKING_DIR}/$@" $(PULUMI_PROVIDER_BUILD_PARALLELISM) -ldflags "$(LDFLAGS)" "$(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)" + +bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe +bin/$(PROVIDER)-v$(VERSION_GENERIC)-%.tar.gz: + @mkdir -p dist + @# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz + @# $@ is the current target e.g. bin/pulumi-resource-xyz-v1.2.3-linux-amd64.tar.gz + tar --gzip -cf $@ README.md LICENSE -C $$(dirname $<) . + +provider_dist-linux-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz +provider_dist-linux-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz +provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz +provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz +provider_dist-windows-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz +provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 +.PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist + +help: + grep '^[^.#]\+:\s\+.*#' Makefile | \ + sed "s/\(.\+\):\s*\(.*\) #\s*\(.*\)/`printf "\033[93m"`\1`printf "\033[0m"` \3 [\2]/" | \ + expand -t20 + + +# Delegate any undefined target "foo" to its respective "default.foo" target, +# if it exists. +%: + @$(MAKE) -f defaults.mk "default.$@" + + diff --git a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk new file mode 100644 index 0000000000..a88499ed71 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk @@ -0,0 +1,47 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made +# via https://github.com/pulumi/ci-mgmt. +# +# This file contains default variables consumed by CI workflows. +# +PACK := #{{ .Config.Provider }}# +ORG := #{{ .Config.Organization }}# +PROJECT := github.com/$(ORG)/pulumi-$(PACK) +#{{- if ge .Config.MajorVersion 2 }}# +PROVIDER_PATH := provider/v#{{ .Config.MajorVersion }}# +#{{- else }}# +PROVIDER_PATH := provider +#{{- end }}# +VERSION_PATH := $(PROVIDER_PATH)/pkg/version.Version +SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json +PROVIDER := pulumi-resource-$(PACK) +JAVA_GEN := pulumi-java-gen +JAVA_GEN_VERSION := v0.16.1 +TESTPARALLELISM := 10 +WORKING_DIR := $(shell pwd) +#{{- if .Config.GoBuildParallelism }}# +PULUMI_PROVIDER_BUILD_PARALLELISM ?= -p #{{ .Config.GoBuildParallelism }}# +#{{- else }}# +PULUMI_PROVIDER_BUILD_PARALLELISM ?= +#{{- end }}# +#{{- if .Config.PulumiConvert }}# +PULUMI_CONVERT := 1 +#{{- else }}# +PULUMI_CONVERT := 0 +#{{- end }}# +PULUMI_MISSING_DOCS_ERROR := true + +# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable +# Local & branch builds will just used this fixed default version unless specified +PROVIDER_VERSION ?= #{{ .Config.MajorVersion }}#.0.0-alpha.0+dev +# Use this normalised version everywhere rather than the raw input to ensure consistency. +VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)") + +LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC)#{{if .Config.ProviderVersion}}# -X #{{ .Config.ProviderVersion }}#=$(VERSION_GENERIC)#{{end}}# +#{{- if .Config.ProviderVersion }}# +LDFLAGS_UPSTREAM_VERSION=-X #{{ .Config.ProviderVersion }}#=v$(VERSION_GENERIC) +#{{- else }}# +LDFLAGS_UPSTREAM_VERSION= +#{{- end }}# +LDFLAGS_EXTRAS=#{{- range .Config.ExtraLDFlags }}# #{{ . }}# #{{- end }}# +LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS) + From 71823a223e0f2e3e01cfa9d0e47bf3c29bba7187 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Tue, 5 Nov 2024 11:57:02 -0800 Subject: [PATCH 03/16] Generate test-providers/eks --- provider-ci/Makefile | 2 +- provider-ci/internal/pkg/generate.go | 2 + provider-ci/providers.json | 1 + provider-ci/test-providers/eks/.ci-mgmt.yaml | 25 ++ provider-ci/test-providers/eks/.gitattributes | 1 + .../eks/.github/ISSUE_TEMPLATE/bug.yaml | 69 ++++++ .../eks/.github/ISSUE_TEMPLATE/epic.md | 35 +++ .../.github/actions/download-bin/action.yml | 16 ++ .../.github/actions/download-sdk/action.yml | 19 ++ .../.github/actions/setup-tools/action.yml | 81 +++++++ .../eks/.github/actions/upload-bin/action.yml | 15 ++ .../eks/.github/actions/upload-sdk/action.yml | 20 ++ .../eks/.github/workflows/build_provider.yml | 58 +++++ .../eks/.github/workflows/build_sdk.yml | 85 +++++++ .../.github/workflows/command-dispatch.yml | 52 ++++ .../workflows/community-moderation.yml | 45 ++++ .../eks/.github/workflows/license.yml | 69 ++++++ .../eks/.github/workflows/lint.yml | 62 +++++ .../eks/.github/workflows/master.yml | 209 ++++++++++++++++ .../eks/.github/workflows/prerelease.yml | 145 +++++++++++ .../eks/.github/workflows/prerequisites.yml | 112 +++++++++ .../eks/.github/workflows/publish.yml | 202 ++++++++++++++++ .../eks/.github/workflows/pull-request.yml | 48 ++++ .../eks/.github/workflows/release.yml | 145 +++++++++++ .../eks/.github/workflows/release_command.yml | 45 ++++ .../eks/.github/workflows/resync-build.yml | 97 ++++++++ .../workflows/run-acceptance-tests.yml | 203 ++++++++++++++++ .../eks/.github/workflows/upgrade-bridge.yml | 93 ++++++++ .../.github/workflows/upgrade-provider.yml | 62 +++++ .../eks/.github/workflows/verify-release.yml | 86 +++++++ provider-ci/test-providers/eks/.golangci.yml | 35 +++ .../test-providers/eks/.mk/defaults.mk | 225 ++++++++++++++++++ provider-ci/test-providers/eks/.mk/vars.mk | 31 +++ .../test-providers/eks/.upgrade-config.yml | 6 + .../test-providers/eks/CODE-OF-CONDUCT.md | 80 +++++++ 35 files changed, 2480 insertions(+), 1 deletion(-) create mode 100644 provider-ci/test-providers/eks/.ci-mgmt.yaml create mode 100644 provider-ci/test-providers/eks/.gitattributes create mode 100644 provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/bug.yaml create mode 100644 provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/epic.md create mode 100644 provider-ci/test-providers/eks/.github/actions/download-bin/action.yml create mode 100644 provider-ci/test-providers/eks/.github/actions/download-sdk/action.yml create mode 100644 provider-ci/test-providers/eks/.github/actions/setup-tools/action.yml create mode 100644 provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml create mode 100644 provider-ci/test-providers/eks/.github/actions/upload-sdk/action.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/build_provider.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/build_sdk.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/community-moderation.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/license.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/lint.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/master.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/prerelease.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/prerequisites.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/publish.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/pull-request.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/release.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/release_command.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/resync-build.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/verify-release.yml create mode 100644 provider-ci/test-providers/eks/.golangci.yml create mode 100644 provider-ci/test-providers/eks/.mk/defaults.mk create mode 100644 provider-ci/test-providers/eks/.mk/vars.mk create mode 100644 provider-ci/test-providers/eks/.upgrade-config.yml create mode 100644 provider-ci/test-providers/eks/CODE-OF-CONDUCT.md diff --git a/provider-ci/Makefile b/provider-ci/Makefile index 8b5403dc3c..bb8c8b3afd 100644 --- a/provider-ci/Makefile +++ b/provider-ci/Makefile @@ -37,7 +37,7 @@ format: # files for other bridged provider repositories should be ephemeral. .PHONY: test-providers test-provider/% -test-providers: test-provider/aws test-provider/docker test-provider/cloudflare test-provider/acme +test-providers: test-provider/aws test-provider/docker test-provider/cloudflare test-provider/acme test-provider/eks # 1. Delete all files except the .ci-mgmt.yaml file and run the provider-ci generate command. # 2. Copy the generated provider repository to a temporary git repo and run actionlint on it. diff --git a/provider-ci/internal/pkg/generate.go b/provider-ci/internal/pkg/generate.go index c73bd1c68d..82de5a7bb6 100644 --- a/provider-ci/internal/pkg/generate.go +++ b/provider-ci/internal/pkg/generate.go @@ -93,6 +93,8 @@ func getTemplateDirs(templateName string) ([]string, error) { case "external-bridged-provider": // Render more specific templates last to allow them to override more general templates. return []string{"dev-container", "provider", "bridged-provider"}, nil + case "generic": + return []string{"provider", "pulumi-provider", "generic"}, nil default: return nil, fmt.Errorf("unknown template: %s", templateName) } diff --git a/provider-ci/providers.json b/provider-ci/providers.json index 0ebe54386b..07a710d0a7 100644 --- a/provider-ci/providers.json +++ b/provider-ci/providers.json @@ -23,6 +23,7 @@ "dnsimple", "docker", "ec", + "eks", "external", "f5bigip", "fastly", diff --git a/provider-ci/test-providers/eks/.ci-mgmt.yaml b/provider-ci/test-providers/eks/.ci-mgmt.yaml new file mode 100644 index 0000000000..abe552ea0a --- /dev/null +++ b/provider-ci/test-providers/eks/.ci-mgmt.yaml @@ -0,0 +1,25 @@ +provider: eks +major-version: 3 +aws: true +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + PULUMI_ENABLE_RESOURCE_REFERENCES: 1 + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget +template: generic diff --git a/provider-ci/test-providers/eks/.gitattributes b/provider-ci/test-providers/eks/.gitattributes new file mode 100644 index 0000000000..ff9aa4f9db --- /dev/null +++ b/provider-ci/test-providers/eks/.gitattributes @@ -0,0 +1 @@ +sdk/**/* linguist-generated=true diff --git a/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/bug.yaml b/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/bug.yaml new file mode 100644 index 0000000000..63d707268a --- /dev/null +++ b/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/bug.yaml @@ -0,0 +1,69 @@ +name: Bug Report +description: Report something that's not working correctly +labels: ["kind/bug", "needs-triage"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + You can also ask questions on our [Community Slack](https://slack.pulumi.com/). + - type: textarea + id: what-happened + attributes: + label: Describe what happened + description: Please summarize what happened, including what Pulumi commands you ran, as well as + an inline snippet of any relevant error or console output. + validations: + required: true + - type: textarea + id: sample-program + attributes: + label: Sample program + description: | +
Provide a reproducible sample program + If this is a bug you encountered while running a Pulumi command, please provide us with a minimal, + self-contained Pulumi program that reproduces this behavior so that we can investigate on our end. + Without a functional reproduction, we will not be able to prioritize this bug. + **Note:** If the program output is more than a few lines, please send us a Gist or a link to a file. +
+ validations: + required: true + - type: textarea + id: log-output + attributes: + label: Log output + description: | +
How to Submit Logs + If this is something that is dependent on your environment, please also provide us with the output of + `pulumi up --logtostderr --logflow -v=10` from the root of your project. + We may also ask you to supply us with debug output following [these steps](https://www.pulumi.com/docs/using-pulumi/pulumi-packages/debugging-provider-packages/). + **Note:** If the log output is more than a few lines, please send us a Gist or a link to a file. +
+ - type: textarea + id: resources + attributes: + label: Affected Resource(s) + description: Please list the affected Pulumi Resource(s) or Function(s). + validations: + required: false + - type: textarea + id: versions + attributes: + label: Output of `pulumi about` + description: Provide the output of `pulumi about` from the root of your project. + validations: + required: true + - type: textarea + id: ctx + attributes: + label: Additional context + description: Anything else you would like to add? + validations: + required: false + - type: textarea + id: voting + attributes: + label: Contributing + value: | + Vote on this issue by adding a 👍 reaction. + To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already). \ No newline at end of file diff --git a/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/epic.md b/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/epic.md new file mode 100644 index 0000000000..27d4e3a440 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/ISSUE_TEMPLATE/epic.md @@ -0,0 +1,35 @@ +--- +name: Epic +about: Tracks a shippable unit of work +title: '[Epic] {your-title-here}' +labels: kind/epic +projects: ['pulumi/32'] +assignees: '' +type: Epic +--- + +## Overview + + +## Key KPIs + + +## Key Stakeholders +- Product and Engineering: +- Documentation: +- Marketing/Partnerships: +- Customers: + +## Key Deliverables + + +### References 📔 + + +- [ ] Project View +- [ ] PR/FAQ +- [ ] Design Doc +- [ ] UX Designs +- [ ] Decision Log + + diff --git a/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml b/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml new file mode 100644 index 0000000000..8558d5f735 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml @@ -0,0 +1,16 @@ +name: Download binary assets +description: Downloads the provider and tfgen binaries to `bin/`. + +runs: + using: "composite" + steps: + - name: Download provider + tfgen binaries + uses: actions/download-artifact@v4 + with: + name: eks-provider.tar.gz + path: ${{ github.workspace }}/bin + - name: Untar provider binaries + shell: bash + run: | + tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace}}/bin + find ${{ github.workspace }} -name "pulumi-*-eks" -print -exec chmod +x {} \; diff --git a/provider-ci/test-providers/eks/.github/actions/download-sdk/action.yml b/provider-ci/test-providers/eks/.github/actions/download-sdk/action.yml new file mode 100644 index 0000000000..1fd54841b4 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/download-sdk/action.yml @@ -0,0 +1,19 @@ +name: Download SDK asset +description: Restores the SDK asset for a language. + +inputs: + language: + required: true + description: One of nodejs, python, dotnet, go, java + +runs: + using: "composite" + steps: + - name: Download ${{ inputs.language }} SDK + uses: actions/download-artifact@v4 + with: + name: ${{ inputs.language }}-sdk.tar.gz + path: ${{ github.workspace}}/sdk/ + - name: Uncompress SDK folder + shell: bash + run: tar -zxf ${{ github.workspace }}/sdk/${{ inputs.language }}.tar.gz -C ${{ github.workspace }}/sdk/${{ inputs.language }} diff --git a/provider-ci/test-providers/eks/.github/actions/setup-tools/action.yml b/provider-ci/test-providers/eks/.github/actions/setup-tools/action.yml new file mode 100644 index 0000000000..642d1d223f --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/setup-tools/action.yml @@ -0,0 +1,81 @@ +name: Setup tools +description: Installs Go, Pulumi, pulumictl, schema-tools, Node.JS, Python, dotnet and Java. + +inputs: + tools: + description: | + Comma separated list of tools to install. The default of "all" installs all tools. Available tools are: + go + pulumicli + pulumictl + schema-tools + nodejs + python + dotnet + java + default: all + +runs: + using: "composite" + steps: + - name: Install Go + if: inputs.tools == 'all' || contains(inputs.tools, 'go') + uses: actions/setup-go@v5 + with: + go-version: "1.21.x" + cache-dependency-path: | + provider/*.sum + upstream/*.sum + sdk/*.sum + + - name: Install pulumictl + if: inputs.tools == 'all' || contains(inputs.tools, 'pulumictl') + uses: jaxxstorm/action-install-gh-release@v1.11.0 + with: + tag: v0.0.46 + repo: pulumi/pulumictl + + - name: Install Pulumi CLI + if: inputs.tools == 'all' || contains(inputs.tools, 'pulumicli') + uses: pulumi/actions@v5 + with: + pulumi-version: "dev" + + - name: Install Schema Tools + if: inputs.tools == 'all' || contains(inputs.tools, 'schema-tools') + uses: jaxxstorm/action-install-gh-release@v1.11.0 + with: + repo: pulumi/schema-tools + + - name: Setup Node + if: inputs.tools == 'all' || contains(inputs.tools, 'nodejs') + uses: actions/setup-node@v4 + with: + node-version: 20.x + registry-url: https://registry.npmjs.org + + - name: Setup DotNet + if: inputs.tools == 'all' || contains(inputs.tools, 'dotnet') + uses: actions/setup-dotnet@v4 + with: + dotnet-version: 6.0.x + + - name: Setup Python + if: inputs.tools == 'all' || contains(inputs.tools, 'python') + uses: actions/setup-python@v5 + with: + python-version: 3.11.8 + + - name: Setup Java + if: inputs.tools == 'all' || contains(inputs.tools, 'java') + uses: actions/setup-java@v4 + with: + cache: gradle + distribution: temurin + java-version: 11 + + - name: Setup Gradle + if: inputs.tools == 'all' || contains(inputs.tools, 'java') + uses: gradle/gradle-build-action@v3 + with: + gradle-version: 7.6 diff --git a/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml b/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml new file mode 100644 index 0000000000..da9ce2eacc --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml @@ -0,0 +1,15 @@ +name: Upload bin assets +description: Uploads the provider and tfgen binaries to `bin/`. + +runs: + using: "composite" + steps: + - name: Tar provider binaries + shell: bash + run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-eks pulumi-tfgen-eks + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: eks-provider.tar.gz + path: ${{ github.workspace }}/bin/provider.tar.gz + retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/actions/upload-sdk/action.yml b/provider-ci/test-providers/eks/.github/actions/upload-sdk/action.yml new file mode 100644 index 0000000000..77d4849426 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/actions/upload-sdk/action.yml @@ -0,0 +1,20 @@ +name: Upload SDK asset +description: Upload the SDK for a specific language as an asset for the workflow. + +inputs: + language: + required: true + description: One of nodejs, python, dotnet, go, java + +runs: + using: "composite" + steps: + - name: Compress SDK folder + shell: bash + run: tar -zcf sdk/${{ inputs.language }}.tar.gz -C sdk/${{ inputs.language }} . + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: ${{ inputs.language }}-sdk.tar.gz + path: ${{ github.workspace}}/sdk/${{ inputs.language }}.tar.gz + retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/workflows/build_provider.yml b/provider-ci/test-providers/eks/.github/workflows/build_provider.yml new file mode 100644 index 0000000000..afccb150e8 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/build_provider.yml @@ -0,0 +1,58 @@ +name: "Build Provider" + +on: + workflow_call: + inputs: + version: + required: true + type: string + description: Version of the provider to build + +jobs: + build_provider: + name: Build ${{ matrix.platform.os }}-${{ matrix.platform.arch }} + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ inputs.version }} + strategy: + fail-fast: true + matrix: + platform: + - os: linux + arch: amd64 + - os: linux + arch: arm64 + - os: darwin + arch: amd64 + - os: darwin + arch: arm64 + - os: windows + arch: amd64 + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, go + - name: Download schema-embed.json + uses: actions/download-artifact@v4 + with: + # Use a pattern to avoid failing if the artifact doesn't exist + pattern: schema-embed.