Skip to content

Commit

Permalink
Update GitHub Actions workflows. (#4202)
Browse files Browse the repository at this point in the history
This PR was automatically generated by the
update-workflows-ecosystem-providers workflow in the pulumi/ci-mgmt
repo, from commit ee587647d119011240dcb295c76568ffc1efa11a.
  • Loading branch information
pulumi-bot authored Jul 10, 2024
1 parent 9d8671d commit 25aee6c
Show file tree
Hide file tree
Showing 11 changed files with 561 additions and 30 deletions.
64 changes: 64 additions & 0 deletions .github/workflows/build_provider.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
name: "Build Provider"

on:
workflow_call:
inputs:
version:
required: true
type: string
description: Version of the provider to build

jobs:
build_provider:
name: Build ${{ matrix.platform.os }}-${{ matrix.platform.arch }}
runs-on: ubuntu-latest
env:
PROVIDER_VERSION: ${{ inputs.version }}
strategy:
fail-fast: true
matrix:
platform:
- os: linux
arch: amd64
- os: linux
arch: arm64
- os: darwin
arch: amd64
- os: darwin
arch: arm64
- os: windows
arch: amd64
steps:
# Run as first step so we don't delete things that have just been installed
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be
with:
tool-cache: false
swap-storage: false
- name: Checkout Repo
uses: actions/checkout@v4
with:
submodules: true
- name: Setup tools
uses: ./.github/actions/setup-tools
with:
tools: pulumictl, go
- name: Download schema-embed.json
uses: actions/download-artifact@v4
with:
# Use a pattern to avoid failing if the artifact doesn't exist
pattern: schema-embed.*
# Avoid creating directories for each artifact
merge-multiple: true
path: provider/cmd/pulumi-resource-aws/schema-embed.json
- name: Prepare for build
# This installs plugins and prepares upstream
run: make upstream
- name: Build & package provider
run: make provider_dist-${{ matrix.platform.os }}-${{ matrix.platform.arch }}
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: pulumi-resource-aws-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz
path: bin/pulumi-resource-aws-v${{ inputs.version }}-${{ matrix.platform.os }}-${{ matrix.platform.arch }}.tar.gz
retention-days: 30
8 changes: 8 additions & 0 deletions .github/workflows/master.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,13 @@ jobs:
is_pr: ${{ github.event_name == 'pull_request' }}
is_automated: ${{ github.actor == 'dependabot[bot]' }}

build_provider:
uses: ./.github/workflows/build_provider.yml
needs: prerequisites
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}

build_sdk:
name: build_sdk
needs: prerequisites
Expand Down Expand Up @@ -86,6 +93,7 @@ jobs:
name: publish
needs:
- prerequisites
- build_provider
- test
- license_check
- go_test_shim
Expand Down
7 changes: 7 additions & 0 deletions .github/workflows/nightly-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,13 @@ jobs:
is_pr: ${{ github.event_name == 'pull_request' }}
is_automated: ${{ github.actor == 'dependabot[bot]' }}

build_provider:
uses: ./.github/workflows/build_provider.yml
needs: prerequisites
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}

build_sdk:
name: build_sdk
needs: prerequisites
Expand Down
8 changes: 8 additions & 0 deletions .github/workflows/prerelease.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,13 @@ jobs:
is_pr: ${{ github.event_name == 'pull_request' }}
is_automated: ${{ github.actor == 'dependabot[bot]' }}

build_provider:
uses: ./.github/workflows/build_provider.yml
needs: prerequisites
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}

build_sdk:
name: build_sdk
needs: prerequisites
Expand All @@ -47,6 +54,7 @@ jobs:
name: publish
needs:
- prerequisites
- build_provider
- test
- license_check
- go_test_shim
Expand Down
7 changes: 7 additions & 0 deletions .github/workflows/prerequisites.yml
Original file line number Diff line number Diff line change
Expand Up @@ -104,3 +104,10 @@ jobs:
- name: Upload bin
uses: ./.github/actions/upload-bin

