From b295833c7972d19d5ae96e32e698e582213fef0e Mon Sep 17 00:00:00 2001 From: Pulumi Bot Date: Sat, 21 Dec 2024 05:03:48 +0000 Subject: [PATCH] [internal] Update GitHub Actions workflow files --- .github/workflows/build.yml | 182 +++++++------------ .github/workflows/command-dispatch.yml | 4 +- .github/workflows/nightly-sdk-generation.yml | 12 +- .github/workflows/prerelease.yml | 154 ++++++++-------- .github/workflows/pull-request.yml | 6 +- .github/workflows/release.yml | 156 ++++++++-------- .github/workflows/run-acceptance-tests.yml | 93 +++++----- .github/workflows/weekly-pulumi-update.yml | 14 +- .goreleaser.prerelease.yml | 2 + .goreleaser.yml | 2 + 10 files changed, 290 insertions(+), 335 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f136dcba9f..b62d08eba6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -53,28 +53,28 @@ jobs: name: prerequisites steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/schema-tools - name: Initialize submodules @@ -95,16 +95,16 @@ jobs: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - if: github.event_name == 'pull_request' name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1 with: message: | ${{ env.SCHEMA_CHANGES }} - comment_tag: schemaCheck - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + comment-tag: schemaCheck + github-token: ${{ secrets.GITHUB_TOKEN }} - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && github.actor == 'pulumi-bot' name: Add label if no breaking changes - uses: actions-ecosystem/action-add-labels@v1.1.0 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: labels: impact/no-changelog-required number: ${{ github.event.issue.number }} @@ -112,7 +112,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -126,19 +126,19 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz - name: Test Provider Library run: make test_provider - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in building provider prerequisites fields: repo,commit,author,action @@ -158,50 +158,50 @@ jobs: name: build_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -218,7 +218,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -230,14 +230,14 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz retention-days: 30 - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure while building SDKs fields: repo,commit,author,action @@ -261,50 +261,50 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -315,7 +315,7 @@ jobs: run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; - name: Download SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -334,7 +334,7 @@ jobs: - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7 with: workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ @@ -342,7 +342,7 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2 with: install_components: gke-gcloud-auth-plugin - name: Install gotestfmt @@ -357,7 +357,7 @@ jobs: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in SDK tests fields: repo,commit,author,action @@ -368,21 +368,21 @@ jobs: name: publish steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Clear GitHub Actions Ubuntu runner disk space - uses: jlumbroso/free-disk-space@v1.3.1 + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: tool-cache: false dotnet: false @@ -391,13 +391,13 @@ jobs: swap-storage: true large-packages: false - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -407,7 +407,7 @@ jobs: role-external-id: upload-pulumi-release role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0 env: GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }} with: @@ -415,7 +415,7 @@ jobs: version: latest - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing binaries fields: repo,commit,author,action @@ -426,46 +426,46 @@ jobs: name: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Checkout Scripts Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: path: ci-scripts repository: pulumi/scripts - run: echo "ci-scripts" >> .git/info/exclude - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Download python SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: python-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -473,7 +473,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python - name: Download dotnet SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: dotnet-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -481,7 +481,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet - name: Download nodejs SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: nodejs-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -497,60 +497,8 @@ jobs: PYPI_PUBLISH_ARTIFACTS: all - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing SDK fields: repo,commit,author,action status: ${{ job.status }} - publish_java_sdk: - runs-on: ubuntu-latest - continue-on-error: true - needs: publish - name: publish_java_sdk - steps: - - name: Checkout Repo - uses: actions/checkout@v4 - with: - lfs: true - - id: version - name: Set Provider Version - uses: pulumi/provider-version-action@v1 - with: - set-env: PROVIDER_VERSION - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: ${{ env.GOVERSION }} - cache-dependency-path: "**/*.sum" - - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 - with: - repo: pulumi/pulumictl - - name: Install Pulumi CLI - uses: pulumi/actions@v5 - - name: Setup Java - uses: actions/setup-java@v4 - with: - java-version: ${{ env.JAVAVERSION }} - distribution: temurin - cache: gradle - - name: Setup Gradle - uses: gradle/gradle-build-action@v3 - with: - gradle-version: "7.6" - - name: Download java SDK - uses: actions/download-artifact@v4 - with: - name: java-sdk.tar.gz - path: ${{ github.workspace}}/sdk/ - - name: Uncompress java SDK - run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C - ${{github.workspace}}/sdk/java - - name: Publish Java SDK - uses: gradle/gradle-build-action@v3 - env: - PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }} - with: - arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository - build-root-directory: ./sdk/java - gradle-version: 7.4.1 diff --git a/.github/workflows/command-dispatch.yml b/.github/workflows/command-dispatch.yml index 96d4a7870d..9e9182bd0e 100644 --- a/.github/workflows/command-dispatch.yml +++ b/.github/workflows/command-dispatch.yml @@ -45,10 +45,10 @@ jobs: name: command-dispatch-for-testing steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - - uses: peter-evans/slash-command-dispatch@v2 + - uses: peter-evans/slash-command-dispatch@13bc09769d122a64f75aa5037256f6f2d78be8c4 # v4.0.0 with: token: ${{ secrets.PULUMI_BOT_TOKEN }} reaction-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/nightly-sdk-generation.yml b/.github/workflows/nightly-sdk-generation.yml index d6df91d90c..4e610bc036 100644 --- a/.github/workflows/nightly-sdk-generation.yml +++ b/.github/workflows/nightly-sdk-generation.yml @@ -44,20 +44,20 @@ jobs: name: generate-sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.21.x cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Cleanup SDK Folder run: make clean - name: Preparing Git Branch @@ -93,7 +93,7 @@ jobs: git push origin generate-sdk/${{ github.run_id }}-${{ github.run_number }} - name: Create PR id: create-pr - uses: repo-sync/pull-request@v2.6.2 + uses: repo-sync/pull-request@7e79a9f5dc3ad0ce53138f01df2fad14a04831c5 # v2.12.1 with: destination_branch: master github_token: ${{ secrets.PULUMI_BOT_TOKEN }} @@ -103,7 +103,7 @@ jobs: source_branch: generate-sdk/${{ github.run_id }}-${{ github.run_number }} - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure during automated SDK generation fields: repo,commit,author,action diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index 21d55f61b0..4739704e0f 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -45,28 +45,28 @@ jobs: name: prerequisites steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/schema-tools - name: Initialize submodules @@ -87,16 +87,16 @@ jobs: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - if: github.event_name == 'pull_request' name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1 with: message: | ${{ env.SCHEMA_CHANGES }} - comment_tag: schemaCheck - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + comment-tag: schemaCheck + github-token: ${{ secrets.GITHUB_TOKEN }} - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && github.actor == 'pulumi-bot' name: Add label if no breaking changes - uses: actions-ecosystem/action-add-labels@v1.1.0 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: labels: impact/no-changelog-required number: ${{ github.event.issue.number }} @@ -104,7 +104,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -118,19 +118,19 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz - name: Test Provider Library run: make test_provider - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in building provider prerequisites fields: repo,commit,author,action @@ -150,50 +150,50 @@ jobs: name: build_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -210,7 +210,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -222,13 +222,13 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure while building SDKs fields: repo,commit,author,action @@ -252,50 +252,50 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -306,7 +306,7 @@ jobs: run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; - name: Download SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -325,7 +325,7 @@ jobs: - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7 with: workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ @@ -333,7 +333,7 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2 with: install_components: gke-gcloud-auth-plugin - name: Install gotestfmt @@ -348,7 +348,7 @@ jobs: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in SDK tests fields: repo,commit,author,action @@ -359,21 +359,21 @@ jobs: name: publish steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Clear GitHub Actions Ubuntu runner disk space - uses: jlumbroso/free-disk-space@v1.3.1 + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: tool-cache: false dotnet: false @@ -382,13 +382,13 @@ jobs: swap-storage: true large-packages: false - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -398,7 +398,7 @@ jobs: role-external-id: upload-pulumi-release role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0 env: GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }} with: @@ -406,7 +406,7 @@ jobs: version: latest - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing binaries fields: repo,commit,author,action @@ -417,46 +417,46 @@ jobs: name: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Checkout Scripts Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: path: ci-scripts repository: pulumi/scripts - run: echo "ci-scripts" >> .git/info/exclude - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Download python SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: python-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -464,7 +464,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python - name: Download dotnet SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: dotnet-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -472,7 +472,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet - name: Download nodejs SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: nodejs-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -488,7 +488,7 @@ jobs: PYPI_PUBLISH_ARTIFACTS: all - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing SDK fields: repo,commit,author,action @@ -500,37 +500,37 @@ jobs: name: publish_java_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download java SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: java-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -538,7 +538,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C ${{github.workspace}}/sdk/java - name: Publish Java SDK - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 env: PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }} with: @@ -551,16 +551,16 @@ jobs: needs: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Download go SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: go-sdk.tar.gz path: ${{ github.workspace}}/sdk/ diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index ff21334182..25d1a3021d 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -42,15 +42,15 @@ jobs: name: comment-on-pr steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - name: Comment PR - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1 with: message: > PR is now waiting for a maintainer to run the acceptance tests. **Note for the maintainer:** To run the acceptance tests, please comment */run-acceptance-tests* on the PR - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + github-token: ${{ secrets.GITHUB_TOKEN }} if: github.event.pull_request.head.repo.full_name != github.repository diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bb2e131fad..733279124c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -45,28 +45,28 @@ jobs: name: prerequisites steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/schema-tools - name: Initialize submodules @@ -87,16 +87,16 @@ jobs: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - if: github.event_name == 'pull_request' name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1 with: message: | ${{ env.SCHEMA_CHANGES }} - comment_tag: schemaCheck - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + comment-tag: schemaCheck + github-token: ${{ secrets.GITHUB_TOKEN }} - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && github.actor == 'pulumi-bot' name: Add label if no breaking changes - uses: actions-ecosystem/action-add-labels@v1.1.0 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: labels: impact/no-changelog-required number: ${{ github.event.issue.number }} @@ -104,7 +104,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -118,19 +118,19 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz - name: Test Provider Library run: make test_provider - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in building provider prerequisites fields: repo,commit,author,action @@ -150,50 +150,50 @@ jobs: name: build_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -210,7 +210,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -222,13 +222,13 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure while building SDKs fields: repo,commit,author,action @@ -252,50 +252,50 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -306,7 +306,7 @@ jobs: run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; - name: Download SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -325,7 +325,7 @@ jobs: - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7 with: workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ @@ -333,7 +333,7 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2 with: install_components: gke-gcloud-auth-plugin - name: Install gotestfmt @@ -348,7 +348,7 @@ jobs: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in SDK tests fields: repo,commit,author,action @@ -359,21 +359,21 @@ jobs: name: publish steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Clear GitHub Actions Ubuntu runner disk space - uses: jlumbroso/free-disk-space@v1.3.1 + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: tool-cache: false dotnet: false @@ -382,13 +382,13 @@ jobs: swap-storage: true large-packages: false - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -398,7 +398,7 @@ jobs: role-external-id: upload-pulumi-release role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v5 + uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0 env: GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }} with: @@ -406,7 +406,7 @@ jobs: version: latest - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing binaries fields: repo,commit,author,action @@ -417,46 +417,46 @@ jobs: name: publish_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Checkout Scripts Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: path: ci-scripts repository: pulumi/scripts - run: echo "ci-scripts" >> .git/info/exclude - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Download python SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: python-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -464,7 +464,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python - name: Download dotnet SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: dotnet-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -472,7 +472,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet - name: Download nodejs SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: nodejs-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -488,7 +488,7 @@ jobs: PYPI_PUBLISH_ARTIFACTS: all - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in publishing SDK fields: repo,commit,author,action @@ -500,37 +500,37 @@ jobs: name: publish_java_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download java SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: java-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -538,7 +538,7 @@ jobs: run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C ${{github.workspace}}/sdk/java - name: Publish Java SDK - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 env: PACKAGE_VERSION: ${{ env.PROVIDER_VERSION }} with: @@ -551,16 +551,16 @@ jobs: needs: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Download go SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: go-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -585,7 +585,7 @@ jobs: needs: publish_go_sdk steps: - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Dispatch Event diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 901e48ab71..3ebb05ef54 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -54,7 +54,7 @@ jobs: run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID >> "$GITHUB_OUTPUT" - name: Update with Result - uses: peter-evans/create-or-update-comment@v1 + uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 with: token: ${{ secrets.PULUMI_BOT_TOKEN }} repository: ${{ github.event.client_payload.github.payload.repository.full_name }} @@ -66,29 +66,29 @@ jobs: name: prerequisites steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true ref: ${{ env.PR_COMMIT_SHA }} - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - if: github.event_name == 'pull_request' name: Install Schema Tools - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/schema-tools - name: Initialize submodules @@ -109,16 +109,16 @@ jobs: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} - if: github.event_name == 'pull_request' name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@v2 + uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1 with: message: | ${{ env.SCHEMA_CHANGES }} - comment_tag: schemaCheck - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + comment-tag: schemaCheck + github-token: ${{ secrets.GITHUB_TOKEN }} - if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') && github.actor == 'pulumi-bot' name: Add label if no breaking changes - uses: actions-ecosystem/action-add-labels@v1.1.0 + uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3 with: labels: impact/no-changelog-required number: ${{ github.event.issue.number }} @@ -126,7 +126,7 @@ jobs: - name: Build Provider run: make provider - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -140,19 +140,19 @@ jobs: github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }} pulumi-gen-${{ env.PROVIDER}} - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin/provider.tar.gz - name: Test Provider Library run: make test_provider - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in building provider prerequisites fields: repo,commit,author,action @@ -174,51 +174,51 @@ jobs: name: build_sdks steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true ref: ${{ env.PR_COMMIT_SHA }} - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -235,7 +235,7 @@ jobs: - name: Build SDK run: make build_${{ matrix.language }} - name: Check worktree clean - uses: pulumi/git-status-check-action@v1 + uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1 with: allowed-changes: |- sdk/**/pulumi-plugin.json @@ -247,14 +247,14 @@ jobs: - name: Tar SDK folder run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} . - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz retention-days: 30 - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure while building SDKs fields: repo,commit,author,action @@ -280,51 +280,51 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true ref: ${{ env.PR_COMMIT_SHA }} - id: version name: Set Provider Version - uses: pulumi/provider-version-action@v1 + uses: pulumi/provider-version-action@0391d47b9b0d865d33dd0a295b1fcf9f7021dd4c # v1.5.3 with: set-env: PROVIDER_VERSION - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Setup Java - uses: actions/setup-java@v4 + uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 with: java-version: ${{ env.JAVAVERSION }} distribution: temurin cache: gradle - name: Setup Gradle - uses: gradle/gradle-build-action@v3 + uses: gradle/gradle-build-action@ac2d340dc04d9e1113182899e983b5400c17cda1 # v3.5.0 with: gradle-version: "7.6" - name: Download provider + tfgen binaries - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: pulumi-${{ env.PROVIDER }}-provider.tar.gz path: ${{ github.workspace }}/bin @@ -335,7 +335,7 @@ jobs: run: find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print -exec chmod +x {} \; - name: Download SDK - uses: actions/download-artifact@v4 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ matrix.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ @@ -354,7 +354,7 @@ jobs: - name: Install dependencies run: make install_${{ matrix.language}}_sdk - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7 with: workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ @@ -362,7 +362,7 @@ jobs: env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v2 + uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2 with: install_components: gke-gcloud-auth-plugin - name: Install gotestfmt @@ -377,7 +377,7 @@ jobs: cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - if: failure() && github.event_name == 'push' name: Notify Slack - uses: 8398a7/action-slack@v3 + uses: 8398a7/action-slack@28ba43ae48961b90635b50953d216767a6bea486 # v3.16.2 with: author_name: Failure in SDK tests fields: repo,commit,author,action @@ -389,14 +389,17 @@ jobs: name: sentinel steps: - name: Mark workflow as successful - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 + uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 # v1.1.13 with: authToken: ${{ secrets.GITHUB_TOKEN }} context: Sentinel state: success description: Sentinel checks passed sha: ${{ github.event.pull_request.head.sha || github.sha }} + permissions: + statuses: write if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository needs: - test + - prerequisites diff --git a/.github/workflows/weekly-pulumi-update.yml b/.github/workflows/weekly-pulumi-update.yml index e36e73734f..3d10f721aa 100644 --- a/.github/workflows/weekly-pulumi-update.yml +++ b/.github/workflows/weekly-pulumi-update.yml @@ -43,31 +43,31 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: ${{ env.GOVERSION }} cache-dependency-path: "**/*.sum" - name: Install pulumictl - uses: jaxxstorm/action-install-gh-release@v1.11.0 + uses: jaxxstorm/action-install-gh-release@cd6b2b78ad38bdd294341cda064ec0692b06215b # v1.14.0 with: repo: pulumi/pulumictl - name: Install Pulumi CLI - uses: pulumi/actions@v5 + uses: pulumi/actions@c7fad9e2f0b79653172b36538b8b34b3c0291952 # v6.0.0 - name: Setup DotNet - uses: actions/setup-dotnet@v4 + uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 with: dotnet-version: ${{ env.DOTNETVERSION }} - name: Setup Node - uses: actions/setup-node@v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 with: node-version: ${{ env.NODEVERSION }} registry-url: https://registry.npmjs.org - name: Setup Python - uses: actions/setup-python@v5 + uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 with: python-version: ${{ env.PYTHONVERSION }} - name: Update Pulumi/Pulumi diff --git a/.goreleaser.prerelease.yml b/.goreleaser.prerelease.yml index 3021757283..2b22bceef3 100644 --- a/.goreleaser.prerelease.yml +++ b/.goreleaser.prerelease.yml @@ -21,6 +21,8 @@ builds: ignore: [] main: ./cmd/pulumi-resource-google-native/ ldflags: + - -s + - -w - -X github.com/pulumi/pulumi-google-native/provider/pkg/version.Version={{.Tag}} binary: pulumi-resource-google-native diff --git a/.goreleaser.yml b/.goreleaser.yml index 58f0c2364a..516b20f074 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -21,6 +21,8 @@ builds: ignore: [] main: ./cmd/pulumi-resource-google-native/ ldflags: + - -s + - -w - -X github.com/pulumi/pulumi-google-native/provider/pkg/version.Version={{.Tag}} binary: pulumi-resource-google-native