* + # Avoid creating directories for each artifact + merge-multiple: true + path: provider/cmd/pulumi-resource-eks/schema-embed.json + - name: Prepare for build + # This installs plugins and prepares upstream + run: make upstream + - name: Build & package provider + run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: bin/pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml b/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml new file mode 100644 index 0000000000..61ed3fe297 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml @@ -0,0 +1,85 @@ +name: "Build SDK" + +on: + workflow_call: + inputs: + version: + required: true + type: string + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + PROVIDER_VERSION: ${{ inputs.version }} + +jobs: + build_sdk: + name: build_sdk + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + language: + - nodejs + - python + - dotnet + - go + - java + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Cache examples generation + uses: actions/cache@v4 + with: + path: | + .pulumi/examples-cache + key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Install plugins + run: make install_plugins + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Build SDK + run: make build_${{ matrix.language }} + - name: Check worktree clean + uses: pulumi/git-status-check-action@v1 + with: + allowed-changes: | + sdk/**/pulumi-plugin.json + sdk/dotnet/*.csproj + sdk/go/**/pulumiUtilities.go + sdk/nodejs/package.json + sdk/python/pyproject.toml + - name: Upload SDK + uses: ./.github/actions/upload-sdk + with: + language: ${{ matrix.language }} diff --git a/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml new file mode 100644 index 0000000000..323780c891 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml @@ -0,0 +1,52 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + command-dispatch-for-testing: + name: command-dispatch-for-testing + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - uses: peter-evans/slash-command-dispatch@v4 + with: + commands: | + run-acceptance-tests + release + issue-type: pull-request + permission: write + reaction-token: ${{ secrets.GITHUB_TOKEN }} + repository: pulumi/pulumi-eks + token: ${{ secrets.PULUMI_BOT_TOKEN }} +name: command-dispatch +on: + issue_comment: + types: + - created + - edited diff --git a/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml b/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml new file mode 100644 index 0000000000..2afb297c25 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml @@ -0,0 +1,45 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + warn_codegen: + name: warn_codegen + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - id: schema_changed + name: Check for diff in schema + uses: dorny/paths-filter@v2 + with: + filters: "changed: 'provider/cmd/**/schema.json'" + - id: sdk_changed + if: steps.schema_changed.outputs.changed == 'false' + name: Check for diff in sdk/** + uses: dorny/paths-filter@v2 + with: + filters: "changed: 'sdk/**'" + - if: steps.sdk_changed.outputs.changed == 'true' && + github.event.pull_request.head.repo.full_name != github.repository + name: Send codegen warning as comment on PR + uses: thollander/actions-comment-pull-request@v2 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + message: > + Hello and thank you for your pull request! :heart: :sparkles: + + It looks like you're directly modifying files in the language SDKs, many of which are autogenerated. + + Be sure any files you're editing do not begin with a code generation warning. + + For generated files, you will need to make changes in `resources.go` instead, and [generate the code](https://github.com/pulumi/${{ github.event.repository.name }}/blob/master/CONTRIBUTING.md#committing-generated-code). +name: warn-codegen +on: + pull_request_target: + branches: + - master + types: + - opened diff --git a/provider-ci/test-providers/eks/.github/workflows/license.yml b/provider-ci/test-providers/eks/.github/workflows/license.yml new file mode 100644 index 0000000000..ba478c114a --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/license.yml @@ -0,0 +1,69 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: license_check + +on: + workflow_call: + inputs: {} + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + license_check: + name: License Check + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go + - run: make upstream + - uses: pulumi/license-check-action@main + with: + module-path: provider + ignore-modules: >- + github.com/aead/chacha20, + github.com/apache/arrow/go/v12, + github.com/apache/thrift/lib/go/thrift, + github.com/cloudflare/circl, + github.com/golang, + github.com/gorhill/cronexpr, + github.com/in-toto/in-toto-golang, + github.com/jmespath/go-jmespath, + github.com/keybase/go-crypto, + github.com/klauspost/compress, + github.com/mattn/go-localereader, + github.com/modern-go/reflect2, + github.com/pierrec/lz4, + github.com/pjbgf/sha1cd, + github.com/pulumi, + github.com/segmentio/asm, + golang.org diff --git a/provider-ci/test-providers/eks/.github/workflows/lint.yml b/provider-ci/test-providers/eks/.github/workflows/lint.yml new file mode 100644 index 0000000000..adf5e979a0 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/lint.yml @@ -0,0 +1,62 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: lint + +on: + workflow_call: + inputs: {} + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + lint: + name: lint + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Install go + uses: actions/setup-go@v5 + with: + # The versions of golangci-lint and setup-go here cross-depend and need to update together. + go-version: 1.23 + # Either this action or golangci-lint needs to disable the cache + cache: false + - name: disarm go:embed directives to enable lint + continue-on-error: true # this fails if there are no go:embed directives + run: | + git grep -l 'go:embed' -- provider | xargs sed -i 's/go:embed/ goembed/g' + - name: prepare upstream + continue-on-error: true + run: make upstream + - name: golangci-lint + uses: golangci/golangci-lint-action@v6 + with: + version: v1.60 + working-directory: provider diff --git a/provider-ci/test-providers/eks/.github/workflows/master.yml b/provider-ci/test-providers/eks/.github/workflows/master.yml new file mode 100644 index 0000000000..26af09bf2e --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/master.yml @@ -0,0 +1,209 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + generate_coverage_data: + continue-on-error: true + env: + COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }} + name: generate_coverage_data + needs: prerequisites + runs-on: ubuntu-latest + steps: + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@v1.3.1 + with: + tool-cache: false + swap-storage: false + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} + aws-region: us-west-2 + aws-secret-access-key: ${{ secrets.AWS_CORP_S3_UPLOAD_SECRET_ACCESS_KEY }} + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, schema-tools + - name: Echo Coverage Output Dir + run: 'echo "Coverage output directory: ${{ env.COVERAGE_OUTPUT_DIR }}"' + - name: Generate Coverage Data + run: PULUMI_MISSING_DOCS_ERROR=true make tfgen + - name: Summarize Provider Coverage Results + run: cat ${{ env.COVERAGE_OUTPUT_DIR }}/shortSummary.txt + - name: Upload coverage data to S3 + run: >- + summaryName="${PROVIDER}_summary_$(date +"%Y-%m-%d_%H-%M-%S").json" + + s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" + + aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + needs: + - prerequisites + - build_provider + - test + - license_check + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: true + skipGoSdk: true + + tag_release_if_labeled_needs_release: + name: Tag release if labeled as needs-release + needs: publish + runs-on: ubuntu-latest + steps: + - name: check if this commit needs release + if: ${{ env.RELEASE_BOT_ENDPOINT != '' }} + uses: pulumi/action-release-by-pr-label@main + with: + command: "release-if-needed" + repo: ${{ github.repository }} + commit: ${{ github.sha }} + slack_channel: ${{ secrets.RELEASE_OPS_SLACK_CHANNEL }} + env: + RELEASE_BOT_ENDPOINT: ${{ secrets.RELEASE_BOT_ENDPOINT }} + RELEASE_BOT_KEY: ${{ secrets.RELEASE_BOT_KEY }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + strategy: + fail-fast: false + matrix: + language: + - nodejs + - python + - dotnet + - go + - java +name: master +on: + workflow_dispatch: {} + push: + branches: + - master + paths-ignore: + - "**.md" + tags-ignore: + - v* + - sdk/* + - "**" diff --git a/provider-ci/test-providers/eks/.github/workflows/prerelease.yml b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml new file mode 100644 index 0000000000..19ccfebec6 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml @@ -0,0 +1,145 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + IS_PRERELEASE: true + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + needs: + - prerequisites + - build_provider + - test + - license_check + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: true + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + strategy: + fail-fast: false + matrix: + language: + - nodejs + - python + - dotnet + - go + - java + +name: prerelease +on: + push: + tags: + - v*.*.*-** diff --git a/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml b/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml new file mode 100644 index 0000000000..1c727afa03 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml @@ -0,0 +1,112 @@ +name: "Prerequisites" + +on: + workflow_call: + inputs: + is_pr: + type: boolean + required: true + is_automated: + type: boolean + required: true + default_branch: + type: string + required: true + outputs: + version: + description: "Provider version being built" + value: ${{ jobs.prerequisites.outputs.version }} + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + prerequisites: + name: prerequisites + runs-on: ubuntu-latest + outputs: + version: ${{ steps.provider-version.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - uses: pulumi/provider-version-action@v1 + id: provider-version + with: + set-env: 'PROVIDER_VERSION' + - name: Cache examples generation + uses: actions/cache@v4 + with: + path: | + .pulumi/examples-cache + key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} + - name: Prepare upstream code + run: make upstream + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go, pulumictl, pulumicli, schema-tools + - name: Build schema generator binary + run: make tfgen_build_only + - name: Install plugins + run: make install_plugins + - name: Generate schema + run: make tfgen_no_deps + - name: Build provider binary + run: make provider_no_deps + - name: Unit-test provider code + run: make test_provider + - if: inputs.is_pr + name: Check Schema is Valid + run: | + EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) + { + echo "SCHEMA_CHANGES<<$EOF"; + schema-tools compare -r github://api.github.com/pulumi -p eks -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-eks/schema.json; + echo "$EOF"; + } >> "$GITHUB_ENV" + - if: inputs.is_pr && inputs.is_automated == false + name: Comment on PR with Details of Schema Check + uses: thollander/actions-comment-pull-request@v2 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + comment_tag: schemaCheck + message: >+ + ${{ env.SCHEMA_CHANGES }} + + + Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes. + + - name: Upload bin + uses: ./.github/actions/upload-bin + + - name: Upload schema-embed.json + uses: actions/upload-artifact@v4 + with: + name: schema-embed.json + path: provider/cmd/pulumi-resource-eks/schema-embed.json + retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/workflows/publish.yml b/provider-ci/test-providers/eks/.github/workflows/publish.yml new file mode 100644 index 0000000000..9d65db1ccc --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/publish.yml @@ -0,0 +1,202 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +name: Publish + +on: + workflow_call: + inputs: + version: + required: true + type: string + isPrerelease: + required: true + type: boolean + skipGoSdk: + default: false + type: boolean + description: Skip publishing & verifying the Go SDK + +env: + IS_PRERELEASE: ${{ inputs.isPrerelease }} + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + publish: + name: publish + runs-on: ubuntu-latest + steps: + - name: Validate prerelease + if: inputs.isPrerelease == false && (contains(inputs.version, '-') || contains(inputs.version, '+')) + run: echo "Can't publish a prerelease version as a stable release. This is likely a bug in the calling workflow." && exit 1 + - name: Validate skipGoSdk + if: inputs.skipGoSdk && inputs.isPrerelease == false + run: echo "Can't skip Go SDK for stable releases. This is likely a bug in the calling workflow." && exit 1 + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, schema-tools + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: us-east-2 + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-external-id: upload-pulumi-release + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} + - name: Create dist directory + run: mkdir -p dist + - name: Download provider assets + uses: actions/download-artifact@v4 + with: + pattern: pulumi-resource-eks-v${{ inputs.version }}-* + path: dist + # Don't create a directory for each artifact + merge-multiple: true + - name: Calculate checksums + working-directory: dist + run: shasum ./*.tar.gz > "pulumi-eks_${{ inputs.version }}_checksums.txt" + - name: Get Schema Change Summary + id: schema-summary + shell: bash + run: | + # Get latest stable release. Return only first column from result (tag). + LAST_VERSION=$(gh release view --repo pulumi/pulumi-eks --json tagName -q .tagName || echo "No stable release" ) + { + echo 'summary<> "$GITHUB_OUTPUT" + - name: Upload Provider Binaries + run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive + - name: Create GH Release + uses: softprops/action-gh-release@v1 + if: inputs.isPrerelease == false + with: + tag_name: v${{ inputs.version }} + prerelease: ${{ inputs.isPrerelease }} + # We keep pre-releases as drafts so they're not visible until we manually publish them. + draft: ${{ inputs.isPrerelease }} + body: ${{ steps.schema-summary.outputs.summary }} + generate_release_notes: true + files: dist/* + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + publish_sdk: + name: publish_sdk + needs: publish + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + # Persist credentials so we can push back to the repo + persist-credentials: true + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java + - name: Publish SDKs + uses: pulumi/pulumi-package-publisher@v0.0.20 + with: + sdk: all + version: ${{ inputs.version }} + - name: Download Go SDK + uses: ./.github/actions/download-sdk + with: + language: go + - uses: pulumi/publish-go-sdk-action@v1 + if: inputs.skipGoSdk == false + with: + repository: ${{ github.repository }} + base-ref: ${{ github.sha }} + source: sdk + path: sdk + version: ${{ inputs.version }} + additive: false + # Avoid including other language SDKs & artifacts in the commit + files: | + go.* + go/** + !*.tar.gz + create_docs_build: + name: create_docs_build + needs: publish_sdk + # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped + if: inputs.isPrerelease == false + runs-on: ubuntu-latest + steps: + - name: Dispatch Metadata build + uses: peter-evans/repository-dispatch@v3 + with: + token: ${{ secrets.PULUMI_BOT_TOKEN }} + repository: pulumi/registry + event-type: resource-provider + client-payload: |- + { + "project": "${{ github.repository }}", + "project-shortname": "eks", + "ref": "${{ github.ref_name }}" + } + + clean_up_release_labels: + name: Clean up release labels + # Only run for non-prerelease, if the publish_go_sdk job was successful or skipped + if: inputs.isPrerelease == false + needs: create_docs_build + + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Clean up release labels + uses: pulumi/action-release-by-pr-label@main + with: + command: "clean-up-release-labels" + repo: ${{ github.repository }} + commit: ${{ github.sha }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + verify_release: + name: verify_release + needs: publish_sdk + uses: ./.github/workflows/verify-release.yml + secrets: inherit + with: + providerVersion: ${{ inputs.version }} + # Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. + enableMacosRunner: ${{ inputs.isPrerelease == false }} + skipGoSdk: ${{ inputs.skipGoSdk }} diff --git a/provider-ci/test-providers/eks/.github/workflows/pull-request.yml b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml new file mode 100644 index 0000000000..6a305605f9 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml @@ -0,0 +1,48 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + comment-on-pr: + if: github.event.pull_request.head.repo.full_name != github.repository + name: comment-on-pr + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Comment PR + uses: thollander/actions-comment-pull-request@v2 + with: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + message: > + PR is now waiting for a maintainer to run the acceptance tests. + + **Note for the maintainer:** To run the acceptance tests, please comment */run-acceptance-tests* on the PR +name: pull-request +on: + pull_request_target: {} diff --git a/provider-ci/test-providers/eks/.github/workflows/release.yml b/provider-ci/test-providers/eks/.github/workflows/release.yml new file mode 100644 index 0000000000..d46e68714a --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/release.yml @@ -0,0 +1,145 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +name: release +on: + push: + tags: + - v*.*.* + - "!v*.*.*-**" + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + prerequisites: + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + lint: + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit + + publish: + name: publish + permissions: + contents: write + pull-requests: write + needs: + - prerequisites + - build_provider + - test + - license_check + uses: ./.github/workflows/publish.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + isPrerelease: false + + test: + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 + - name: Run tests + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + strategy: + fail-fast: false + matrix: + language: + - nodejs + - python + - dotnet + - go + - java diff --git a/provider-ci/test-providers/eks/.github/workflows/release_command.yml b/provider-ci/test-providers/eks/.github/workflows/release_command.yml new file mode 100644 index 0000000000..4029f32a79 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/release_command.yml @@ -0,0 +1,45 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: release-command +on: + repository_dispatch: + types: + - release-command +jobs: + should_release: + name: Should release PR + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Should release PR + uses: pulumi/action-release-by-pr-label@main + with: + command: "should-release" + repo: ${{ github.repository }} + pr: ${{ github.event.client_payload.pull_request.number }} + version: ${{ github.event.client_payload.slash_command.args.all }} + slack_channel: ${{ secrets.RELEASE_OPS_STAGING_SLACK_CHANNEL }} + env: + RELEASE_BOT_ENDPOINT: ${{ secrets.RELEASE_BOT_ENDPOINT }} + RELEASE_BOT_KEY: ${{ secrets.RELEASE_BOT_KEY }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - if: failure() + name: Notify failure + uses: peter-evans/create-or-update-comment@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + repository: ${{ github.event.client_payload.github.payload.repository.full_name }} + issue-number: ${{ github.event.client_payload.github.payload.issue.number }} + body: | + "release command failed: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" + - if: success() + name: Notify success + uses: peter-evans/create-or-update-comment@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + repository: ${{ github.event.client_payload.github.payload.repository.full_name }} + comment-id: ${{ github.event.client_payload.github.payload.comment.id }} + reaction-type: hooray diff --git a/provider-ci/test-providers/eks/.github/workflows/resync-build.yml b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml new file mode 100644 index 0000000000..5b194351b2 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml @@ -0,0 +1,97 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +env: + PULUMI_EXTRA_MAPPING_ERROR: true + PULUMI_MISSING_MAPPING_ERROR: true + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi +jobs: + resync_build: + name: resync-build + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + # Persist credentials so we can push a new branch. + persist-credentials: true + - name: Checkout repo + uses: actions/checkout@v4 + with: + path: ci-mgmt + repository: pulumi/ci-mgmt + persist-credentials: false + - id: run-url + name: Create URL to the run output + run: echo "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> "$GITHUB_OUTPUT" + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, nodejs, dotnet, python + - name: Sync with ci-mgmt + run: cp -r "ci-mgmt/provider-ci/providers/$PROVIDER/repo/." . + - name: Remove ci-mgmt directory + run: rm -rf ci-mgmt + - name: Required entries for gitignore + run: |- + cat <<- EOF > "$RUNNER_TEMP/gitignore" + sdk/java/build + sdk/java/.gradle + sdk/java/gradle + sdk/java/gradlew + sdk/java/gradlew.bat + EOF + shell: bash + - name: Adding missing lines to .gitignore + run: | + comm -23 <(sort "$RUNNER_TEMP/gitignore") <(sort .gitignore) >> .gitignore.temp + cat .gitignore.temp >> .gitignore + rm .gitignore.temp + shell: bash + - name: Build + run: make build + - name: Create PR (no linked issue) + uses: peter-evans/create-pull-request@v3.12.0 + with: + author: pulumi-bot + base: master + body: This pull request was generated automatically by the resync-build workflow + in this repository. + branch: pulumi-bot/resync-${{ github.run_id}} + commit-message: Resync build for pulumi-eks + committer: pulumi-bot + labels: impact/no-changelog-required + team-reviewers: platform-integrations + title: Fix up build for pulumi-eks + token: ${{ secrets.PULUMI_BOT_TOKEN }} +name: Resync build +on: + workflow_dispatch: + inputs: + automerge: + default: false + description: Mark created PR for auto-merging? + required: true + type: boolean diff --git a/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml new file mode 100644 index 0000000000..fedba7ef9b --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml @@ -0,0 +1,203 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: run-acceptance-tests + +on: + pull_request: + paths-ignore: + - CHANGELOG.md + repository_dispatch: + types: + - run-acceptance-tests-command + +env: + PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +# This should cancel any previous runs of the same workflow on the same branch which are still running. +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + prerequisites: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + permissions: + pull-requests: write + uses: ./.github/workflows/prerequisites.yml + secrets: inherit + with: + default_branch: ${{ github.event.repository.default_branch }} + is_pr: ${{ github.event_name == 'pull_request' }} + is_automated: ${{ github.actor == 'dependabot[bot]' }} + + build_provider: + uses: ./.github/workflows/build_provider.yml + needs: prerequisites + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + build_sdk: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: build_sdk + needs: prerequisites + uses: ./.github/workflows/build_sdk.yml + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + + comment-notification: + if: github.event_name == 'repository_dispatch' + name: comment-notification + permissions: + pull-requests: write + runs-on: ubuntu-latest + steps: + - id: run-url + name: Create URL to the run output + run: echo "run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID" >> "$GITHUB_OUTPUT" + - name: Update with Result + uses: peter-evans/create-or-update-comment@v1 + with: + body: "Please view the PR build: ${{ steps.run-url.outputs.run-url }}" + issue-number: ${{ github.event.client_payload.github.payload.issue.number }} + repository: ${{ github.event.client_payload.github.payload.repository.full_name }} + token: ${{ secrets.GITHUB_TOKEN }} + lint: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: lint + uses: ./.github/workflows/lint.yml + secrets: inherit + sentinel: + name: sentinel + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + permissions: + statuses: write + needs: + - test + - build_provider + - license_check + - lint + runs-on: ubuntu-latest + steps: + - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 + with: + authToken: ${{secrets.GITHUB_TOKEN}} + # Write an explicit status check called "Sentinel" which will only pass if this code really runs. + # This should always be a required check for PRs. + context: 'Sentinel' + description: 'All required checks passed' + state: 'success' + # Write to the PR commit SHA if it's available as we don't want the merge commit sha, + # otherwise use the current SHA for any other type of build. + sha: ${{ github.event.pull_request.head.sha || github.sha }} + + test: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: test + needs: + - prerequisites + - build_sdk + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + ref: ${{ env.PR_COMMIT_SHA }} + persist-credentials: false + - name: Checkout p/examples + if: matrix.testTarget == 'pulumiExamples' + uses: actions/checkout@v4 + with: + repository: pulumi/examples + path: p-examples + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + if: matrix.language == 'dotnet' + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 + - name: Run tests + if: matrix.testTarget == 'local' + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . + - name: Run pulumi/examples tests + if: matrix.testTarget == 'pulumiExamples' + run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . + strategy: + fail-fast: false + matrix: + language: + - nodejs + - python + - dotnet + - go + - java + testTarget: [local] + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit diff --git a/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml b/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml new file mode 100644 index 0000000000..639cbed527 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml @@ -0,0 +1,93 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: Upgrade bridge +on: + repository_dispatch: + types: + - upgrade-bridge + - upgrade-bridge-test + workflow_dispatch: + inputs: + kind: + description: Overrides the kind of upgrade. Must be one of `all`, `bridge`, `provider`, `code`, `pf`, or `pulumi`. + required: false + type: string + default: "bridge" + target-bridge-version: + description: pulumi-terraform-bridge version or hash reference + required: false + type: string + default: "latest" + target-pulumi-version: + description: | + Set the version of `pulumi/pkg` and `pulumi/sdk` to depend on for bridged providers. Currently, + these versions inform the linked runtime and SDK generation in all languages except Java. Valid + options are: + - "": Use the same version as pulumi-terraform-bridge + - A go version such as "v3.90.1" + - A commit SHA in pulumi/pulumi such as "ac71ebc1d34e5ccfd1a7fed61e6ff43a3160f3cb" + required: false + type: string + default: "" + pr-reviewers: + description: Reviewers to assign to the auto-opened pull request + required: false + type: string + default: "" + pr-description: + description: Extra description to add to the auto-opened pull request + required: false + type: string + default: "" + pr-title-prefix: + description: Prefix to add to the auto-opened pull request title + required: false + type: string + default: "" + automerge: + description: Mark created PR for auto-merging? + required: false + type: boolean + default: false +env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + upgrade_provider: + name: upgrade-provider + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java + - name: Call upgrade provider action + if: github.event_name == 'workflow_dispatch' + uses: pulumi/pulumi-upgrade-provider-action@v0.0.12 + with: + kind: ${{ inputs.kind }} + email: bot@pulumi.com + username: pulumi-bot + automerge: ${{ inputs.automerge }} + target-bridge-version: ${{ inputs.target-bridge-version }} + target-pulumi-version: ${{ inputs.target-pulumi-version }} + pr-reviewers: ${{ inputs.pr-reviewers }} + pr-description: ${{ inputs.pr-description }} + pr-title-prefix: ${{ inputs.pr-title-prefix }} + - name: Call upgrade provider action + if: github.event_name == 'repository_dispatch' + uses: pulumi/pulumi-upgrade-provider-action@v0.0.12 + with: + kind: ${{ github.event.client_payload.kind || 'bridge' }} + email: bot@pulumi.com + username: pulumi-bot + automerge: ${{ github.event.client_payload.automerge }} + target-pulumi-version: ${{ github.event.client_payload.target-pulumi-version }} + target-bridge-version: ${{ github.event.client_payload.target-bridge-version }} + pr-reviewers: ${{ github.event.client_payload.pr-reviewers }} + pr-description: ${{ github.event.client_payload.pr-description }} + pr-title-prefix: ${{ github.event.client_payload.pr-title-prefix }} diff --git a/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml b/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml new file mode 100644 index 0000000000..6f3c1f7359 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml @@ -0,0 +1,62 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: Upgrade provider +on: + workflow_dispatch: + inputs: + version: + description: | + The version of the upstream provider to upgrade to, without the 'v' prefix + + If no version is specified, it will be inferred from the upstream provider's release tags. + required: false + type: string + schedule: + # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. + - cron: 0 3 * * * + +env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} +jobs: + upgrade_provider: + name: upgrade-provider + runs-on: ubuntu-latest + if: true + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + # Persist credentials so upgrade-provider can push a new branch. + persist-credentials: true + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java + - name: Install upgrade-provider + run: go install github.com/pulumi/upgrade-provider@main + shell: bash + - name: "Set up git identity" + run: | + git config --global user.name 'bot@pulumi.com' + git config --global user.email 'bot@pulumi.com' + shell: bash + - name: Create issues for new upstream version + if: inputs.version == '' + id: upstream_version + # This step outputs `latest_version` if there is a pending upgrade + run: upgrade-provider "$REPO" --kind=check-upstream-version + env: + REPO: ${{ github.repository }} + shell: bash + - name: Calculate target version + id: target_version + # Prefer the manually specified version if it exists + # upstream_version will be empty if the provider is up-to-date + run: echo "version=${{ github.event.inputs.version || steps.upstream_version.outputs.latest_version }}" >> "$GITHUB_OUTPUT" + shell: bash + - name: Attempt provider upgrade + # Only attempt the upgrade if we have a target version + if: steps.target_version.outputs.version != '' + run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" + shell: bash diff --git a/provider-ci/test-providers/eks/.github/workflows/verify-release.yml b/provider-ci/test-providers/eks/.github/workflows/verify-release.yml new file mode 100644 index 0000000000..e35f022e01 --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/verify-release.yml @@ -0,0 +1,86 @@ +name: "Verify Release" + +on: + workflow_dispatch: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacRunner: + description: "Enable the MacOS runner in addition to Linux and Windows. Defaults to 'false'." + required: false + type: boolean + skipGoSdk: + description: "Skip the Go SDK verification. Defaults to 'false'. Enable this when verifying a pre-release for which we don't publish the Go SDK (for PRs and the default branch)." + required: false + type: boolean + default: false + workflow_call: + inputs: + providerVersion: + description: "The version of the provider to verify" + required: true + type: string + enableMacosRunner: + description: "Enable the macos-latest runner in addition to ubuntu-latest and windows-latest. Defaults to 'false'." + required: false + type: boolean + default: false + skipGoSdk: + description: "Skip the Go SDK verification. Defaults to 'false'. This is used when we're not publishing a Go SDK on the default branch build." + required: false + type: boolean + default: false + +env: + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + verify-release: + name: verify-release + # We don't have any release verification configurations, so we never run this workflow. + # Configure your .ci-mgmt.yaml files to include the release verification configurations e.g. + # releaseVerification: + # nodejs: path/to/nodejs/project + # python: path/to/python/project + # dotnet: path/to/dotnet/project + # go: path/to/go/project + if: false + strategy: + matrix: + # We don't have any release verification configurations, so we only run on Linux to print warnings to help users configure the release verification. + runner: ["ubuntu-latest"] + runs-on: ${{ matrix.runner }} + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumicli, nodejs, python, dotnet, go, java diff --git a/provider-ci/test-providers/eks/.golangci.yml b/provider-ci/test-providers/eks/.golangci.yml new file mode 100644 index 0000000000..720e7cd3f8 --- /dev/null +++ b/provider-ci/test-providers/eks/.golangci.yml @@ -0,0 +1,35 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +linters: + enable: + - errcheck + - gci + - goconst + - gofmt + - gosec + - govet + - ineffassign + - lll + - gosimple + - staticcheck + - misspell + - nakedret + - revive + - unconvert + - unused + enable-all: false +issues: + exclude-files: + - schema.go + - pulumiManifest.go +run: + timeout: 20m +linters-settings: + gci: + sections: + - standard # Standard section: captures all standard library packages. + - blank # Blank section: contains all blank imports. + - default # Default section: contains all imports that could not be matched to another section type. + - prefix(github.com/pulumi/) # Custom section: groups all imports with the github.com/pulumi/ prefix. + - prefix(github.com/pulumi/pulumi-eks) # Custom section: local imports + custom-order: true diff --git a/provider-ci/test-providers/eks/.mk/defaults.mk b/provider-ci/test-providers/eks/.mk/defaults.mk new file mode 100644 index 0000000000..7f456fdfc2 --- /dev/null +++ b/provider-ci/test-providers/eks/.mk/defaults.mk @@ -0,0 +1,225 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made +# via https://github.com/pulumi/ci-mgmt. +# +# This file contains default make targets consumed by CI workflows. This targets are no-ops and are intended to be +# +# does not +# make any assumptions about the provider such as its language, file structure, +# etc. +# +# A top-level `Makefile` is required and must implement provider-specific +# targets like `test`. +# +# In order to use these targets, the top-level Makefile must include this file: +# +# include .mk/defaults.mk +# +# If the top-level Makefile implements a target like `test`, then this will be +# invoked in CI. Otherwise, the `default.test` target will be used. + +include .mk/vars.mk + +# Implement `prerequisites` to run custom logic before all SDK and provider build steps. +default.prebuild: + @echo "No prerequisites to build" + +default.development: install_plugins provider build_sdks install_sdks + +default.build: install_plugins provider build_sdks install_sdks + +default.build_sdks: build_nodejs build_python build_dotnet build_go build_java + +default.install_go_sdk: + +default.install_java_sdk: + +default.install_python_sdk: + +default.install_sdks: install_dotnet_sdk install_python_sdk install_nodejs_sdk install_java_sdk + + +default.build_dotnet: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_dotnet: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_dotnet: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_dotnet: prebuild + rm -rf sdk/dotnet + PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) dotnet --out sdk/dotnet/ + cd sdk/dotnet/ && \ + printf "module fake_dotnet_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + echo "$(VERSION_GENERIC)" >version.txt && \ + dotnet build + +default.build_go: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_go: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_go: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_go: prebuild + PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) go --out sdk/go/ + cd sdk && go list "$$(grep -e "^module" go.mod | cut -d ' ' -f 2)/go/..." | xargs -I {} bash -c 'go build {} && go clean -i {}' + +default.build_java: PACKAGE_VERSION := $(VERSION_GENERIC) +default.build_java: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_java: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_java: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_java: bin/pulumi-java-gen +default.build_java: prebuild + rm -rf sdk/java/ + $(WORKING_DIR)/bin/$(JAVA_GEN) generate --schema $(SCHEMA_PATH) --out sdk/java --build gradle-nexus + cd sdk/java/ && \ + printf "module fake_java_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + gradle --console=plain build && \ + gradle --console=plain javadoc + +default.build_nodejs: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_nodejs: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_nodejs: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_nodejs: prebuild + rm -rf sdk/nodejs/ + cd sdk/nodejs/ && \ + printf "module fake_nodejs_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + yarn install && \ + yarn run tsc && \ + cp ../../README.md ../../LICENSE* package.json yarn.lock ./bin/ + +default.build_python: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.build_python: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.build_python: export PULggUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache +default.build_python: prebuild + rm -rf sdk/python/ + cd sdk/python/ && \ + printf "module fake_python_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ + cp ../../README.md . && \ + rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \ + rm ./bin/go.mod && \ + python3 -m venv venv && \ + ./venv/bin/python -m pip install build==1.2.1 && \ + cd ./bin && \ + ../venv/bin/python -m build . + +default.clean: + rm -rf sdk/{dotnet,nodejs,go,python} + rm -rf $(WORKING_DIR)/bin + +default.docs: + @echo "Define a `docs` target to generate docs." + +default.install_dotnet_sdk: + mkdir -p $(WORKING_DIR)/nuget + find . -name '*.nupkg' -print -exec cp -p {} $(WORKING_DIR)/nuget \; + +default.install_nodejs_sdk: + yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin + +default.install_plugins: export PULUMI_HOME := $(WORKING_DIR)/.pulumi +default.install_plugins: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) +default.install_plugins: .pulumi/bin/pulumi + +default.lint_provider: provider + cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml + +# `lint_provider.fix` is a utility target meant to be run manually +# that will run the linter and fix errors when possible. +default.lint_provider.fix: + cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml --fix + +# `make provider_no_deps` builds the provider binary directly, without ensuring that +# `cmd/pulumi-resource-eks/schema.json` is valid and up to date. +# To create a release ready binary, you should use `make provider`. +default.provider: + (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)) + +default.test: export PATH := $(WORKING_DIR)/bin:$(PATH) +default.test: + cd examples && go test -v -tags=all -parallel $(TESTPARALLELISM) -timeout 2h + +default.test_provider: + @echo "" + @echo "== test_provider ===================================================================" + @echo "" + cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) + +default.bin/pulumi-java-gen: + mkdir -p bin/ + pulumictl download-binary -n pulumi-language-java -v $(JAVA_GEN_VERSION) -r pulumi/pulumi-java + +# To make an immediately observable change to .ci-mgmt.yaml: +# +# - Edit .ci-mgmt.yaml +# - Run make ci-mgmt to apply the change locally. +# +default.ci-mgmt: .ci-mgmt.yaml + go run github.com/pulumi/ci-mgmt/provider-ci@master generate \ + --name $(ORG)/pulumi-$(PACK) \ + --out . \ + --template generic \ + --config $< + +# Because some codegen depends on the version of the CLI used, we install a local CLI +# version pinned to the same version as `provider/go.mod`. +# +# This logic compares the version of .pulumi/bin/pulumi already installed. If it matches +# the desired version, we just print. Otherwise we (re)install pulumi at the desired +# version. +default..pulumi/bin/pulumi: .pulumi/version + @if [ -x .pulumi/bin/pulumi ] && [ "v$$(cat .pulumi/version)" = "$$(.pulumi/bin/pulumi version)" ]; then \ + echo "pulumi/bin/pulumi version: v$$(cat .pulumi/version)"; \ + else \ + curl -fsSL https://get.pulumi.com | \ + HOME=$(WORKING_DIR) sh -s -- --version "$$(cat .pulumi/version)"; \ + fi + +# Compute the version of Pulumi to use by inspecting the Go dependencies of the provider. +default..pulumi/version: provider/go.mod + @mkdir -p .pulumi + @cd provider && go list -f "{{slice .Version 1}}" -m github.com/pulumi/pulumi/pkg/v3 | tee ../$@ + +.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test prerequisites ci-mgmt test_provider + +# Provider cross-platform build & packaging + +# These targets assume that the schema-embed.json exists - it's generated by tfgen. +# We disable CGO to ensure that the binary is statically linked. +bin/linux-amd64/$(PROVIDER): TARGET := linux-amd64 +bin/linux-arm64/$(PROVIDER): TARGET := linux-arm64 +bin/darwin-amd64/$(PROVIDER): TARGET := darwin-amd64 +bin/darwin-arm64/$(PROVIDER): TARGET := darwin-arm64 +bin/windows-amd64/$(PROVIDER).exe: TARGET := windows-amd64 +bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: + @# check the TARGET is set + test $(TARGET) + cd provider && \ + export GOOS=$$(echo "$(TARGET)" | cut -d "-" -f 1) && \ + export GOARCH=$$(echo "$(TARGET)" | cut -d "-" -f 2) && \ + export CGO_ENABLED=0 && \ + go build -o "${WORKING_DIR}/$@" $(PULUMI_PROVIDER_BUILD_PARALLELISM) -ldflags "$(LDFLAGS)" "$(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)" + +bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER) +bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe +bin/$(PROVIDER)-v$(VERSION_GENERIC)-%.tar.gz: + @mkdir -p dist + @# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz + @# $@ is the current target e.g. bin/pulumi-resource-xyz-v1.2.3-linux-amd64.tar.gz + tar --gzip -cf $@ README.md LICENSE -C $$(dirname $<) . + +provider_dist-linux-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz +provider_dist-linux-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz +provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz +provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz +provider_dist-windows-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz +provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 +.PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist + +help: + grep '^[^.#]\+:\s\+.*#' Makefile | \ + sed "s/\(.\+\):\s*\(.*\) #\s*\(.*\)/`printf "\033[93m"`\1`printf "\033[0m"` \3 [\2]/" | \ + expand -t20 + + +# Delegate any undefined target "foo" to its respective "default.foo" target, +# if it exists. +%: + @$(MAKE) -f defaults.mk "default.$@" + + diff --git a/provider-ci/test-providers/eks/.mk/vars.mk b/provider-ci/test-providers/eks/.mk/vars.mk new file mode 100644 index 0000000000..df27b0ca50 --- /dev/null +++ b/provider-ci/test-providers/eks/.mk/vars.mk @@ -0,0 +1,31 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made +# via https://github.com/pulumi/ci-mgmt. +# +# This file contains default variables consumed by CI workflows. +# +PACK := eks +ORG := pulumi +PROJECT := github.com/$(ORG)/pulumi-$(PACK) +PROVIDER_PATH := provider/v3 +VERSION_PATH := $(PROVIDER_PATH)/pkg/version.Version +SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json +PROVIDER := pulumi-resource-$(PACK) +JAVA_GEN := pulumi-java-gen +JAVA_GEN_VERSION := v0.16.1 +TESTPARALLELISM := 10 +WORKING_DIR := $(shell pwd) +PULUMI_PROVIDER_BUILD_PARALLELISM ?= +PULUMI_CONVERT := 0 +PULUMI_MISSING_DOCS_ERROR := true + +# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable +# Local & branch builds will just used this fixed default version unless specified +PROVIDER_VERSION ?