- name: Upload schema-embed.json
uses: actions/upload-artifact@v4
with:
name: schema-embed.json
path: provider/cmd/pulumi-resource-aws/schema-embed.json
retention-days: 30
60 changes: 36 additions & 24 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,21 +48,14 @@ jobs:
- name: Validate skipGoSdk
if: inputs.skipGoSdk && inputs.isPrerelease == false
run: echo "Can't skip Go SDK for stable releases. This is likely a bug in the calling workflow." && exit 1
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@v1.3.1
with:
# this might remove tools that are actually needed,
# if set to "true" but frees about 6 GB
tool-cache: false
swap-storage: false
- name: Checkout Repo
uses: actions/checkout@v4
with:
submodules: true
- name: Setup tools
uses: ./.github/actions/setup-tools
with:
tools: pulumictl, pulumicli, go
tools: pulumictl, pulumicli, go, schema-tools
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
Expand All @@ -73,25 +66,44 @@ jobs:
role-external-id: upload-pulumi-release
role-session-name: aws@githubActions
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
- name: Run GoReleaser
- name: Create dist directory
run: mkdir -p dist
- name: Download provider assets
uses: actions/download-artifact@v4
with:
pattern: pulumi-resource-aws-v${{ inputs.version }}-*
path: dist
# Don't create a directory for each artifact
merge-multiple: true
- name: Calculate checksums
working-directory: dist
run: shasum ./*.tar.gz > pulumi-aws_${{ inputs.version }}_checksums.txt
- name: Get Schema Change Summary
id: schema-summary
shell: bash
run: |
# Get latest stable release. Return only first column from result (tag).
LAST_VERSION=$(gh release view --repo pulumi/pulumi-aws --json tagName -q .tagName)
{
echo 'summary<<EOF'
schema-tools compare --provider="aws" --old-commit="$LAST_VERSION" --new-commit="--local-path=provider/cmd/pulumi-resource-aws/schema.json"
echo 'EOF'
} >> "$GITHUB_OUTPUT"
- name: Upload Provider Binaries
run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive
- name: Create GH Release
uses: softprops/action-gh-release@v1
if: inputs.isPrerelease == false
uses: goreleaser/goreleaser-action@v5
env:
GORELEASER_CURRENT_TAG: v${{ inputs.version }}
PROVIDER_VERSION: ${{ inputs.version }}
with:
args: -p 1 release --rm-dist --timeout 150m0s
version: latest
- name: Run GoReleaser (prerelease)
if: inputs.isPrerelease == true
uses: goreleaser/goreleaser-action@v5
tag_name: v${{ inputs.version }}
prerelease: ${{ inputs.isPrerelease }}
# We keep pre-releases as drafts so they're not visible until we manually publish them.
draft: ${{ inputs.isPrerelease }}
body: ${{ steps.schema-summary.outputs.summary }}
generate_release_notes: true
files: dist/*
env:
GORELEASER_CURRENT_TAG: v${{ inputs.version }}
PROVIDER_VERSION: ${{ inputs.version }}
with:
args: -p 1 -f .goreleaser.prerelease.yml --rm-dist --skip-validate --timeout
150m0s
version: latest
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}

publish_sdk:
name: publish_sdk
Expand Down
8 changes: 8 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,13 @@ jobs:
is_pr: ${{ github.event_name == 'pull_request' }}
is_automated: ${{ github.actor == 'dependabot[bot]' }}

build_provider:
uses: ./.github/workflows/build_provider.yml
needs: prerequisites
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}

build_sdk:
name: build_sdk
needs: prerequisites
Expand All @@ -46,6 +53,7 @@ jobs:
name: publish
needs:
- prerequisites
- build_provider
- test
- license_check
- go_test_shim
Expand Down
8 changes: 8 additions & 0 deletions .github/workflows/run-acceptance-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,13 @@ jobs:
is_pr: ${{ github.event_name == 'pull_request' }}
is_automated: ${{ github.actor == 'dependabot[bot]' }}

build_provider:
uses: ./.github/workflows/build_provider.yml
needs: prerequisites
secrets: inherit
with:
version: ${{ needs.prerequisites.outputs.version }}

build_sdk:
if: github.event_name == 'repository_dispatch' ||
github.event.pull_request.head.repo.full_name == github.repository
Expand Down Expand Up @@ -68,6 +75,7 @@ jobs:
github.event.pull_request.head.repo.full_name == github.repository
needs:
- test
- build_provider
- license_check
- go_test_shim
- provider_test
Expand Down
54 changes: 49 additions & 5 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,11 @@ PROVIDER_VERSION ?= 6.0.0-alpha.0+dev
# Use this normalised version everywhere rather than the raw input to ensure consistency.
VERSION_GENERIC = $(shell pulumictl convert-version --language generic --version "$(PROVIDER_VERSION)")

LDFLAGS_PROJ_VERSION=-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC) -X github.com/hashicorp/terraform-provider-aws/version.ProviderVersion=$(VERSION_GENERIC)
LDFLAGS_UPSTREAM_VERSION=-X github.com/hashicorp/terraform-provider-aws/version.ProviderVersion=v$(VERSION_GENERIC)
LDFLAGS_EXTRAS=
LDFLAGS=$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_UPSTREAM_VERSION) $(LDFLAGS_EXTRAS)

development: install_plugins provider build_sdks install_sdks

build: install_plugins provider build_sdks install_sdks
Expand Down Expand Up @@ -136,7 +141,7 @@ lint_provider.fix:
# `cmd/pulumi-resource-aws/schema.json` is valid and up to date.
# To create a release ready binary, you should use `make provider`.
provider_no_deps:
(cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC) -X github.com/hashicorp/terraform-provider-aws/version.ProviderVersion=$(VERSION_GENERIC)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER))
(cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(PROVIDER) -ldflags "$(LDFLAGS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER))