= 3.0.0-alpha.0+dev +# Use this normalised version everywhere rather than the raw input to ensure consistency. +VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)") + +LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC) +LDFLAGS_UPSTREAM_VERSION= +LDFLAGS_EXTRAS= +LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS) + diff --git a/provider-ci/test-providers/eks/.upgrade-config.yml b/provider-ci/test-providers/eks/.upgrade-config.yml new file mode 100644 index 0000000000..0005a01982 --- /dev/null +++ b/provider-ci/test-providers/eks/.upgrade-config.yml @@ -0,0 +1,6 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +--- +upstream-provider-name: terraform-provider-eks +pulumi-infer-version: true +remove-plugins: true diff --git a/provider-ci/test-providers/eks/CODE-OF-CONDUCT.md b/provider-ci/test-providers/eks/CODE-OF-CONDUCT.md new file mode 100644 index 0000000000..995e13c009 --- /dev/null +++ b/provider-ci/test-providers/eks/CODE-OF-CONDUCT.md @@ -0,0 +1,80 @@ +# Contributor Covenant Code of Conduct + +## Our Pledge + +In the interest of fostering an open and welcoming environment, we as +contributors and maintainers pledge to making participation in our project and +our community a harassment-free experience for everyone, regardless of age, body +size, disability, ethnicity, gender identity and expression, level of experience, +education, socio-economic status, nationality, personal appearance, race, +religion, or sexual identity and orientation. + +## Our Standards + +Examples of behavior that contributes to creating a positive environment +include: + +* Using welcoming and inclusive language +* Being respectful of differing viewpoints and experiences +* Gracefully accepting constructive criticism +* Focusing on what is best for the community +* Showing empathy towards other community members +* Contribute in a positive and constructive way + +Examples of unacceptable behavior by participants include: + +* The use of sexualized language or imagery and unwelcome sexual attention or + advances +* Trolling, insulting/derogatory comments, and personal or political attacks +* Public or private harassment +* Publishing others' private information, such as a physical or electronic + address, without explicit permission +* Other conduct which could reasonably be considered inappropriate in a + professional setting + +## Our Community Guidelines +* Be clear and stay on topic. Communicating with strangers on the Internet can make it hard to convey or read tone, and sarcasm is frequently misunderstood. Try to use clear language, and think about how the other person will receive it. +* Don’t cross-post the same thing in multiple GitHub Discussion topics or multiple Slack channels. This can make it difficult for people answering your questions and creates "scrollback spam". +* Public discussion is preferred to private. Avoid using Slack DMs for questions, and instead share them in public Slack channels or GitHub Discussion threads. This allows a larger audience to both share their knowledge as well as learn from your question or issue. If you're having a problem, chances are someone else is having a similar problem. Learning in public is a community contribution. +* Minimize notifications to other community members. Avoid tagging other community members in Slack messages or Discussion threads, unless you are replying to something specific. Community members are here to help each other, but are not "on call" for support, and we expect everyone to try to minimize "notification fatigue". If your issue is time-sensitive or critical, use methods like support@pulumi.com instead. + +## Our Responsibilities + +Project maintainers are responsible for clarifying the standards of acceptable +behavior and are expected to take appropriate and fair corrective action in +response to any instances of unacceptable behavior. + +Project maintainers have the right and responsibility to remove, edit, or +reject comments, commits, code, wiki edits, issues, GitHub Discussions posts, +and other contributions that are not aligned to this Code of Conduct, or to ban +temporarily or permanently any contributor for other behaviors that they deem +inappropriate, threatening, offensive, or harmful. + +## Scope + +This Code of Conduct applies both within project spaces (including the Community Slack +and GitHub Discussions forums) and in public spaces when an individual is representing the +project or its community. Examples of representing a project or community include +using an official project e-mail address, posting via an official social media account, +or acting as an appointed representative at an online or offline event. Representation +of a project may be further defined and clarified by project maintainers. + +## Enforcement + +Instances of abusive, harassing, or otherwise unacceptable behavior may be +reported by contacting the project team at code-of-conduct@pulumi.com. All +complaints will be reviewed and investigated and will result in a response that +is deemed necessary and appropriate to the circumstances. The project team is +obligated to maintain confidentiality with regard to the reporter of an incident. +Further details of specific enforcement policies may be posted separately. + +Project maintainers who do not follow or enforce the Code of Conduct in good +faith may face temporary or permanent repercussions as determined by other +members of the project's leadership. + +## Attribution + +This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, +available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html + +[homepage]: https://www.contributor-covenant.org From 67ce814f42a4379286f35d775e1e569f0996c762 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Tue, 5 Nov 2024 15:16:07 -0800 Subject: [PATCH 04/16] Remove some bridge workflows --- .../.github/workflows/upgrade-bridge.yml | 108 ------------------ .../.github/workflows/upgrade-provider.yml | 74 ------------ .../eks/.github/workflows/upgrade-bridge.yml | 93 --------------- .../.github/workflows/upgrade-provider.yml | 62 ---------- 4 files changed, 337 deletions(-) delete mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml delete mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml delete mode 100644 provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml delete mode 100644 provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml deleted file mode 100644 index a57f276099..0000000000 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-bridge.yml +++ /dev/null @@ -1,108 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt - -name: Upgrade bridge -on: - repository_dispatch: - types: - - upgrade-bridge - - upgrade-bridge-test - workflow_dispatch: - inputs: - kind: - description: Overrides the kind of upgrade. Must be one of `all`, `bridge`, `provider`, `code`, `pf`, or `pulumi`. - required: false - type: string - default: "bridge" - target-bridge-version: - description: pulumi-terraform-bridge version or hash reference - required: false - type: string - default: "latest" - target-pulumi-version: - description: | - Set the version of `pulumi/pkg` and `pulumi/sdk` to depend on for bridged providers. Currently, - these versions inform the linked runtime and SDK generation in all languages except Java. Valid - options are: - - "": Use the same version as pulumi-terraform-bridge - - A go version such as "v3.90.1" - - A commit SHA in pulumi/pulumi such as "ac71ebc1d34e5ccfd1a7fed61e6ff43a3160f3cb" - required: false - type: string - default: "" - pr-reviewers: - description: Reviewers to assign to the auto-opened pull request - required: false - type: string - default: "" - pr-description: - description: Extra description to add to the auto-opened pull request - required: false - type: string - default: "" - pr-title-prefix: - description: Prefix to add to the auto-opened pull request title - required: false - type: string - default: "" - automerge: - description: Mark created PR for auto-merging? - required: false - type: boolean - default: false -env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -jobs: - upgrade_provider: - name: upgrade-provider - runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# - steps: - #{{- if .Config.FreeDiskSpaceBeforeBuild }}# - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# - with: - tool-cache: false - swap-storage: false - dotnet: false - #{{- end }}# - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# - - name: Call upgrade provider action - if: github.event_name == 'workflow_dispatch' - uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# - with: - kind: ${{ inputs.kind }} - email: bot@pulumi.com - username: pulumi-bot - automerge: ${{ inputs.automerge }} - target-bridge-version: ${{ inputs.target-bridge-version }} - target-pulumi-version: ${{ inputs.target-pulumi-version }} - #{{- if .Config.JavaGenVersion }}# - target-java-version: #{{ .Config.JavaGenVersion }}# - #{{- end }}# - pr-reviewers: ${{ inputs.pr-reviewers }} - pr-description: ${{ inputs.pr-description }} - pr-title-prefix: ${{ inputs.pr-title-prefix }} - - name: Call upgrade provider action - if: github.event_name == 'repository_dispatch' - uses: #{{ .Config.ActionVersions.UpgradeProviderAction }}# - with: - kind: ${{ github.event.client_payload.kind || 'bridge' }} - email: bot@pulumi.com - username: pulumi-bot - automerge: ${{ github.event.client_payload.automerge }} - target-pulumi-version: ${{ github.event.client_payload.target-pulumi-version }} - target-bridge-version: ${{ github.event.client_payload.target-bridge-version }} - pr-reviewers: ${{ github.event.client_payload.pr-reviewers }} - pr-description: ${{ github.event.client_payload.pr-description }} - pr-title-prefix: ${{ github.event.client_payload.pr-title-prefix }} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml deleted file mode 100644 index b3fc44ce7c..0000000000 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/upgrade-provider.yml +++ /dev/null @@ -1,74 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt - -name: Upgrade provider -on: - workflow_dispatch: - inputs: - version: - description: | - The version of the upstream provider to upgrade to, without the 'v' prefix - - If no version is specified, it will be inferred from the upstream provider's release tags. - required: false - type: string - schedule: - # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. - - cron: 0 3 * * * - -env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -jobs: - upgrade_provider: - name: upgrade-provider - runs-on: #{{ .Config.Runner.Default }}# - if: #{{ .Config.CheckUpstreamUpgrade }}# - steps: - #{{- if .Config.FreeDiskSpaceBeforeBuild }}# - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# - with: - tool-cache: false - swap-storage: false - dotnet: false - #{{- end }}# - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - # Persist credentials so upgrade-provider can push a new branch. - persist-credentials: true - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# - - name: Install upgrade-provider - run: go install github.com/pulumi/upgrade-provider@main - shell: bash - - name: "Set up git identity" - run: | - git config --global user.name 'bot@pulumi.com' - git config --global user.email 'bot@pulumi.com' - shell: bash - - name: Create issues for new upstream version - if: inputs.version == '' - id: upstream_version - # This step outputs `latest_version` if there is a pending upgrade - run: upgrade-provider "$REPO" --kind=check-upstream-version - env: - REPO: ${{ github.repository }} - shell: bash - - name: Calculate target version - id: target_version - # Prefer the manually specified version if it exists - # upstream_version will be empty if the provider is up-to-date - run: echo "version=${{ github.event.inputs.version || steps.upstream_version.outputs.latest_version }}" >> "$GITHUB_OUTPUT" - shell: bash - - name: Attempt provider upgrade - # Only attempt the upgrade if we have a target version - if: steps.target_version.outputs.version != '' - run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" #{{ if .Config.JavaGenVersion }}#--java-version="#{{ .Config.JavaGenVersion }}#"#{{ end }}# - shell: bash diff --git a/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml b/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml deleted file mode 100644 index 639cbed527..0000000000 --- a/provider-ci/test-providers/eks/.github/workflows/upgrade-bridge.yml +++ /dev/null @@ -1,93 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt - -name: Upgrade bridge -on: - repository_dispatch: - types: - - upgrade-bridge - - upgrade-bridge-test - workflow_dispatch: - inputs: - kind: - description: Overrides the kind of upgrade. Must be one of `all`, `bridge`, `provider`, `code`, `pf`, or `pulumi`. - required: false - type: string - default: "bridge" - target-bridge-version: - description: pulumi-terraform-bridge version or hash reference - required: false - type: string - default: "latest" - target-pulumi-version: - description: | - Set the version of `pulumi/pkg` and `pulumi/sdk` to depend on for bridged providers. Currently, - these versions inform the linked runtime and SDK generation in all languages except Java. Valid - options are: - - "": Use the same version as pulumi-terraform-bridge - - A go version such as "v3.90.1" - - A commit SHA in pulumi/pulumi such as "ac71ebc1d34e5ccfd1a7fed61e6ff43a3160f3cb" - required: false - type: string - default: "" - pr-reviewers: - description: Reviewers to assign to the auto-opened pull request - required: false - type: string - default: "" - pr-description: - description: Extra description to add to the auto-opened pull request - required: false - type: string - default: "" - pr-title-prefix: - description: Prefix to add to the auto-opened pull request title - required: false - type: string - default: "" - automerge: - description: Mark created PR for auto-merging? - required: false - type: boolean - default: false -env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -jobs: - upgrade_provider: - name: upgrade-provider - runs-on: ubuntu-latest - steps: - - name: Checkout Repo - uses: actions/checkout@v4 - with: - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java - - name: Call upgrade provider action - if: github.event_name == 'workflow_dispatch' - uses: pulumi/pulumi-upgrade-provider-action@v0.0.12 - with: - kind: ${{ inputs.kind }} - email: bot@pulumi.com - username: pulumi-bot - automerge: ${{ inputs.automerge }} - target-bridge-version: ${{ inputs.target-bridge-version }} - target-pulumi-version: ${{ inputs.target-pulumi-version }} - pr-reviewers: ${{ inputs.pr-reviewers }} - pr-description: ${{ inputs.pr-description }} - pr-title-prefix: ${{ inputs.pr-title-prefix }} - - name: Call upgrade provider action - if: github.event_name == 'repository_dispatch' - uses: pulumi/pulumi-upgrade-provider-action@v0.0.12 - with: - kind: ${{ github.event.client_payload.kind || 'bridge' }} - email: bot@pulumi.com - username: pulumi-bot - automerge: ${{ github.event.client_payload.automerge }} - target-pulumi-version: ${{ github.event.client_payload.target-pulumi-version }} - target-bridge-version: ${{ github.event.client_payload.target-bridge-version }} - pr-reviewers: ${{ github.event.client_payload.pr-reviewers }} - pr-description: ${{ github.event.client_payload.pr-description }} - pr-title-prefix: ${{ github.event.client_payload.pr-title-prefix }} diff --git a/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml b/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml deleted file mode 100644 index 6f3c1f7359..0000000000 --- a/provider-ci/test-providers/eks/.github/workflows/upgrade-provider.yml +++ /dev/null @@ -1,62 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt - -name: Upgrade provider -on: - workflow_dispatch: - inputs: - version: - description: | - The version of the upstream provider to upgrade to, without the 'v' prefix - - If no version is specified, it will be inferred from the upstream provider's release tags. - required: false - type: string - schedule: - # 3 AM UTC ~ 8 PM PDT / 7 PM PST daily. Time chosen to run during off hours. - - cron: 0 3 * * * - -env: - GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} -jobs: - upgrade_provider: - name: upgrade-provider - runs-on: ubuntu-latest - if: true - steps: - - name: Checkout Repo - uses: actions/checkout@v4 - with: - # Persist credentials so upgrade-provider can push a new branch. - persist-credentials: true - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java - - name: Install upgrade-provider - run: go install github.com/pulumi/upgrade-provider@main - shell: bash - - name: "Set up git identity" - run: | - git config --global user.name 'bot@pulumi.com' - git config --global user.email 'bot@pulumi.com' - shell: bash - - name: Create issues for new upstream version - if: inputs.version == '' - id: upstream_version - # This step outputs `latest_version` if there is a pending upgrade - run: upgrade-provider "$REPO" --kind=check-upstream-version - env: - REPO: ${{ github.repository }} - shell: bash - - name: Calculate target version - id: target_version - # Prefer the manually specified version if it exists - # upstream_version will be empty if the provider is up-to-date - run: echo "version=${{ github.event.inputs.version || steps.upstream_version.outputs.latest_version }}" >> "$GITHUB_OUTPUT" - shell: bash - - name: Attempt provider upgrade - # Only attempt the upgrade if we have a target version - if: steps.target_version.outputs.version != '' - run: upgrade-provider "${{ github.repository }}" --kind="all" --target-version="${{ steps.target_version.outputs.version }}" - shell: bash From f20013d06781629213eae9504ab9b191d6e08071 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Wed, 6 Nov 2024 09:27:09 -0800 Subject: [PATCH 05/16] fix license --- .../generic/.github/workflows/license.yml | 48 +++++++++++++++++++ .../eks/.github/workflows/license.yml | 1 - 2 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/license.yml diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/license.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/license.yml new file mode 100644 index 0000000000..60cf36f2a6 --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/license.yml @@ -0,0 +1,48 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: license_check + +on: + workflow_call: + inputs: {} + +env: +#{{ .Config.Env | toYaml | indent 2 }}# + +jobs: + license_check: + name: License Check + runs-on: #{{ .Config.Runner.Default }}# + steps: + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go + - uses: pulumi/license-check-action@main + with: + module-path: provider + ignore-modules: >- + #{{ range $ignore := .Config.License.Ignore }}# + #{{- $ignore -}}#, + #{{ end -}}# + github.com/aead/chacha20, + github.com/apache/arrow/go/v12, + github.com/apache/thrift/lib/go/thrift, + github.com/cloudflare/circl, + github.com/golang, + github.com/gorhill/cronexpr, + github.com/in-toto/in-toto-golang, + github.com/jmespath/go-jmespath, + github.com/keybase/go-crypto, + github.com/klauspost/compress, + github.com/mattn/go-localereader, + github.com/modern-go/reflect2, + github.com/pierrec/lz4, + github.com/pjbgf/sha1cd, + github.com/pulumi, + github.com/segmentio/asm, + golang.org diff --git a/provider-ci/test-providers/eks/.github/workflows/license.yml b/provider-ci/test-providers/eks/.github/workflows/license.yml index ba478c114a..daa10f0a6a 100644 --- a/provider-ci/test-providers/eks/.github/workflows/license.yml +++ b/provider-ci/test-providers/eks/.github/workflows/license.yml @@ -45,7 +45,6 @@ jobs: uses: ./.github/actions/setup-tools with: tools: go - - run: make upstream - uses: pulumi/license-check-action@main with: module-path: provider From db9d82fc26bfa277e025375ac501fe352354e40b Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Wed, 6 Nov 2024 09:29:20 -0800 Subject: [PATCH 06/16] no tfgen binary --- .../templates/generic/.github/actions/upload-bin/action.yml | 4 ++-- .../test-providers/eks/.github/actions/upload-bin/action.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml b/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml index 0eb4de272c..d3bcea14d1 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/actions/upload-bin/action.yml @@ -1,12 +1,12 @@ name: Upload bin assets -description: Uploads the provider and tfgen binaries to `bin/`. +description: Uploads the provider binaries to `bin/`. runs: using: "composite" steps: - name: Tar provider binaries shell: bash - run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-#{{ .Config.Provider }}# pulumi-tfgen-#{{ .Config.Provider }}# + run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-#{{ .Config.Provider }}# - name: Upload artifacts uses: #{{ .Config.ActionVersions.UploadArtifact }}# with: diff --git a/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml b/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml index da9ce2eacc..d0b01b0af5 100644 --- a/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml +++ b/provider-ci/test-providers/eks/.github/actions/upload-bin/action.yml @@ -1,12 +1,12 @@ name: Upload bin assets -description: Uploads the provider and tfgen binaries to `bin/`. +description: Uploads the provider binaries to `bin/`. runs: using: "composite" steps: - name: Tar provider binaries shell: bash - run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-eks pulumi-tfgen-eks + run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-eks - name: Upload artifacts uses: actions/upload-artifact@v4 with: From ca29c24e576b18d283f68fa9fc9708968f3a5946 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:36:28 -0800 Subject: [PATCH 07/16] use codecov instead of s3 --- .../generic/.github/workflows/main.yml | 53 +++---------------- .../.github/workflows/prerequisites.yml | 4 ++ .../workflows/run-acceptance-tests.yml | 19 ++++--- 3 files changed, 25 insertions(+), 51 deletions(-) diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml index 1599cb9750..0b1be137de 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml @@ -26,49 +26,6 @@ jobs: with: version: ${{ needs.prerequisites.outputs.version }} - generate_coverage_data: - continue-on-error: true - env: - COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }} - name: generate_coverage_data - needs: prerequisites - runs-on: #{{ .Config.Runner.Default }}# - steps: - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@v1.3.1 - with: - tool-cache: false - swap-storage: false - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - persist-credentials: false - - name: Configure AWS Credentials - uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# - with: - aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} - aws-region: us-west-2 - aws-secret-access-key: ${{ secrets.AWS_CORP_S3_UPLOAD_SECRET_ACCESS_KEY }} - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, go, schema-tools - - name: Echo Coverage Output Dir - run: 'echo "Coverage output directory: ${{ env.COVERAGE_OUTPUT_DIR }}"' - - name: Generate Coverage Data - run: PULUMI_MISSING_DOCS_ERROR=true make tfgen - - name: Summarize Provider Coverage Results - run: cat ${{ env.COVERAGE_OUTPUT_DIR }}/shortSummary.txt - - name: Upload coverage data to S3 - run: >- - summaryName="${PROVIDER}_summary_$(date +"%Y-%m-%d_%H-%M-%S").json" - - s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" - - aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control #{{ if .Config.Lint -}}# lint: name: lint @@ -228,8 +185,14 @@ jobs: working-directory: provider run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 #{{- end }}# - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + - name: Run example tests + run: make test_${{ matrix.language }} + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml index 7133fe35c0..696e9272d5 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml @@ -72,6 +72,10 @@ jobs: run: make provider_no_deps - name: Unit-test provider code run: make test_provider + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: inputs.is_pr name: Check Schema is Valid run: | diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml index fa05977183..e8ff0cdef4 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml @@ -225,12 +225,19 @@ jobs: working-directory: provider run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . #{{- end }}# - - name: Run tests - if: matrix.testTarget == 'local' - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . - - name: Run pulumi/examples tests - if: matrix.testTarget == 'pulumiExamples' - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . + working-directory: examples # TODO: Parameterize this. + flags: -tags=all + total: ${{ matrix.total }} + index: ${{ matrix.index }} + - name: Run example tests + run: make test_shard + env: + TAGS: all + TESTS: ${{ steps.shard.outputs.run}} + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} strategy: fail-fast: false matrix: From 6d51cba243de3cdf1059f68557e9452b83bf6af5 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:44:01 -0800 Subject: [PATCH 08/16] Remove extraTests, sshPrivateKey, preTest, gotestfmt --- provider-ci/internal/pkg/config.go | 12 ++++++ .../generic/.github/workflows/main.yml | 35 ------------------ .../.github/workflows/nightly-test.yml | 32 +--------------- .../generic/.github/workflows/prerelease.yml | 37 +------------------ .../generic/.github/workflows/release.yml | 37 +------------------ .../workflows/run-acceptance-tests.yml | 32 +--------------- 6 files changed, 19 insertions(+), 166 deletions(-) diff --git a/provider-ci/internal/pkg/config.go b/provider-ci/internal/pkg/config.go index 2a8e3c3aef..57cdd097b9 100644 --- a/provider-ci/internal/pkg/config.go +++ b/provider-ci/internal/pkg/config.go @@ -122,10 +122,14 @@ type Config struct { // ExtraTests run as part of `run-acceptance-tests.yml`, `master.yml`, // `main.yml`, `prerelease.yml` and `release.yml`. Only used for aws: // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22extraTests%3A%22&type=code + // + // Not available in generic providers -- override make targets instead. ExtraTests map[string]any `yaml:"extraTests"` // Only used by AWS... // IntegrationTestProvider will run e2e tests in the provider as well as in // the examples directory when set to true. Defaults to false. + // + // Not available in generic providers -- override make targets instead. IntegrationTestProvider bool `yaml:"integrationTestProvider"` // TestPulumiExamples runs e2e tests using the examples and test suite in @@ -204,6 +208,9 @@ type Config struct { // tests in CI job. This should be provided from a secret. Used by the // docker provider only: // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22sshPrivateKey%3A%22&type=code + // + // Not available in generic providers -- see docker-build for an example of + // how to programatically generate a key. SSHPrivateKey string `yaml:"sshPrivateKey"` // GCP authenticates with GCP before running tests in CI job. Used in gcp @@ -219,6 +226,8 @@ type Config struct { // SetupScript executes a script before running tests in CI job. Used in 3 // providers: // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22setup-script%3A%22&type=code + // + // Not available in generic providers -- override make targets instead. SetupScript string `yaml:"setup-script"` // GenerateNightlyTestWorkflow will include the nightly-test workflow. Used @@ -255,6 +264,9 @@ type Config struct { // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22parallel%3A%22&type=code Parallel int `yaml:"parallel"` + // Shards controls how many jobs integration tests are distributed across. + Shards int `yaml:"shards"` + // Hybrid has no effect but is set by the docker provider. // https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22hybrid%3A%22&type=code Hybrid bool `yaml:"hybrid"` diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml index 0b1be137de..747e1deefc 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml @@ -47,9 +47,6 @@ jobs: - build_provider - test - license_check - #{{- range $action, $_ := .Config.ExtraTests }}# - - #{{ $action }}# - #{{- end }}# uses: ./.github/workflows/publish.yml secrets: inherit with: @@ -156,37 +153,8 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.SetupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# -#{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 - #{{- end }}# - - name: Run example tests - run: make test_${{ matrix.language }} - name: Upload coverage reports to Codecov uses: codecov/codecov-action@v4 env: @@ -198,9 +166,6 @@ jobs: matrix: language: #{{ .Config.Languages | toYaml | indent 8 }}# -#{{- if .Config.ExtraTests }}# -#{{ .Config.ExtraTests | toYaml | indent 2 }}# -#{{ end }}# name: #{{ .Config.ProviderDefaultBranch }}# on: workflow_dispatch: {} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml index ecaf9a8c6b..53b8e552b2 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml @@ -108,38 +108,10 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.SetupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - if: matrix.testTarget == 'local' - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - #{{- end }}# - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + - name: Run example tests + run: make test_${{ matrix.language }} # TODO: Use test_shard. strategy: fail-fast: false matrix: diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml index 7564d14c58..c2163c4213 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml @@ -48,9 +48,6 @@ jobs: - build_provider - test - license_check - #{{- range $action, $_ := .Config.ExtraTests }}# - - #{{ $action }}# - #{{- end }}# uses: ./.github/workflows/publish.yml secrets: inherit with: @@ -138,45 +135,15 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.SetupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - #{{- end }}# - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: language: #{{ .Config.Languages | toYaml | indent 8 }}# -#{{- if .Config.ExtraTests }}# -#{{ .Config.ExtraTests | toYaml | indent 2 }}# -#{{ end }}# name: prerelease on: diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml index 2482185733..99ee48bcef 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml @@ -57,9 +57,6 @@ jobs: - build_provider - test - license_check - #{{- range $action, $_ := .Config.ExtraTests }}# - - #{{ $action }}# - #{{- end }}# uses: ./.github/workflows/publish.yml secrets: inherit with: @@ -147,42 +144,12 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.SetupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - #{{- end }}# - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: language: #{{ .Config.Languages | toYaml | indent 8 }}# -#{{- if .Config.ExtraTests }}# -#{{ .Config.ExtraTests | toYaml | indent 2 }}# -#{{ end }}# diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml index e8ff0cdef4..7713b656fe 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml @@ -88,9 +88,6 @@ jobs: #{{- if .Config.Lint }}# - lint #{{- end }}# - #{{- range $action, $_ := .Config.ExtraTests }}# - - #{{ $action }}# - #{{- end }}# runs-on: #{{ .Config.Runner.Default }}# steps: - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 @@ -105,6 +102,7 @@ jobs: # otherwise use the current SHA for any other type of build. sha: ${{ github.event.pull_request.head.sha || github.sha }} + # TODO: Extract into shared action. test: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository @@ -195,36 +193,11 @@ jobs: - name: Login to Google Cloud Registry run: gcloud --quiet auth configure-docker #{{- end }}# - #{{- if .Config.SSHPrivateKey }}# - - name: Setup SSH key - uses: webfactory/ssh-agent@v0.7.0 - with: - ssh-private-key: #{{ .Config.SSHPrivateKey }}# - #{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Prepare upstream code - run: make upstream - #{{- end }}# - #{{- if index .Config.SetupScript }}# - - name: Run setup script - run: #{{ index .Config.setupScript }}# - #{{- end }}# - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Install gotestfmt uses: GoTestTools/gotestfmt-action@v2 with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 -#{{- if .Config.Actions.PreTest }}# -#{{ .Config.Actions.PreTest | toYaml | indent 4 }}# -#{{- end }}# - #{{- if .Config.IntegrationTestProvider }}# - - name: Run provider tests - if: matrix.testTarget == 'local' - working-directory: provider - run: go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - #{{- end }}# working-directory: examples # TODO: Parameterize this. flags: -tags=all total: ${{ matrix.total }} @@ -252,6 +225,3 @@ jobs: name: License Check uses: ./.github/workflows/license.yml secrets: inherit -#{{- if .Config.ExtraTests }}# -#{{ .Config.ExtraTests | toYaml | indent 2 }}# -#{{ end }}# From 26d37d05e76d7a2acf139ce20e42534a7c8b191c Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:48:13 -0800 Subject: [PATCH 09/16] remove some upstream/tf references --- .../generic/.github/workflows/build_provider.yml | 3 --- .../templates/generic/.github/workflows/prerequisites.yml | 8 ++------ 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml index b02e5ceec2..0d927b45bf 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml @@ -57,9 +57,6 @@ jobs: # Avoid creating directories for each artifact merge-multiple: true path: provider/cmd/pulumi-resource-#{{ .Config.Provider }}#/schema-embed.json - - name: Prepare for build - # This installs plugins and prepares upstream - run: make upstream - name: Build & package provider run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} - name: Upload artifacts diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml index 696e9272d5..2ceb6c32d7 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerequisites.yml @@ -53,8 +53,6 @@ jobs: path: | .pulumi/examples-cache key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} - - name: Prepare upstream code - run: make upstream - name: Setup tools uses: ./.github/actions/setup-tools with: @@ -62,14 +60,12 @@ jobs: #{{- if .Config.Actions.PreBuild }}# #{{ .Config.Actions.PreBuild | toYaml | indent 4 }}# #{{- end }}# - - name: Build schema generator binary - run: make tfgen_build_only - name: Install plugins run: make install_plugins - name: Generate schema - run: make tfgen_no_deps + run: make schema - name: Build provider binary - run: make provider_no_deps + run: make provider - name: Unit-test provider code run: make test_provider - name: Upload coverage reports to Codecov From 96a9aa2f747cd9ebd330e3973f7b9a19b7b8df71 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:49:28 -0800 Subject: [PATCH 10/16] don't shard by language --- .../pkg/templates/defaults.config.yaml | 2 ++ .../.github/workflows/build_provider.yml | 2 +- .../workflows/run-acceptance-tests.yml | 34 ++++++++----------- .../pkg/templates/generic/.mk/vars.mk | 4 ++- 4 files changed, 20 insertions(+), 22 deletions(-) diff --git a/provider-ci/internal/pkg/templates/defaults.config.yaml b/provider-ci/internal/pkg/templates/defaults.config.yaml index 945e1c7f41..6c9d62aeb4 100644 --- a/provider-ci/internal/pkg/templates/defaults.config.yaml +++ b/provider-ci/internal/pkg/templates/defaults.config.yaml @@ -205,6 +205,8 @@ checkUpstreamUpgrade: true # Used in 5 providers: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22goBuildParallelism%22&type=code #goBuildParallelism: 1 +shards: 10 + # Sets PULUMI_CONVERT to 1 if truthy # Is set to "1" in 74 providers: https://github.com/search?q=org%3Apulumi+path%3A.ci-mgmt.yaml+%22pulumiConvert%22&type=code #pulumiConvert: false diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml index 0d927b45bf..d8c528c4a7 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/build_provider.yml @@ -63,5 +63,5 @@ jobs: uses: #{{ .Config.ActionVersions.UploadArtifact }}# with: name: pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz - path: bin/pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: dist/pulumi-resource-#{{ .Config.Provider }}#-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz retention-days: 30 diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml index 7713b656fe..217245edb3 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml @@ -134,29 +134,23 @@ jobs: submodules: #{{ .Config.CheckoutSubmodules }}# #{{- end }}# persist-credentials: false - - name: Checkout p/examples - if: matrix.testTarget == 'pulumiExamples' - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - repository: pulumi/examples - path: p-examples - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumictl, pulumicli, ${{ matrix.language }} + tools: pulumictl, pulumicli, go, nodejs, python, dotnet, java - name: Download bin uses: ./.github/actions/download-bin - name: Add NuGet source - if: matrix.language == 'dotnet' run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK + #{{- range $_, $language := .Config.Languages }}# + - name: Download #{{ $language }}# SDK uses: ./.github/actions/download-sdk with: - language: ${{ matrix.language }} + language: #{{ $language }}# + #{{- end }}# - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps - if: matrix.language == 'python' run: |- pip3 install virtualenv==20.0.23 pip3 install pipenv @@ -194,9 +188,10 @@ jobs: run: gcloud --quiet auth configure-docker #{{- end }}# - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 + run: make install_sdks + - name: Generate shard + id: shard + uses: hashicorp-forge/go-test-split-action@v2.0.0 with: working-directory: examples # TODO: Parameterize this. flags: -tags=all @@ -214,12 +209,11 @@ jobs: strategy: fail-fast: false matrix: - language: -#{{ .Config.Languages | toYaml | indent 8 }}# - #{{- if .Config.TestPulumiExamples }}# - testTarget: [local, pulumiExamples] - #{{- else }}# - testTarget: [local] + total: + - #{{ .Config.Shards }}# + index: + #{{- range $i, $_ := until .Config.Shards }}# + - #{{ $i }}# #{{- end }}# license_check: name: License Check diff --git a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk index a88499ed71..e5e0663de2 100644 --- a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk +++ b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk @@ -16,7 +16,9 @@ SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json PROVIDER := pulumi-resource-$(PACK) JAVA_GEN := pulumi-java-gen JAVA_GEN_VERSION := v0.16.1 -TESTPARALLELISM := 10 +TESTPARALLELISM ?= 10 +TAGS ?= all +TESTSHARDS ?= #{{ .Config.Shards }}# WORKING_DIR := $(shell pwd) #{{- if .Config.GoBuildParallelism }}# PULUMI_PROVIDER_BUILD_PARALLELISM ?= -p #{{ .Config.GoBuildParallelism }}# From 532251498fa54d37b5fadf6fa6eed083caee8a7a Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:51:51 -0800 Subject: [PATCH 11/16] remove default makefile targets for now --- .../pkg/templates/generic/.mk/defaults.mk | 234 ------------------ .../pkg/templates/generic/.mk/vars.mk | 49 ---- .../test-providers/eks/.mk/defaults.mk | 225 ----------------- provider-ci/test-providers/eks/.mk/vars.mk | 31 --- 4 files changed, 539 deletions(-) delete mode 100644 provider-ci/internal/pkg/templates/generic/.mk/defaults.mk delete mode 100644 provider-ci/internal/pkg/templates/generic/.mk/vars.mk delete mode 100644 provider-ci/test-providers/eks/.mk/defaults.mk delete mode 100644 provider-ci/test-providers/eks/.mk/vars.mk diff --git a/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk b/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk deleted file mode 100644 index 8501b07248..0000000000 --- a/provider-ci/internal/pkg/templates/generic/.mk/defaults.mk +++ /dev/null @@ -1,234 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made -# via https://github.com/pulumi/ci-mgmt. -# -# This file contains default make targets consumed by CI workflows. This targets are no-ops and are intended to be -# -# does not -# make any assumptions about the provider such as its language, file structure, -# etc. -# -# A top-level `Makefile` is required and must implement provider-specific -# targets like `test`. -# -# In order to use these targets, the top-level Makefile must include this file: -# -# include .mk/defaults.mk -# -# If the top-level Makefile implements a target like `test`, then this will be -# invoked in CI. Otherwise, the `default.test` target will be used. - -include .mk/vars.mk - -# Implement `prerequisites` to run custom logic before all SDK and provider build steps. -default.prebuild: - @echo "No prerequisites to build" - -default.development: install_plugins provider build_sdks install_sdks - -default.build: install_plugins provider build_sdks install_sdks - -default.build_sdks: #{{ range .Config.Languages }}#build_#{{ . }}# #{{ end }}##{{- if .Config.RegistryDocs }}#build_registry_docs#{{- end }}# - -default.install_go_sdk: - -default.install_java_sdk: - -default.install_python_sdk: - -default.install_sdks: install_dotnet_sdk install_python_sdk install_nodejs_sdk install_java_sdk - - -default.build_dotnet: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_dotnet: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_dotnet: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_dotnet: prebuild - rm -rf sdk/dotnet - PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) dotnet --out sdk/dotnet/ - cd sdk/dotnet/ && \ - printf "module fake_dotnet_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - echo "$(VERSION_GENERIC)" >version.txt && \ - dotnet build - -default.build_go: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_go: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_go: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_go: prebuild - PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) go --out sdk/go/ - cd sdk && go list "$$(grep -e "^module" go.mod | cut -d ' ' -f 2)/go/..." | xargs -I {} bash -c 'go build {} && go clean -i {}' - -default.build_java: PACKAGE_VERSION := $(VERSION_GENERIC) -default.build_java: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_java: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_java: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_java: bin/pulumi-java-gen -default.build_java: prebuild - rm -rf sdk/java/ - $(WORKING_DIR)/bin/$(JAVA_GEN) generate --schema $(SCHEMA_PATH) --out sdk/java --build gradle-nexus - cd sdk/java/ && \ - printf "module fake_java_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - gradle --console=plain build && \ - gradle --console=plain javadoc - -default.build_nodejs: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_nodejs: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_nodejs: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_nodejs: prebuild - rm -rf sdk/nodejs/ - cd sdk/nodejs/ && \ - printf "module fake_nodejs_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - yarn install && \ - yarn run tsc && \ - cp ../../README.md ../../LICENSE* package.json yarn.lock ./bin/ - -default.build_python: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_python: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_python: export PULggUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_python: prebuild - rm -rf sdk/python/ - cd sdk/python/ && \ - printf "module fake_python_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - cp ../../README.md . && \ - rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \ - rm ./bin/go.mod && \ - python3 -m venv venv && \ - ./venv/bin/python -m pip install build==1.2.1 && \ - cd ./bin && \ - ../venv/bin/python -m build . -#{{- if .Config.RegistryDocs }}# - -# Run the bridge's registry-docs command to generated the content of the installation docs/ folder at provider repo root -default.build_registry_docs: - $(WORKING_DIR)/bin/$(TFGEN) registry-docs --out $(WORKING_DIR)/docs -#{{- end }}# - -default.clean: - rm -rf sdk/{dotnet,nodejs,go,python} - rm -rf $(WORKING_DIR)/bin - -default.docs: - @echo "Define a `docs` target to generate docs." - -default.install_dotnet_sdk: - mkdir -p $(WORKING_DIR)/nuget - find . -name '*.nupkg' -print -exec cp -p {} $(WORKING_DIR)/nuget \; - -default.install_nodejs_sdk: - yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin - -default.install_plugins: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.install_plugins: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.install_plugins: .pulumi/bin/pulumi - #{{- range .Config.Plugins }}# - .pulumi/bin/pulumi plugin install #{{ or .Kind "resource" }}# #{{ .Name }}# #{{ .Version }}# - #{{- end }}# - -default.lint_provider: provider - cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml - -# `lint_provider.fix` is a utility target meant to be run manually -# that will run the linter and fix errors when possible. -default.lint_provider.fix: - cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml --fix - -# `make provider_no_deps` builds the provider binary directly, without ensuring that -# `cmd/pulumi-resource-#{{ .Config.Provider }}#/schema.json` is valid and up to date. -# To create a release ready binary, you should use `make provider`. -default.provider: - (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)) - -default.test: export PATH := $(WORKING_DIR)/bin:$(PATH) -default.test: - cd examples && go test -v -tags=all -parallel $(TESTPARALLELISM) -timeout 2h - -default.test_provider: - @echo "" - @echo "== test_provider ===================================================================" - @echo "" - cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) - -default.bin/pulumi-java-gen: - mkdir -p bin/ - pulumictl download-binary -n pulumi-language-java -v $(JAVA_GEN_VERSION) -r pulumi/pulumi-java - -# To make an immediately observable change to .ci-mgmt.yaml: -# -# - Edit .ci-mgmt.yaml -# - Run make ci-mgmt to apply the change locally. -# -default.ci-mgmt: .ci-mgmt.yaml - go run github.com/pulumi/ci-mgmt/provider-ci@master generate \ - --name $(ORG)/pulumi-$(PACK) \ - --out . \ - --template #{{ .Config.Template }}# \ - --config $< - -# Because some codegen depends on the version of the CLI used, we install a local CLI -# version pinned to the same version as `provider/go.mod`. -# -# This logic compares the version of .pulumi/bin/pulumi already installed. If it matches -# the desired version, we just print. Otherwise we (re)install pulumi at the desired -# version. -default..pulumi/bin/pulumi: .pulumi/version - @if [ -x .pulumi/bin/pulumi ] && [ "v$$(cat .pulumi/version)" = "$$(.pulumi/bin/pulumi version)" ]; then \ - echo "pulumi/bin/pulumi version: v$$(cat .pulumi/version)"; \ - else \ - curl -fsSL https://get.pulumi.com | \ - HOME=$(WORKING_DIR) sh -s -- --version "$$(cat .pulumi/version)"; \ - fi - -# Compute the version of Pulumi to use by inspecting the Go dependencies of the provider. -default..pulumi/version: provider/go.mod - @mkdir -p .pulumi - @cd provider && go list -f "{{slice .Version 1}}" -m github.com/pulumi/pulumi/pkg/v3 | tee ../$@ - -.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup#{{ if .Config.DocsCmd }}# docs#{{end}}# help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test prerequisites ci-mgmt test_provider - -# Provider cross-platform build & packaging - -# These targets assume that the schema-embed.json exists - it's generated by tfgen. -# We disable CGO to ensure that the binary is statically linked. -bin/linux-amd64/$(PROVIDER): TARGET := linux-amd64 -bin/linux-arm64/$(PROVIDER): TARGET := linux-arm64 -bin/darwin-amd64/$(PROVIDER): TARGET := darwin-amd64 -bin/darwin-arm64/$(PROVIDER): TARGET := darwin-arm64 -bin/windows-amd64/$(PROVIDER).exe: TARGET := windows-amd64 -bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: - @# check the TARGET is set - test $(TARGET) - cd provider && \ - export GOOS=$$(echo "$(TARGET)" | cut -d "-" -f 1) && \ - export GOARCH=$$(echo "$(TARGET)" | cut -d "-" -f 2) && \ - export CGO_ENABLED=0 && \ - go build -o "${WORKING_DIR}/$@" $(PULUMI_PROVIDER_BUILD_PARALLELISM) -ldflags "$(LDFLAGS)" "$(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)" - -bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe -bin/$(PROVIDER)-v$(VERSION_GENERIC)-%.tar.gz: - @mkdir -p dist - @# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz - @# $@ is the current target e.g. bin/pulumi-resource-xyz-v1.2.3-linux-amd64.tar.gz - tar --gzip -cf $@ README.md LICENSE -C $$(dirname $<) . - -provider_dist-linux-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz -provider_dist-linux-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz -provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz -provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz -provider_dist-windows-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz -provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 -.PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist - -help: - grep '^[^.#]\+:\s\+.*#' Makefile | \ - sed "s/\(.\+\):\s*\(.*\) #\s*\(.*\)/`printf "\033[93m"`\1`printf "\033[0m"` \3 [\2]/" | \ - expand -t20 - - -# Delegate any undefined target "foo" to its respective "default.foo" target, -# if it exists. -%: - @$(MAKE) -f defaults.mk "default.$@" - - diff --git a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk b/provider-ci/internal/pkg/templates/generic/.mk/vars.mk deleted file mode 100644 index e5e0663de2..0000000000 --- a/provider-ci/internal/pkg/templates/generic/.mk/vars.mk +++ /dev/null @@ -1,49 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made -# via https://github.com/pulumi/ci-mgmt. -# -# This file contains default variables consumed by CI workflows. -# -PACK := #{{ .Config.Provider }}# -ORG := #{{ .Config.Organization }}# -PROJECT := github.com/$(ORG)/pulumi-$(PACK) -#{{- if ge .Config.MajorVersion 2 }}# -PROVIDER_PATH := provider/v#{{ .Config.MajorVersion }}# -#{{- else }}# -PROVIDER_PATH := provider -#{{- end }}# -VERSION_PATH := $(PROVIDER_PATH)/pkg/version.Version -SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json -PROVIDER := pulumi-resource-$(PACK) -JAVA_GEN := pulumi-java-gen -JAVA_GEN_VERSION := v0.16.1 -TESTPARALLELISM ?= 10 -TAGS ?= all -TESTSHARDS ?= #{{ .Config.Shards }}# -WORKING_DIR := $(shell pwd) -#{{- if .Config.GoBuildParallelism }}# -PULUMI_PROVIDER_BUILD_PARALLELISM ?= -p #{{ .Config.GoBuildParallelism }}# -#{{- else }}# -PULUMI_PROVIDER_BUILD_PARALLELISM ?= -#{{- end }}# -#{{- if .Config.PulumiConvert }}# -PULUMI_CONVERT := 1 -#{{- else }}# -PULUMI_CONVERT := 0 -#{{- end }}# -PULUMI_MISSING_DOCS_ERROR := true - -# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable -# Local & branch builds will just used this fixed default version unless specified -PROVIDER_VERSION ?= #{{ .Config.MajorVersion }}#.0.0-alpha.0+dev -# Use this normalised version everywhere rather than the raw input to ensure consistency. -VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)") - -LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC)#{{if .Config.ProviderVersion}}# -X #{{ .Config.ProviderVersion }}#=$(VERSION_GENERIC)#{{end}}# -#{{- if .Config.ProviderVersion }}# -LDFLAGS_UPSTREAM_VERSION=-X #{{ .Config.ProviderVersion }}#=v$(VERSION_GENERIC) -#{{- else }}# -LDFLAGS_UPSTREAM_VERSION= -#{{- end }}# -LDFLAGS_EXTRAS=#{{- range .Config.ExtraLDFlags }}# #{{ . }}# #{{- end }}# -LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS) - diff --git a/provider-ci/test-providers/eks/.mk/defaults.mk b/provider-ci/test-providers/eks/.mk/defaults.mk deleted file mode 100644 index 7f456fdfc2..0000000000 --- a/provider-ci/test-providers/eks/.mk/defaults.mk +++ /dev/null @@ -1,225 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made -# via https://github.com/pulumi/ci-mgmt. -# -# This file contains default make targets consumed by CI workflows. This targets are no-ops and are intended to be -# -# does not -# make any assumptions about the provider such as its language, file structure, -# etc. -# -# A top-level `Makefile` is required and must implement provider-specific -# targets like `test`. -# -# In order to use these targets, the top-level Makefile must include this file: -# -# include .mk/defaults.mk -# -# If the top-level Makefile implements a target like `test`, then this will be -# invoked in CI. Otherwise, the `default.test` target will be used. - -include .mk/vars.mk - -# Implement `prerequisites` to run custom logic before all SDK and provider build steps. -default.prebuild: - @echo "No prerequisites to build" - -default.development: install_plugins provider build_sdks install_sdks - -default.build: install_plugins provider build_sdks install_sdks - -default.build_sdks: build_nodejs build_python build_dotnet build_go build_java - -default.install_go_sdk: - -default.install_java_sdk: - -default.install_python_sdk: - -default.install_sdks: install_dotnet_sdk install_python_sdk install_nodejs_sdk install_java_sdk - - -default.build_dotnet: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_dotnet: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_dotnet: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_dotnet: prebuild - rm -rf sdk/dotnet - PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) dotnet --out sdk/dotnet/ - cd sdk/dotnet/ && \ - printf "module fake_dotnet_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - echo "$(VERSION_GENERIC)" >version.txt && \ - dotnet build - -default.build_go: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_go: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_go: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_go: prebuild - PULUMI_CONVERT=$(PULUMI_CONVERT) PULUMI_DISABLE_AUTOMATIC_PLUGIN_ACQUISITION=$(PULUMI_CONVERT) $(WORKING_DIR)/bin/$(TFGEN) go --out sdk/go/ - cd sdk && go list "$$(grep -e "^module" go.mod | cut -d ' ' -f 2)/go/..." | xargs -I {} bash -c 'go build {} && go clean -i {}' - -default.build_java: PACKAGE_VERSION := $(VERSION_GENERIC) -default.build_java: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_java: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_java: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_java: bin/pulumi-java-gen -default.build_java: prebuild - rm -rf sdk/java/ - $(WORKING_DIR)/bin/$(JAVA_GEN) generate --schema $(SCHEMA_PATH) --out sdk/java --build gradle-nexus - cd sdk/java/ && \ - printf "module fake_java_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - gradle --console=plain build && \ - gradle --console=plain javadoc - -default.build_nodejs: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_nodejs: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_nodejs: export PULUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_nodejs: prebuild - rm -rf sdk/nodejs/ - cd sdk/nodejs/ && \ - printf "module fake_nodejs_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - yarn install && \ - yarn run tsc && \ - cp ../../README.md ../../LICENSE* package.json yarn.lock ./bin/ - -default.build_python: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.build_python: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.build_python: export PULggUMI_CONVERT_EXAMPLES_CACHE_DIR := $(WORKING_DIR)/.pulumi/examples-cache -default.build_python: prebuild - rm -rf sdk/python/ - cd sdk/python/ && \ - printf "module fake_python_module // Exclude this directory from Go tools\n\ngo 1.17\n" > go.mod && \ - cp ../../README.md . && \ - rm -rf ./bin/ ../python.bin/ && cp -R . ../python.bin && mv ../python.bin ./bin && \ - rm ./bin/go.mod && \ - python3 -m venv venv && \ - ./venv/bin/python -m pip install build==1.2.1 && \ - cd ./bin && \ - ../venv/bin/python -m build . - -default.clean: - rm -rf sdk/{dotnet,nodejs,go,python} - rm -rf $(WORKING_DIR)/bin - -default.docs: - @echo "Define a `docs` target to generate docs." - -default.install_dotnet_sdk: - mkdir -p $(WORKING_DIR)/nuget - find . -name '*.nupkg' -print -exec cp -p {} $(WORKING_DIR)/nuget \; - -default.install_nodejs_sdk: - yarn link --cwd $(WORKING_DIR)/sdk/nodejs/bin - -default.install_plugins: export PULUMI_HOME := $(WORKING_DIR)/.pulumi -default.install_plugins: export PATH := $(WORKING_DIR)/.pulumi/bin:$(PATH) -default.install_plugins: .pulumi/bin/pulumi - -default.lint_provider: provider - cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml - -# `lint_provider.fix` is a utility target meant to be run manually -# that will run the linter and fix errors when possible. -default.lint_provider.fix: - cd provider && golangci-lint run --path-prefix provider -c ../.golangci.yml --fix - -# `make provider_no_deps` builds the provider binary directly, without ensuring that -# `cmd/pulumi-resource-eks/schema.json` is valid and up to date. -# To create a release ready binary, you should use `make provider`. -default.provider: - (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)) - -default.test: export PATH := $(WORKING_DIR)/bin:$(PATH) -default.test: - cd examples && go test -v -tags=all -parallel $(TESTPARALLELISM) -timeout 2h - -default.test_provider: - @echo "" - @echo "== test_provider ===================================================================" - @echo "" - cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) - -default.bin/pulumi-java-gen: - mkdir -p bin/ - pulumictl download-binary -n pulumi-language-java -v $(JAVA_GEN_VERSION) -r pulumi/pulumi-java - -# To make an immediately observable change to .ci-mgmt.yaml: -# -# - Edit .ci-mgmt.yaml -# - Run make ci-mgmt to apply the change locally. -# -default.ci-mgmt: .ci-mgmt.yaml - go run github.com/pulumi/ci-mgmt/provider-ci@master generate \ - --name $(ORG)/pulumi-$(PACK) \ - --out . \ - --template generic \ - --config $< - -# Because some codegen depends on the version of the CLI used, we install a local CLI -# version pinned to the same version as `provider/go.mod`. -# -# This logic compares the version of .pulumi/bin/pulumi already installed. If it matches -# the desired version, we just print. Otherwise we (re)install pulumi at the desired -# version. -default..pulumi/bin/pulumi: .pulumi/version - @if [ -x .pulumi/bin/pulumi ] && [ "v$$(cat .pulumi/version)" = "$$(.pulumi/bin/pulumi version)" ]; then \ - echo "pulumi/bin/pulumi version: v$$(cat .pulumi/version)"; \ - else \ - curl -fsSL https://get.pulumi.com | \ - HOME=$(WORKING_DIR) sh -s -- --version "$$(cat .pulumi/version)"; \ - fi - -# Compute the version of Pulumi to use by inspecting the Go dependencies of the provider. -default..pulumi/version: provider/go.mod - @mkdir -p .pulumi - @cd provider && go list -f "{{slice .Version 1}}" -m github.com/pulumi/pulumi/pkg/v3 | tee ../$@ - -.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test prerequisites ci-mgmt test_provider - -# Provider cross-platform build & packaging - -# These targets assume that the schema-embed.json exists - it's generated by tfgen. -# We disable CGO to ensure that the binary is statically linked. -bin/linux-amd64/$(PROVIDER): TARGET := linux-amd64 -bin/linux-arm64/$(PROVIDER): TARGET := linux-arm64 -bin/darwin-amd64/$(PROVIDER): TARGET := darwin-amd64 -bin/darwin-arm64/$(PROVIDER): TARGET := darwin-arm64 -bin/windows-amd64/$(PROVIDER).exe: TARGET := windows-amd64 -bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: - @# check the TARGET is set - test $(TARGET) - cd provider && \ - export GOOS=$$(echo "$(TARGET)" | cut -d "-" -f 1) && \ - export GOARCH=$$(echo "$(TARGET)" | cut -d "-" -f 2) && \ - export CGO_ENABLED=0 && \ - go build -o "${WORKING_DIR}/$@" $(PULUMI_PROVIDER_BUILD_PARALLELISM) -ldflags "$(LDFLAGS)" "$(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)" - -bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER) -bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe -bin/$(PROVIDER)-v$(VERSION_GENERIC)-%.tar.gz: - @mkdir -p dist - @# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz - @# $@ is the current target e.g. bin/pulumi-resource-xyz-v1.2.3-linux-amd64.tar.gz - tar --gzip -cf $@ README.md LICENSE -C $$(dirname $<) . - -provider_dist-linux-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz -provider_dist-linux-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz -provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz -provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz -provider_dist-windows-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz -provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 -.PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist - -help: - grep '^[^.#]\+:\s\+.*#' Makefile | \ - sed "s/\(.\+\):\s*\(.*\) #\s*\(.*\)/`printf "\033[93m"`\1`printf "\033[0m"` \3 [\2]/" | \ - expand -t20 - - -# Delegate any undefined target "foo" to its respective "default.foo" target, -# if it exists. -%: - @$(MAKE) -f defaults.mk "default.$@" - - diff --git a/provider-ci/test-providers/eks/.mk/vars.mk b/provider-ci/test-providers/eks/.mk/vars.mk deleted file mode 100644 index df27b0ca50..0000000000 --- a/provider-ci/test-providers/eks/.mk/vars.mk +++ /dev/null @@ -1,31 +0,0 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made -# via https://github.com/pulumi/ci-mgmt. -# -# This file contains default variables consumed by CI workflows. -# -PACK := eks -ORG := pulumi -PROJECT := github.com/$(ORG)/pulumi-$(PACK) -PROVIDER_PATH := provider/v3 -VERSION_PATH := $(PROVIDER_PATH)/pkg/version.Version -SCHEMA_PATH := provider/cmd/$(PROVIDER)/schema.json -PROVIDER := pulumi-resource-$(PACK) -JAVA_GEN := pulumi-java-gen -JAVA_GEN_VERSION := v0.16.1 -TESTPARALLELISM := 10 -WORKING_DIR := $(shell pwd) -PULUMI_PROVIDER_BUILD_PARALLELISM ?= -PULUMI_CONVERT := 0 -PULUMI_MISSING_DOCS_ERROR := true - -# Override during CI using `make [TARGET] PROVIDER_VERSION=""` or by setting a PROVIDER_VERSION environment variable -# Local & branch builds will just used this fixed default version unless specified -PROVIDER_VERSION ?= 3.0.0-alpha.0+dev -# Use this normalised version everywhere rather than the raw input to ensure consistency. -VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)") - -LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC) -LDFLAGS_UPSTREAM_VERSION= -LDFLAGS_EXTRAS= -LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS) - From 3a9de3b081e354ad0a431c166366c726661365a7 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 11 Nov 2024 15:53:17 -0800 Subject: [PATCH 12/16] regenerate eks --- provider-ci/test-providers/eks/.ci-mgmt.yaml | 2 +- .../eks/.github/workflows/build_provider.yml | 5 +- .../eks/.github/workflows/build_sdk.yml | 1 - .../.github/workflows/command-dispatch.yml | 1 - .../eks/.github/workflows/license.yml | 1 - .../eks/.github/workflows/lint.yml | 1 - .../eks/.github/workflows/master.yml | 61 +++---------- .../eks/.github/workflows/prerelease.yml | 17 ++-- .../eks/.github/workflows/prerequisites.yml | 13 ++- .../eks/.github/workflows/publish.yml | 1 - .../eks/.github/workflows/pull-request.yml | 1 - .../eks/.github/workflows/release.yml | 17 ++-- .../eks/.github/workflows/resync-build.yml | 1 - .../workflows/run-acceptance-tests.yml | 87 ++++++++++++------- .../eks/.github/workflows/verify-release.yml | 1 - 15 files changed, 96 insertions(+), 114 deletions(-) diff --git a/provider-ci/test-providers/eks/.ci-mgmt.yaml b/provider-ci/test-providers/eks/.ci-mgmt.yaml index abe552ea0a..23c7d95dbf 100644 --- a/provider-ci/test-providers/eks/.ci-mgmt.yaml +++ b/provider-ci/test-providers/eks/.ci-mgmt.yaml @@ -4,7 +4,6 @@ aws: true env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} GOLANGCI_LINT_VERSION: v1.61.0 @@ -23,3 +22,4 @@ env: PULUMI_ENABLE_RESOURCE_REFERENCES: 1 PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget template: generic +freeDiskSpaceBeforeTest: true # TODO: https://github.com/pulumi/pulumi/issues/17718 diff --git a/provider-ci/test-providers/eks/.github/workflows/build_provider.yml b/provider-ci/test-providers/eks/.github/workflows/build_provider.yml index afccb150e8..dd151611e9 100644 --- a/provider-ci/test-providers/eks/.github/workflows/build_provider.yml +++ b/provider-ci/test-providers/eks/.github/workflows/build_provider.yml @@ -45,14 +45,11 @@ jobs: # Avoid creating directories for each artifact merge-multiple: true path: provider/cmd/pulumi-resource-eks/schema-embed.json - - name: Prepare for build - # This installs plugins and prepares upstream - run: make upstream - name: Build & package provider run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }} - name: Upload artifacts uses: actions/upload-artifact@v4 with: name: pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz - path: bin/pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz + path: dist/pulumi-resource-eks-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz retention-days: 30 diff --git a/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml b/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml index 61ed3fe297..00292ce7a2 100644 --- a/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml +++ b/provider-ci/test-providers/eks/.github/workflows/build_sdk.yml @@ -9,7 +9,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml index 323780c891..6118880b97 100644 --- a/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml +++ b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml @@ -2,7 +2,6 @@ env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/license.yml b/provider-ci/test-providers/eks/.github/workflows/license.yml index daa10f0a6a..0edf104363 100644 --- a/provider-ci/test-providers/eks/.github/workflows/license.yml +++ b/provider-ci/test-providers/eks/.github/workflows/license.yml @@ -8,7 +8,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/lint.yml b/provider-ci/test-providers/eks/.github/workflows/lint.yml index adf5e979a0..6d12e18d9a 100644 --- a/provider-ci/test-providers/eks/.github/workflows/lint.yml +++ b/provider-ci/test-providers/eks/.github/workflows/lint.yml @@ -8,7 +8,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/master.yml b/provider-ci/test-providers/eks/.github/workflows/master.yml index 26af09bf2e..904923fa9f 100644 --- a/provider-ci/test-providers/eks/.github/workflows/master.yml +++ b/provider-ci/test-providers/eks/.github/workflows/master.yml @@ -2,7 +2,6 @@ env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -49,46 +48,6 @@ jobs: with: version: ${{ needs.prerequisites.outputs.version }} - generate_coverage_data: - continue-on-error: true - env: - COVERAGE_OUTPUT_DIR: ${{ secrets.COVERAGE_OUTPUT_DIR }} - name: generate_coverage_data - needs: prerequisites - runs-on: ubuntu-latest - steps: - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@v1.3.1 - with: - tool-cache: false - swap-storage: false - - name: Checkout Repo - uses: actions/checkout@v4 - with: - persist-credentials: false - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} - aws-region: us-west-2 - aws-secret-access-key: ${{ secrets.AWS_CORP_S3_UPLOAD_SECRET_ACCESS_KEY }} - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, go, schema-tools - - name: Echo Coverage Output Dir - run: 'echo "Coverage output directory: ${{ env.COVERAGE_OUTPUT_DIR }}"' - - name: Generate Coverage Data - run: PULUMI_MISSING_DOCS_ERROR=true make tfgen - - name: Summarize Provider Coverage Results - run: cat ${{ env.COVERAGE_OUTPUT_DIR }}/shortSummary.txt - - name: Upload coverage data to S3 - run: >- - summaryName="${PROVIDER}_summary_$(date +"%Y-%m-%d_%H-%M-%S").json" - - s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" - - aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control lint: name: lint uses: ./.github/workflows/lint.yml @@ -144,6 +103,13 @@ jobs: env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + tool-cache: false + swap-storage: false + dotnet: false - name: Checkout Repo uses: actions/checkout@v4 with: @@ -179,13 +145,12 @@ jobs: role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: diff --git a/provider-ci/test-providers/eks/.github/workflows/prerelease.yml b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml index 19ccfebec6..81845a3291 100644 --- a/provider-ci/test-providers/eks/.github/workflows/prerelease.yml +++ b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml @@ -3,7 +3,6 @@ env: IS_PRERELEASE: true ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -86,6 +85,13 @@ jobs: env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + tool-cache: false + swap-storage: false + dotnet: false - name: Checkout Repo uses: actions/checkout@v4 with: @@ -121,13 +127,8 @@ jobs: role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: diff --git a/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml b/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml index 1c727afa03..26d0611ed1 100644 --- a/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml +++ b/provider-ci/test-providers/eks/.github/workflows/prerequisites.yml @@ -19,7 +19,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -64,22 +63,22 @@ jobs: path: | .pulumi/examples-cache key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} - - name: Prepare upstream code - run: make upstream - name: Setup tools uses: ./.github/actions/setup-tools with: tools: go, pulumictl, pulumicli, schema-tools - - name: Build schema generator binary - run: make tfgen_build_only - name: Install plugins run: make install_plugins - name: Generate schema - run: make tfgen_no_deps + run: make schema - name: Build provider binary - run: make provider_no_deps + run: make provider - name: Unit-test provider code run: make test_provider + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: inputs.is_pr name: Check Schema is Valid run: | diff --git a/provider-ci/test-providers/eks/.github/workflows/publish.yml b/provider-ci/test-providers/eks/.github/workflows/publish.yml index 9d65db1ccc..334f20f95a 100644 --- a/provider-ci/test-providers/eks/.github/workflows/publish.yml +++ b/provider-ci/test-providers/eks/.github/workflows/publish.yml @@ -18,7 +18,6 @@ on: env: IS_PRERELEASE: ${{ inputs.isPrerelease }} ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/pull-request.yml b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml index 6a305605f9..6dfee6450d 100644 --- a/provider-ci/test-providers/eks/.github/workflows/pull-request.yml +++ b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml @@ -2,7 +2,6 @@ env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/release.yml b/provider-ci/test-providers/eks/.github/workflows/release.yml index d46e68714a..a04ede3013 100644 --- a/provider-ci/test-providers/eks/.github/workflows/release.yml +++ b/provider-ci/test-providers/eks/.github/workflows/release.yml @@ -8,7 +8,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -92,6 +91,13 @@ jobs: env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + tool-cache: false + swap-storage: false + dotnet: false - name: Checkout Repo uses: actions/checkout@v4 with: @@ -127,13 +133,8 @@ jobs: role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Install dependencies run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . + - name: Run example tests + run: make test_${{ matrix.language }} strategy: fail-fast: false matrix: diff --git a/provider-ci/test-providers/eks/.github/workflows/resync-build.yml b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml index 5b194351b2..80c0e5eccd 100644 --- a/provider-ci/test-providers/eks/.github/workflows/resync-build.yml +++ b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml @@ -4,7 +4,6 @@ env: PULUMI_EXTRA_MAPPING_ERROR: true PULUMI_MISSING_MAPPING_ERROR: true ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml index fedba7ef9b..0abf5abcd9 100644 --- a/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml @@ -13,7 +13,6 @@ on: env: PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -120,6 +119,7 @@ jobs: # otherwise use the current SHA for any other type of build. sha: ${{ github.event.pull_request.head.sha || github.sha }} + # TODO: Extract into shared action. test: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository @@ -134,34 +134,49 @@ jobs: env: PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + tool-cache: false + swap-storage: false + dotnet: false - name: Checkout Repo uses: actions/checkout@v4 with: ref: ${{ env.PR_COMMIT_SHA }} persist-credentials: false - - name: Checkout p/examples - if: matrix.testTarget == 'pulumiExamples' - uses: actions/checkout@v4 - with: - repository: pulumi/examples - path: p-examples - name: Setup tools uses: ./.github/actions/setup-tools with: - tools: pulumictl, pulumicli, ${{ matrix.language }} + tools: pulumictl, pulumicli, go, nodejs, python, dotnet, java - name: Download bin uses: ./.github/actions/download-bin - name: Add NuGet source - if: matrix.language == 'dotnet' run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK + - name: Download nodejs SDK + uses: ./.github/actions/download-sdk + with: + language: nodejs + - name: Download python SDK + uses: ./.github/actions/download-sdk + with: + language: python + - name: Download dotnet SDK + uses: ./.github/actions/download-sdk + with: + language: dotnet + - name: Download go SDK uses: ./.github/actions/download-sdk with: - language: ${{ matrix.language }} + language: go + - name: Download java SDK + uses: ./.github/actions/download-sdk + with: + language: java - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Install Python deps - if: matrix.language == 'python' run: |- pip3 install virtualenv==20.0.23 pip3 install pipenv @@ -175,28 +190,40 @@ jobs: role-session-name: eks@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 + run: make install_sdks + - name: Generate shard + id: shard + uses: hashicorp-forge/go-test-split-action@v2.0.0 with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - if: matrix.testTarget == 'local' - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . - - name: Run pulumi/examples tests - if: matrix.testTarget == 'pulumiExamples' - run: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . + working-directory: examples # TODO: Parameterize this. + flags: -tags=all + total: ${{ matrix.total }} + index: ${{ matrix.index }} + - name: Run example tests + run: make test_shard + env: + TAGS: all + TESTS: ${{ steps.shard.outputs.run}} + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} strategy: fail-fast: false matrix: - language: - - nodejs - - python - - dotnet - - go - - java - testTarget: [local] + total: + - 10 + index: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + - 8 + - 9 license_check: name: License Check uses: ./.github/workflows/license.yml diff --git a/provider-ci/test-providers/eks/.github/workflows/verify-release.yml b/provider-ci/test-providers/eks/.github/workflows/verify-release.yml index e35f022e01..aae2bc6c06 100644 --- a/provider-ci/test-providers/eks/.github/workflows/verify-release.yml +++ b/provider-ci/test-providers/eks/.github/workflows/verify-release.yml @@ -35,7 +35,6 @@ on: env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} - ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }} ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} AWS_REGION: us-west-2 GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} From b0c4b1c244ccdb46da8afd2e28c4bb4c7139a4c9 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Fri, 15 Nov 2024 13:30:18 -0800 Subject: [PATCH 13/16] consolidate test workflow --- .../generic/.github/workflows/main.yml | 95 +------------- .../.github/workflows/nightly-test.yml | 91 +------------ .../generic/.github/workflows/prerelease.yml | 90 +------------ .../generic/.github/workflows/release.yml | 90 +------------ .../workflows/run-acceptance-tests.yml | 122 ++--------------- .../generic/.github/workflows/test.yml | 123 ++++++++++++++++++ .../.github/workflows/command-dispatch.yml | 2 +- .../workflows/community-moderation.yml | 2 +- .../eks/.github/workflows/lint.yml | 2 +- .../eks/.github/workflows/master.yml | 70 +--------- .../eks/.github/workflows/prerelease.yml | 65 +-------- .../eks/.github/workflows/pull-request.yml | 2 +- .../eks/.github/workflows/release.yml | 65 +-------- .../eks/.github/workflows/release_command.yml | 2 +- .../workflows/run-acceptance-tests.yml | 114 ++-------------- .../eks/.github/workflows/test.yml | 115 ++++++++++++++++ provider-ci/test-providers/eks/.golangci.yml | 2 +- .../test-providers/eks/.upgrade-config.yml | 2 +- 18 files changed, 294 insertions(+), 760 deletions(-) create mode 100644 provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml create mode 100644 provider-ci/test-providers/eks/.github/workflows/test.yml diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml index 747e1deefc..f49dd29e20 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/main.yml @@ -73,99 +73,14 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_sdk - permissions: - contents: read - id-token: write - runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: - #{{- if .Config.FreeDiskSpaceBeforeTest }}# - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# - with: - tool-cache: false - swap-storage: false - dotnet: false - #{{- end }}# - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, ${{ matrix.language }} - - name: Download bin - uses: ./.github/actions/download-bin - - name: Add NuGet source - if: matrix.language == 'dotnet' - run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - #{{- if .Config.Docker }}# - - name: Run docker compose - run: docker compose -f testing/docker-compose.yml up --build -d - #{{- end }}# - #{{- if .Config.AWS }}# - - name: Configure AWS Credentials - uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: #{{ .Config.Provider }}#@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - #{{- end }}# - #{{- if .Config.GCP }}# - - name: Authenticate to Google Cloud - uses: #{{ .Config.ActionVersions.GoogleAuth }}# - with: - service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER - }}/locations/global/workloadIdentityPools/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - - name: Setup gcloud auth - uses: #{{ .Config.ActionVersions.SetupGcloud }}# - with: - install_components: gke-gcloud-auth-plugin - #{{- end }}# - #{{- if .Config.GCPRegistry }}# - - name: Login to Google Cloud Registry - run: gcloud --quiet auth configure-docker - #{{- end }}# - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - - name: Run example tests - run: make test_${{ matrix.language }} - strategy: - fail-fast: false - matrix: - language: -#{{ .Config.Languages | toYaml | indent 8 }}# + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + name: #{{ .Config.ProviderDefaultBranch }}# on: workflow_dispatch: {} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml index 53b8e552b2..9c2db5b354 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/nightly-test.yml @@ -28,95 +28,14 @@ jobs: version: ${{ needs.prerequisites.outputs.version }} test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_sdk - permissions: - contents: read - id-token: write - runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: -#{{- if .Config.FreeDiskSpaceBeforeTest }}# - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# - with: - tool-cache: false - swap-storage: false - dotnet: false -#{{- end }}# - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, ${{ matrix.language}} - - name: Download bin - uses: ./.github/actions/download-bin - - name: Add NuGet source - if: matrix.language == 'dotnet' - run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - #{{- if .Config.Docker }}# - - name: Run docker compose - run: docker compose -f testing/docker-compose.yml up --build -d - #{{- end }}# - #{{- if .Config.AWS }}# - - name: Configure AWS Credentials - uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: #{{ .Config.provider }}#@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - #{{- end }}# - #{{- if .Config.GCP }}# - - name: Authenticate to Google Cloud - uses: #{{ .Config.ActionVersions.GoogleAuth }}# - with: - service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER - }}/locations/global/workloadIdentityPools/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - - name: Setup gcloud auth - uses: #{{ .Config.ActionVersions.SetupGcloud }}# - with: - install_components: gke-gcloud-auth-plugin - #{{- end }}# - #{{- if .Config.GCPRegistry }}# - - name: Login to Google Cloud Registry - run: gcloud --quiet auth configure-docker - #{{- end }}# - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Run example tests - run: make test_${{ matrix.language }} # TODO: Use test_shard. - strategy: - fail-fast: false - matrix: - language: -#{{ .Config.Languages | toYaml | indent 10 }}# + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + name: cron on: schedule: diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml index c2163c4213..9b9c3fcd94 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/prerelease.yml @@ -55,95 +55,13 @@ jobs: isPrerelease: true test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_sdk - permissions: - contents: read - id-token: write - runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: -#{{- if .Config.FreeDiskSpaceBeforeTest }}# - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# - with: - tool-cache: false - swap-storage: false - dotnet: false -#{{- end }}# - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, #{{ range $index, $element := .Config.Languages }}##{{if $index}}#, #{{end}}##{{ $element }}##{{end}}# - - name: Download bin - uses: ./.github/actions/download-bin - - name: Add NuGet source - if: matrix.language == 'dotnet' - run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - #{{- if .Config.Docker }}# - - name: Run docker compose - run: docker compose -f testing/docker-compose.yml up --build -d - #{{- end }}# - #{{- if .Config.AWS }}# - - name: Configure AWS Credentials - uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: #{{ .Config.Provider }}#@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - #{{- end }}# - #{{- if .Config.GCP }}# - - name: Authenticate to Google Cloud - uses: #{{ .Config.ActionVersions.GoogleAuth }}# - with: - service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER - }}/locations/global/workloadIdentityPools/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - - name: Setup gcloud auth - uses: #{{ .Config.ActionVersions.SetupGcloud }}# - with: - install_components: gke-gcloud-auth-plugin - #{{- end }}# - #{{- if .Config.GCPRegistry }}# - - name: Login to Google Cloud Registry - run: gcloud --quiet auth configure-docker - #{{- end }}# - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Run example tests - run: make test_${{ matrix.language }} - strategy: - fail-fast: false - matrix: - language: -#{{ .Config.Languages | toYaml | indent 8 }}# + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} name: prerelease on: diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml index 99ee48bcef..be8f7bb0ac 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/release.yml @@ -64,92 +64,10 @@ jobs: isPrerelease: false test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_sdk - permissions: - contents: read - id-token: write - runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSDK }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: -#{{- if .Config.FreeDiskSpaceBeforeTest }}# - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# - with: - tool-cache: false - swap-storage: false - dotnet: false -#{{- end }}# - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, ${{ matrix.language }} - - name: Download bin - uses: ./.github/actions/download-bin - - name: Add NuGet source - if: matrix.language == 'dotnet' - run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - #{{- if .Config.Docker }}# - - name: Run docker compose - run: docker compose -f testing/docker-compose.yml up --build -d - #{{- end }}# - #{{- if .Config.AWS }}# - - name: Configure AWS Credentials - uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: #{{ .Config.Provider }}#@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - #{{- end }}# - #{{- if .Config.GCP }}# - - name: Authenticate to Google Cloud - uses: #{{ .Config.ActionVersions.GoogleAuth }}# - with: - service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER - }}/locations/global/workloadIdentityPools/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - - name: Setup gcloud auth - uses: #{{ .Config.ActionVersions.SetupGcloud }}# - with: - install_components: gke-gcloud-auth-plugin - #{{- end }}# - #{{- if .Config.GCPRegistry }}# - - name: Login to Google Cloud Registry - run: gcloud --quiet auth configure-docker - #{{- end }}# - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Run example tests - run: make test_${{ matrix.language }} - strategy: - fail-fast: false - matrix: - language: -#{{ .Config.Languages | toYaml | indent 8 }}# + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml index 217245edb3..5d2ab34257 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/run-acceptance-tests.yml @@ -75,6 +75,15 @@ jobs: secrets: inherit #{{ end -}}# + test: + uses: ./.github/workflows/test.yml + needs: + - prerequisites + - build_sdk + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + sentinel: name: sentinel if: github.event_name == 'repository_dispatch' || @@ -102,119 +111,6 @@ jobs: # otherwise use the current SHA for any other type of build. sha: ${{ github.event.pull_request.head.sha || github.sha }} - # TODO: Extract into shared action. - test: - if: github.event_name == 'repository_dispatch' || - github.event.pull_request.head.repo.full_name == github.repository - name: test - needs: - - prerequisites - - build_sdk - permissions: - contents: read - id-token: write - runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSdk }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: -#{{- if .Config.FreeDiskSpaceBeforeTest }}# - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# - with: - tool-cache: false - swap-storage: false - dotnet: false -#{{- end }}# - - name: Checkout Repo - uses: #{{ .Config.ActionVersions.Checkout }}# - with: - ref: ${{ env.PR_COMMIT_SHA }} - #{{- if .Config.CheckoutSubmodules }}# - submodules: #{{ .Config.CheckoutSubmodules }}# - #{{- end }}# - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, go, nodejs, python, dotnet, java - - name: Download bin - uses: ./.github/actions/download-bin - - name: Add NuGet source - run: dotnet nuget add source ${{ github.workspace }}/nuget - #{{- range $_, $language := .Config.Languages }}# - - name: Download #{{ $language }}# SDK - uses: ./.github/actions/download-sdk - with: - language: #{{ $language }}# - #{{- end }}# - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - #{{- if .Config.Docker }}# - - name: Run docker compose - run: docker compose -f testing/docker-compose.yml up --build -d - #{{- end }}# - #{{- if .Config.AWS }}# - - name: Configure AWS Credentials - uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: #{{ .Config.Provider }}#@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - #{{- end }}# - #{{- if .Config.GCP }}# - - name: Authenticate to Google Cloud - uses: #{{ .Config.ActionVersions.GoogleAuth }}# - with: - service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER - }}/locations/global/workloadIdentityPools/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ - env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - - name: Setup gcloud auth - uses: #{{ .Config.ActionVersions.SetupGcloud }}# - with: - install_components: gke-gcloud-auth-plugin - #{{- end }}# - #{{- if .Config.GCPRegistry }}# - - name: Login to Google Cloud Registry - run: gcloud --quiet auth configure-docker - #{{- end }}# - - name: Install dependencies - run: make install_sdks - - name: Generate shard - id: shard - uses: hashicorp-forge/go-test-split-action@v2.0.0 - with: - working-directory: examples # TODO: Parameterize this. - flags: -tags=all - total: ${{ matrix.total }} - index: ${{ matrix.index }} - - name: Run example tests - run: make test_shard - env: - TAGS: all - TESTS: ${{ steps.shard.outputs.run}} - - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - strategy: - fail-fast: false - matrix: - total: - - #{{ .Config.Shards }}# - index: - #{{- range $i, $_ := until .Config.Shards }}# - - #{{ $i }}# - #{{- end }}# license_check: name: License Check uses: ./.github/workflows/license.yml diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml new file mode 100644 index 0000000000..5710708d1a --- /dev/null +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml @@ -0,0 +1,123 @@ +name: "Test Provider" + +on: + workflow_call: + inputs: + version: + required: true + type: string + description: Version of the provider to test + +jobs: + # TODO: Extract into shared action. + test: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: test + permissions: + contents: read + id-token: write + runs-on: #{{ if .Config.Runner.BuildSDK }}##{{- .Config.Runner.BuildSdk }}##{{ else }}##{{- .Config.Runner.Default }}##{{ end }}# + env: + PROVIDER_VERSION: ${{ inputs.version }} + steps: +#{{- if .Config.FreeDiskSpaceBeforeTest }}# + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: #{{ .Config.ActionVersions.FreeDiskSpace }}# + with: + tool-cache: false + swap-storage: false + dotnet: false +#{{- end }}# + - name: Checkout Repo + uses: #{{ .Config.ActionVersions.Checkout }}# + with: + ref: ${{ env.PR_COMMIT_SHA }} + #{{- if .Config.CheckoutSubmodules }}# + submodules: #{{ .Config.CheckoutSubmodules }}# + #{{- end }}# + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, nodejs, python, dotnet, java + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + run: dotnet nuget add source ${{ github.workspace }}/nuget + #{{- range $_, $language := .Config.Languages }}# + - name: Download #{{ $language }}# SDK + uses: ./.github/actions/download-sdk + with: + language: #{{ $language }}# + #{{- end }}# + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + #{{- if .Config.Docker }}# + - name: Run docker compose + run: docker compose -f testing/docker-compose.yml up --build -d + #{{- end }}# + #{{- if .Config.AWS }}# + - name: Configure AWS Credentials + uses: #{{ .Config.ActionVersions.ConfigureAwsCredentials }}# + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: #{{ .Config.Provider }}#@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + #{{- end }}# + #{{- if .Config.GCP }}# + - name: Authenticate to Google Cloud + uses: #{{ .Config.ActionVersions.GoogleAuth }}# + with: + service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} + workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER + }}/locations/global/workloadIdentityPools/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ + env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} + - name: Setup gcloud auth + uses: #{{ .Config.ActionVersions.SetupGcloud }}# + with: + install_components: gke-gcloud-auth-plugin + #{{- end }}# + #{{- if .Config.GCPRegistry }}# + - name: Login to Google Cloud Registry + run: gcloud --quiet auth configure-docker + #{{- end }}# + - name: Install dependencies + run: make install_sdks + + # TODO: This should be a make target. + - name: Generate shard + id: shard + uses: hashicorp-forge/go-test-split-action@v2.0.0 + with: + working-directory: examples # TODO: Parameterize this. + flags: -tags=all + total: ${{ matrix.total }} + index: ${{ matrix.index }} + - name: Run example tests + run: make test_shard + env: + TAGS: all + TESTS: ${{ steps.shard.outputs.run}} + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + strategy: + fail-fast: false + matrix: + total: + - #{{ .Config.Shards }}# + index: + #{{- range $i, $_ := until .Config.Shards }}# + - #{{ $i }}# + #{{- end }}# diff --git a/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml index 6118880b97..1e084dc3ef 100644 --- a/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml +++ b/provider-ci/test-providers/eks/.github/workflows/command-dispatch.yml @@ -1,4 +1,4 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} diff --git a/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml b/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml index 2afb297c25..fc701df62e 100644 --- a/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml +++ b/provider-ci/test-providers/eks/.github/workflows/community-moderation.yml @@ -1,4 +1,4 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/provider-ci/test-providers/eks/.github/workflows/lint.yml b/provider-ci/test-providers/eks/.github/workflows/lint.yml index 6d12e18d9a..d140a7d4c5 100644 --- a/provider-ci/test-providers/eks/.github/workflows/lint.yml +++ b/provider-ci/test-providers/eks/.github/workflows/lint.yml @@ -1,4 +1,4 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt name: lint diff --git a/provider-ci/test-providers/eks/.github/workflows/master.yml