provider: tfgen provider_no_deps

Expand All @@ -163,11 +168,11 @@ tfgen_no_deps: tfgen_build_only
(cd provider && VERSION=$(VERSION_GENERIC) go generate cmd/$(PROVIDER)/main.go)

tfgen_build_only:
(cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(TFGEN) -ldflags "-X $(PROJECT)/$(VERSION_PATH)=$(VERSION_GENERIC)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(TFGEN))
(cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(TFGEN) -ldflags "$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_EXTRAS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(TFGEN))

upstream:
ifneq ("$(wildcard upstream)","")
scripts/upstream.sh "$@" apply
./upstream.sh init
endif

# Ensure tool is installed
Expand All @@ -176,10 +181,12 @@ endif
cd upstream-tools && yarn --silent run apply

upstream.finalize:
scripts/upstream.sh "$@" end_rebase
echo "Deprecated: Use `./upstream.sh format_patches` instead"
scripts/upstream_old.sh "$@" end_rebase

upstream.rebase:
scripts/upstream.sh "$@" start_rebase
echo "Deprecated: Use `./upstream.sh checkout` and `./upstream.sh rebase` instead"
scripts/upstream_old.sh "$@" start_rebase

bin/pulumi-java-gen: .pulumi-java-gen.version
pulumictl download-binary -n pulumi-language-java -v v$(shell cat .pulumi-java-gen.version) -r pulumi/pulumi-java
Expand Down Expand Up @@ -210,3 +217,40 @@ debug_tfgen:
dlv --listen=:2345 --headless=true --api-version=2 exec $(WORKING_DIR)/bin/$(TFGEN) -- schema --out provider/cmd/$(PROVIDER)

.PHONY: development build build_sdks install_go_sdk install_java_sdk install_python_sdk install_sdks only_build build_dotnet build_go build_java build_nodejs build_python clean cleanup help install_dotnet_sdk install_nodejs_sdk install_plugins lint_provider provider provider_no_deps test tfgen upstream upstream.finalize upstream.rebase ci-mgmt test_provider debug_tfgen tfgen_build_only

# Provider cross-platform build & packaging

# These targets assume that the schema-embed.json exists - it's generated by tfgen.
# We disable CGO to ensure that the binary is statically linked.
bin/linux-amd64/$(PROVIDER): TARGET := linux-amd64
bin/linux-arm64/$(PROVIDER): TARGET := linux-arm64
bin/darwin-amd64/$(PROVIDER): TARGET := darwin-amd64
bin/darwin-arm64/$(PROVIDER): TARGET := darwin-arm64
bin/windows-amd64/$(PROVIDER).exe: TARGET := windows-amd64
bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe:
@# check the TARGET is set
test $(TARGET)
cd provider && \
export GOOS=$$(echo "$(TARGET)" | cut -d "-" -f 1) && \
export GOARCH=$$(echo "$(TARGET)" | cut -d "-" -f 2) && \
export CGO_ENABLED=0 && \
go build -o "${WORKING_DIR}/$@" $(PULUMI_PROVIDER_BUILD_PARALLELISM) -ldflags "$(LDFLAGS)" "$(PROJECT)/$(PROVIDER_PATH)/cmd/$(PROVIDER)"

bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER)
bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER)
bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER)
bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER)
bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe
bin/$(PROVIDER)-v$(VERSION_GENERIC)-%.tar.gz:
@mkdir -p dist
@# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz
@# $@ is the current target e.g. bin/pulumi-resource-xyz-v1.2.3-linux-amd64.tar.gz
tar --gzip -cf $@ README.md LICENSE -C $$(dirname $<) .

provider_dist-linux-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-amd64.tar.gz
provider_dist-linux-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-linux-arm64.tar.gz
provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-amd64.tar.gz
provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-darwin-arm64.tar.gz
provider_dist-windows-amd64: bin/$(PROVIDER)-v$(VERSION_GENERIC)-windows-amd64.tar.gz
provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64
.PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist
2 changes: 1 addition & 1 deletion provider/resources.go
Original file line number Diff line number Diff line change
Expand Up @@ -4214,7 +4214,7 @@ compatibility shim in favor of the new "name" field.`)
"aws_networkfirewall_tls_inspection_configuration": {
Tok: awsResource(networkFirewallMod, "TlsInspectionConfiguration"),
Fields: map[string]*info.Schema{
"tls_inspection_configuration": &info.Schema{
"tls_inspection_configuration": {
CSharpName: "TlsInspectionConfig",
},
},
Expand Down
Loading

0 comments on commit 25aee6c

Please sign in to comment.