b/provider-ci/test-providers/eks/.github/workflows/master.yml index 904923fa9f..90ab4c3862 100644 --- a/provider-ci/test-providers/eks/.github/workflows/master.yml +++ b/provider-ci/test-providers/eks/.github/workflows/master.yml @@ -92,74 +92,14 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_sdk - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be - with: - tool-cache: false - swap-storage: false - dotnet: false - - name: Checkout Repo - uses: actions/checkout@v4 - with: - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, ${{ matrix.language }} - - name: Download bin - uses: ./.github/actions/download-bin - - name: Add NuGet source - if: matrix.language == 'dotnet' - run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: eks@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - - name: Run example tests - run: make test_${{ matrix.language }} - strategy: - fail-fast: false - matrix: - language: - - nodejs - - python - - dotnet - - go - - java + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + name: master on: workflow_dispatch: {} diff --git a/provider-ci/test-providers/eks/.github/workflows/prerelease.yml b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml index 81845a3291..505c62225d 100644 --- a/provider-ci/test-providers/eks/.github/workflows/prerelease.yml +++ b/provider-ci/test-providers/eks/.github/workflows/prerelease.yml @@ -74,70 +74,13 @@ jobs: isPrerelease: true test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_sdk - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be - with: - tool-cache: false - swap-storage: false - dotnet: false - - name: Checkout Repo - uses: actions/checkout@v4 - with: - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java - - name: Download bin - uses: ./.github/actions/download-bin - - name: Add NuGet source - if: matrix.language == 'dotnet' - run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: eks@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Run example tests - run: make test_${{ matrix.language }} - strategy: - fail-fast: false - matrix: - language: - - nodejs - - python - - dotnet - - go - - java + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} name: prerelease on: diff --git a/provider-ci/test-providers/eks/.github/workflows/pull-request.yml b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml index 6dfee6450d..c490a4fe0c 100644 --- a/provider-ci/test-providers/eks/.github/workflows/pull-request.yml +++ b/provider-ci/test-providers/eks/.github/workflows/pull-request.yml @@ -1,4 +1,4 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt env: ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} diff --git a/provider-ci/test-providers/eks/.github/workflows/release.yml b/provider-ci/test-providers/eks/.github/workflows/release.yml index a04ede3013..eeb01e5ec1 100644 --- a/provider-ci/test-providers/eks/.github/workflows/release.yml +++ b/provider-ci/test-providers/eks/.github/workflows/release.yml @@ -80,67 +80,10 @@ jobs: isPrerelease: false test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_sdk - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be - with: - tool-cache: false - swap-storage: false - dotnet: false - - name: Checkout Repo - uses: actions/checkout@v4 - with: - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, ${{ matrix.language }} - - name: Download bin - uses: ./.github/actions/download-bin - - name: Add NuGet source - if: matrix.language == 'dotnet' - run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: eks@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Run example tests - run: make test_${{ matrix.language }} - strategy: - fail-fast: false - matrix: - language: - - nodejs - - python - - dotnet - - go - - java + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} diff --git a/provider-ci/test-providers/eks/.github/workflows/release_command.yml b/provider-ci/test-providers/eks/.github/workflows/release_command.yml index 4029f32a79..f199952c88 100644 --- a/provider-ci/test-providers/eks/.github/workflows/release_command.yml +++ b/provider-ci/test-providers/eks/.github/workflows/release_command.yml @@ -1,4 +1,4 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt name: release-command on: diff --git a/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml index 0abf5abcd9..78a9fe0249 100644 --- a/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml +++ b/provider-ci/test-providers/eks/.github/workflows/run-acceptance-tests.yml @@ -94,6 +94,15 @@ jobs: name: lint uses: ./.github/workflows/lint.yml secrets: inherit + test: + uses: ./.github/workflows/test.yml + needs: + - prerequisites + - build_sdk + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + sentinel: name: sentinel if: github.event_name == 'repository_dispatch' || @@ -119,111 +128,6 @@ jobs: # otherwise use the current SHA for any other type of build. sha: ${{ github.event.pull_request.head.sha || github.sha }} - # TODO: Extract into shared action. - test: - if: github.event_name == 'repository_dispatch' || - github.event.pull_request.head.repo.full_name == github.repository - name: test - needs: - - prerequisites - - build_sdk - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be - with: - tool-cache: false - swap-storage: false - dotnet: false - - name: Checkout Repo - uses: actions/checkout@v4 - with: - ref: ${{ env.PR_COMMIT_SHA }} - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, go, nodejs, python, dotnet, java - - name: Download bin - uses: ./.github/actions/download-bin - - name: Add NuGet source - run: dotnet nuget add source ${{ github.workspace }}/nuget - - name: Download nodejs SDK - uses: ./.github/actions/download-sdk - with: - language: nodejs - - name: Download python SDK - uses: ./.github/actions/download-sdk - with: - language: python - - name: Download dotnet SDK - uses: ./.github/actions/download-sdk - with: - language: dotnet - - name: Download go SDK - uses: ./.github/actions/download-sdk - with: - language: go - - name: Download java SDK - uses: ./.github/actions/download-sdk - with: - language: java - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: eks@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Install dependencies - run: make install_sdks - - name: Generate shard - id: shard - uses: hashicorp-forge/go-test-split-action@v2.0.0 - with: - working-directory: examples # TODO: Parameterize this. - flags: -tags=all - total: ${{ matrix.total }} - index: ${{ matrix.index }} - - name: Run example tests - run: make test_shard - env: - TAGS: all - TESTS: ${{ steps.shard.outputs.run}} - - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - strategy: - fail-fast: false - matrix: - total: - - 10 - index: - - 0 - - 1 - - 2 - - 3 - - 4 - - 5 - - 6 - - 7 - - 8 - - 9 license_check: name: License Check uses: ./.github/workflows/license.yml diff --git a/provider-ci/test-providers/eks/.github/workflows/test.yml b/provider-ci/test-providers/eks/.github/workflows/test.yml new file mode 100644 index 0000000000..2d952a46db --- /dev/null +++ b/provider-ci/test-providers/eks/.github/workflows/test.yml @@ -0,0 +1,115 @@ +name: "Test Provider" + +on: + workflow_call: + inputs: + version: + required: true + type: string + description: Version of the provider to test + +jobs: + # TODO: Extract into shared action. + test: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + name: test + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ inputs.version }} + steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be + with: + tool-cache: false + swap-storage: false + dotnet: false + - name: Checkout Repo + uses: actions/checkout@v4 + with: + ref: ${{ env.PR_COMMIT_SHA }} + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, go, nodejs, python, dotnet, java + - name: Download bin + uses: ./.github/actions/download-bin + - name: Add NuGet source + run: dotnet nuget add source ${{ github.workspace }}/nuget + - name: Download nodejs SDK + uses: ./.github/actions/download-sdk + with: + language: nodejs + - name: Download python SDK + uses: ./.github/actions/download-sdk + with: + language: python + - name: Download dotnet SDK + uses: ./.github/actions/download-sdk + with: + language: dotnet + - name: Download go SDK + uses: ./.github/actions/download-sdk + with: + language: go + - name: Download java SDK + uses: ./.github/actions/download-sdk + with: + language: java + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: eks@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_sdks + + # TODO: This should be a make target. + - name: Generate shard + id: shard + uses: hashicorp-forge/go-test-split-action@v2.0.0 + with: + working-directory: examples # TODO: Parameterize this. + flags: -tags=all + total: ${{ matrix.total }} + index: ${{ matrix.index }} + - name: Run example tests + run: make test_shard + env: + TAGS: all + TESTS: ${{ steps.shard.outputs.run}} + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@v4 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + strategy: + fail-fast: false + matrix: + total: + - 10 + index: + - 0 + - 1 + - 2 + - 3 + - 4 + - 5 + - 6 + - 7 + - 8 + - 9 diff --git a/provider-ci/test-providers/eks/.golangci.yml b/provider-ci/test-providers/eks/.golangci.yml index 720e7cd3f8..93b7d5032e 100644 --- a/provider-ci/test-providers/eks/.golangci.yml +++ b/provider-ci/test-providers/eks/.golangci.yml @@ -1,4 +1,4 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt linters: enable: diff --git a/provider-ci/test-providers/eks/.upgrade-config.yml b/provider-ci/test-providers/eks/.upgrade-config.yml index 0005a01982..39389b55c8 100644 --- a/provider-ci/test-providers/eks/.upgrade-config.yml +++ b/provider-ci/test-providers/eks/.upgrade-config.yml @@ -1,4 +1,4 @@ -# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt +# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt --- upstream-provider-name: terraform-provider-eks From 0dc27e294539500ca6a59349d273d7e8b5374b3c Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Fri, 15 Nov 2024 15:25:33 -0800 Subject: [PATCH 14/16] include env vars in tests --- .../pkg/templates/generic/.github/workflows/test.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml index 5710708d1a..83d2c80a4a 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml @@ -8,8 +8,11 @@ on: type: string description: Version of the provider to test +env: + PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} +#{{ .Config.Env | toYaml | indent 2 }}# + jobs: - # TODO: Extract into shared action. test: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository From ce7311efba0da84312e29ded8d103f0df53978c8 Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Tue, 19 Nov 2024 10:13:06 -0800 Subject: [PATCH 15/16] readme --- provider-ci/internal/pkg/templates/README.md | 137 ++++++++++++++++++ .../.github/actions/download-bin/action.yml | 4 +- .../.github/workflows/resync-build.yml | 2 +- .../generic/.github/workflows/test.yml | 15 +- .../.github/actions/download-bin/action.yml | 4 +- .../eks/.github/workflows/resync-build.yml | 2 +- .../eks/.github/workflows/test.yml | 42 ++++-- 7 files changed, 177 insertions(+), 29 deletions(-) create mode 100644 provider-ci/internal/pkg/templates/README.md diff --git a/provider-ci/internal/pkg/templates/README.md b/provider-ci/internal/pkg/templates/README.md new file mode 100644 index 0000000000..e98f9b3a5c --- /dev/null +++ b/provider-ci/internal/pkg/templates/README.md @@ -0,0 +1,137 @@ +# Provider templates + +This directory contains all of the templates we use for generating GitHub +workflows (among other things) for Pulumi providers. + +These templates are composable and additive, for example many templates mix in +the "pulumi-provider" to include our code of conduct. + +The full list of supported templates is available in +[`generate.go`](../generate.go), but this documentation focuses on the +"generic" template and the general direction and design principles we should +apply when modifying these templates. + +## Generic template + +The [`generic`](./generic) template was forked from our battle-tested +[`bridged`](./bridged-provider) template with an eye towards generalizing +things such that we could enable _all_ providers to be managed by `ci-mgmt` -- +with an eventual goal of allowing third-party parties to benefit from this +tooling as well. + +(This is still a work in progress and the current state of the template may not +yet fully reflect these goals.) + +After running the bridged template for a number of years several problems +emerged: + +1. Accumulation of special-casing and one-off configuration options adds + complexity to workflows and makes it harder to maintain and reason about all + possible workflow behaviors. + +2. Over-reliance on GitHub actions for setting up CI environments makes it + difficult to reproduce failures locally. For example it's very easy for CI + to use a different version of `golangci-lint` than what you have locally. + +3. A tight coupling of tooling and workflows means that workflow updates can + require manual intervention when tooling changes are included. For example + workflows can fail until someone manually resolves errors due to a + `golantci-lint` update. + +With those problems in mind we have a couple principles for these templates +going forward: + +1. Inversion of control: The provider should be the source of truth for as much + as possible, and `ci-mgmt` should be as "dumb" as possible. The provider/CI + interaction should be driven entirely by `make` targets, and `ci-mgmt` + should know nothing about the provider's implementation details -- not even + the language of the provider. + +2. Local first: CI should leverage the same setup steps that a developer would + run locally. + +3. Separation of concerns: Workflows and tooling can and should be managed + separately. It is OK for a long-tail provider to use an older version of + `golangci-lint` if we haven't yet had an opportunity to update its code, but + that should not prevent it from being released if we need to ship an urgent + fix. + +Concretely, this means: +* We should avoid adding new configuration that leaks implementation details of + the provider to `ci-mgmt`. +* We should provide sane default `make` targets but allow the provider to + override them if necessary. +* We should prefer to perform setup as part of a `make` target or as part of + tests instead of adding additional GitHub actions. + +## Contract + +The generic template drives all workflows via `make` targets. +(If an action _doesn't_ invoke a `make` target that's a bug!) + +A `./bin` and `./sdk` must exist at the root of the provider's repo. + +Targets should be parallelizable (`-j`). + +### Required targets + +#### Prerequisites + +This workflow is the first step run during releases, pre-releases, PR tests, +and merges to main. + +* `make install_plugins`: (TODO: Use a more generic `make prepare` or just drop + this.) +* `make schema`: Ensures generated schema is in place. +* `make provider`: Builds the provider binary. +* `make test_provider`: Runs "fast" tests, typically unit tests for the + provider. These tests should run fast enough to not need sharding across + multiple workers. The provider is responsible for deciding how to run these, + but default behavior will be to execute `go test ./...` under the + `./provider` path. + +#### Build provider + +This workflow is run during releases, pre-releases, PR tests, and merges to +main after the prerequisites step has succeeded. + +* `make provider_dist-${OS}-${ARCH}`: (TODO: use a file path) Responsible for + building a provider binary under `./bin` for the given architecture and OS. + These binaries will be uploaded and re-used in later steps. + +#### Resync build + +* `make build`: A single target to re-build everything (schema, SDKs, binaries, + etc.). + +#### Build SDK + +This workflow is run during releases, pre-releases, PR tests, and merges to +main after the prerequisites step has succeeded. + +* `make build_${language}`: Generates the SDK for the given language. + +#### Test + +This workflow is run during releases, pre-releases, PR tests, and merges to +main after the provider binaries and SDKs have been generated. + +This differs from the `bridged` template in that sharding is arbitrary and left +to the discretion of the provider. Typically we have use fixed shards based on +languages, but this is restrictive and a poor developer experience in general +(https://github.com/pulumi/ci-mgmt/issues/676). + +* `make install_sdks`: Install SDKs for all available languages. +* `make shard`: This target takes two environment variables -- `$SHARD_TOTAL` + and `$SHARD_INDEX` -- and is responsible for determining tests to run for + this shard. It will probably mutate the environment in some way, for example + by appending to `$GITHUB_ENV`, in order to inform the `test_shard` target. +* `make test_shard`: This target is responsible for executing tests identified + in the `shard` target. + +## Configuring a template + +[`config.go`](../config.go) contains all of the allowable options for `.ci-mgmt.yaml` files. + +While it's possible to add new options here, in general we would like to reduce +the amount of configuration options available. diff --git a/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml b/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml index f925c04369..f00640b770 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/actions/download-bin/action.yml @@ -1,10 +1,10 @@ name: Download binary assets -description: Downloads the provider and tfgen binaries to `bin/`. +description: Downloads provider binaries to `bin/`. runs: using: "composite" steps: - - name: Download provider + tfgen binaries + - name: Download provider binaries uses: #{{ .Config.ActionVersions.DownloadArtifact }}# with: name: #{{ .Config.Provider }}#-provider.tar.gz diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml index 83fdaf5c62..090eab4de9 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/resync-build.yml @@ -51,7 +51,7 @@ jobs: rm .gitignore.temp shell: bash - name: Build - run: make build + run: make -j4 build - name: Create PR (no linked issue) uses: peter-evans/create-pull-request@v3.12.0 with: diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml index 83d2c80a4a..5e2740e8cd 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml @@ -97,20 +97,13 @@ jobs: - name: Install dependencies run: make install_sdks - # TODO: This should be a make target. - name: Generate shard - id: shard - uses: hashicorp-forge/go-test-split-action@v2.0.0 - with: - working-directory: examples # TODO: Parameterize this. - flags: -tags=all - total: ${{ matrix.total }} - index: ${{ matrix.index }} + run: make shard + env: + SHARD_TOTAL: ${{ matrix.total }} + SHARD_INDEX: ${{ matrix.index }} - name: Run example tests run: make test_shard - env: - TAGS: all - TESTS: ${{ steps.shard.outputs.run}} - name: Upload coverage reports to Codecov uses: codecov/codecov-action@v4 env: diff --git a/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml b/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml index 8558d5f735..b400dbe8c0 100644 --- a/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml +++ b/provider-ci/test-providers/eks/.github/actions/download-bin/action.yml @@ -1,10 +1,10 @@ name: Download binary assets -description: Downloads the provider and tfgen binaries to `bin/`. +description: Downloads provider binaries to `bin/`. runs: using: "composite" steps: - - name: Download provider + tfgen binaries + - name: Download provider binaries uses: actions/download-artifact@v4 with: name: eks-provider.tar.gz diff --git a/provider-ci/test-providers/eks/.github/workflows/resync-build.yml b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml index 80c0e5eccd..e00830dc20 100644 --- a/provider-ci/test-providers/eks/.github/workflows/resync-build.yml +++ b/provider-ci/test-providers/eks/.github/workflows/resync-build.yml @@ -70,7 +70,7 @@ jobs: rm .gitignore.temp shell: bash - name: Build - run: make build + run: make -j4 build - name: Create PR (no linked issue) uses: peter-evans/create-pull-request@v3.12.0 with: diff --git a/provider-ci/test-providers/eks/.github/workflows/test.yml b/provider-ci/test-providers/eks/.github/workflows/test.yml index 2d952a46db..8aacd12022 100644 --- a/provider-ci/test-providers/eks/.github/workflows/test.yml +++ b/provider-ci/test-providers/eks/.github/workflows/test.yml @@ -8,8 +8,33 @@ on: type: string description: Version of the provider to test +env: + PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} + ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} + ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + GOLANGCI_LINT_VERSION: v1.61.0 + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PROVIDER: eks + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_ENABLE_RESOURCE_REFERENCES: "1" + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + jobs: - # TODO: Extract into shared action. test: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository @@ -79,20 +104,13 @@ jobs: - name: Install dependencies run: make install_sdks - # TODO: This should be a make target. - name: Generate shard - id: shard - uses: hashicorp-forge/go-test-split-action@v2.0.0 - with: - working-directory: examples # TODO: Parameterize this. - flags: -tags=all - total: ${{ matrix.total }} - index: ${{ matrix.index }} + run: make shard + env: + SHARD_TOTAL: ${{ matrix.total }} + SHARD_INDEX: ${{ matrix.index }} - name: Run example tests run: make test_shard - env: - TAGS: all - TESTS: ${{ steps.shard.outputs.run}} - name: Upload coverage reports to Codecov uses: codecov/codecov-action@v4 env: From e74c98780a160e804d7c02baabda09a94adf7a9e Mon Sep 17 00:00:00 2001 From: Bryce Lampe Date: Mon, 9 Dec 2024 11:06:52 -0800 Subject: [PATCH 16/16] DON'T FORGET TO ONLY HAVE THE IF ON PR WORKFLOW --- .../internal/pkg/templates/generic/.github/workflows/test.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml b/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml index 5e2740e8cd..0959c845d1 100644 --- a/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml +++ b/provider-ci/internal/pkg/templates/generic/.github/workflows/test.yml @@ -14,6 +14,7 @@ env: jobs: test: + # TODO: This event name doesn't work -- needs to move up if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository name: test