From 15898239b5b8fa32c825cc79af992c72a1866ba9 Mon Sep 17 00:00:00 2001 From: Christian Nunciato Date: Wed, 3 Jul 2024 10:30:18 -0700 Subject: [PATCH] Some workflow fixes --- .github/workflows/build-metadata.yml | 2 +- ...mand_dispatch.yml => command-dispatch.yml} | 6 +- .github/workflows/cron.yml | 129 ---------------- .github/workflows/pr.yml | 4 +- .github/workflows/run-templates-command.yml | 146 ------------------ .../workflows/{ci.yml => test-templates.yml} | 129 ++++++++++------ .github/workflows/update-templates.yml | 2 +- 7 files changed, 89 insertions(+), 329 deletions(-) rename .github/workflows/{command_dispatch.yml => command-dispatch.yml} (85%) delete mode 100644 .github/workflows/cron.yml delete mode 100644 .github/workflows/run-templates-command.yml rename .github/workflows/{ci.yml => test-templates.yml} (67%) diff --git a/.github/workflows/build-metadata.yml b/.github/workflows/build-metadata.yml index 0a7bb0d3f..a39985e86 100644 --- a/.github/workflows/build-metadata.yml +++ b/.github/workflows/build-metadata.yml @@ -1,4 +1,4 @@ -name: Build Template Metadata +name: Build template metadata on: push: branches: diff --git a/.github/workflows/command_dispatch.yml b/.github/workflows/command-dispatch.yml similarity index 85% rename from .github/workflows/command_dispatch.yml rename to .github/workflows/command-dispatch.yml index 41b9e2c13..704574b61 100644 --- a/.github/workflows/command_dispatch.yml +++ b/.github/workflows/command-dispatch.yml @@ -1,7 +1,9 @@ -name: Command Dispatch for testing +name: Commmand dispatch for testing on: issue_comment: - types: [created, edited] + types: + - created + - edited jobs: command-dispatch-for-testing: diff --git a/.github/workflows/cron.yml b/.github/workflows/cron.yml deleted file mode 100644 index 29c41660b..000000000 --- a/.github/workflows/cron.yml +++ /dev/null @@ -1,129 +0,0 @@ -name: Run Template Tests Against Pulumi CLI -on: - schedule: - - cron: '0 8 * * *' - workflow_dispatch: {} - -env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - PULUMI_TEST_OWNER: "moolumi" - PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} - AWS_REGION: "us-west-2" - GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com - GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci - GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci - GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 - LINODE_TOKEN: ${{ secrets.LINODE_TOKEN }} - SKIPPED_TESTS: "alicloud,digitalocean,kubernetes,openstack,equinix-metal,civo,aiven,auth0,github,oci,java-jbang,java-gradle,azuredevops,vm-azure" - PULUMI_API: https://api.pulumi-staging.io - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} - AZURE_LOCATION: westus - TESTPARALLELISM: 10 - PULUMI_TEMPLATE_LOCATION: ${{ github.workspace}} -jobs: - build: - name: Build - strategy: - fail-fast: false - matrix: - platform: [ubuntu-latest, macOS-latest, windows-8core-2022] - go-version: [1.21.x] - node-version: [18.x] - python-version: [3.8] - dotnet: [6.0.x] - pulumi-version: - - dev - runs-on: ${{ matrix.platform }} - permissions: - contents: read - id-token: write - steps: - - name: Install Java 11 (temurin) - uses: actions/setup-java@v3 - with: - distribution: 'temurin' - java-version: '11' - - name: Install DotNet ${{ matrix.dotnet }} - uses: actions/setup-dotnet@v3 - with: - dotnet-version: ${{ matrix.dotnet }} - - if: contains(matrix.platform, 'ubuntu') || contains(matrix.platform, 'windows') - name: DotNet clean on windows and ubuntu - run: | - dotnet nuget locals all --clear - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - name: Set up Go ${{ matrix.go-version }} - uses: actions/setup-go@v3 - with: - go-version: ${{ matrix.go-version }} - - name: Install Pulumi CLI - uses: pulumi/actions@v5 - with: - pulumi-version: ${{ matrix.pulumi-version }} - - run: echo "Currently Pulumi $(pulumi version) is installed" - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - name: Install Python Deps - run: | - pip3 install pyenv-win - pip3 install pipenv - - name: Check out code into the Go module directory - uses: actions/checkout@v3 - - name: Unshallow clone for tags - run: git fetch --prune --unshallow --tags - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 14400 # 4 hours - role-session-name: templates@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 - with: - workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v0 - with: - install_components: gke-gcloud-auth-plugin - - name: Install gotestfmt - uses: jaxxstorm/action-install-gh-release@v1.11.0 - with: - repo: gotesttools/gotestfmt - - name: Get dependencies - run: make ensure - - if: contains(matrix.platform, 'windows') - name: Running Windows tests - shell: bash - run: | - set -euo pipefail - cd tests && go test -v -json -count=1 -cover -timeout 6h -parallel ${{ env.TESTPARALLELISM }} . 2>&1 | gotestfmt - env: - PULUMI_PYTHON_CMD: python - TESTPARALLELISM: 3 - SKIPPED_TESTS: "alicloud,digitalocean,kubernetes,openstack,equinix-metal,civo,aiven,auth0,github,oci,java-jbang,java-gradle,azuredevops,container,vm-azure,fsharp,gcp-visualbasic,azure-classic-visualbasic" - - if: contains(matrix.platform, 'macOS') || contains(matrix.platform, 'ubuntu') - name: Running non-Windows tests - run: | - set -euo pipefail - cd tests && go test -v -json -count=1 -cover -timeout 6h -parallel ${{ env.TESTPARALLELISM }} . 2>&1 | gotestfmt - - if: 'failure()' - name: Notify Slack - uses: 8398a7/action-slack@v3 - with: - author_name: Failure in ${{ matrix.platform }} template Tests - fields: repo,commit,author,action - status: ${{ job.status }} diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index f3abe2730..1838911a5 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -1,5 +1,5 @@ -name: New Pull request Open -"on": +name: New pull request +on: pull_request_target: {} jobs: diff --git a/.github/workflows/run-templates-command.yml b/.github/workflows/run-templates-command.yml deleted file mode 100644 index a1bf1344b..000000000 --- a/.github/workflows/run-templates-command.yml +++ /dev/null @@ -1,146 +0,0 @@ -name: Run Tests on a PR of the Templates repo -on: - pull_request: - branches: - - master - repository_dispatch: - types: [run-templates-command] - -env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - PULUMI_TEST_OWNER: "moolumi" - PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} - AWS_REGION: "us-west-2" - GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: pulumi-ci@pulumi-ci-gcp-provider.iam.gserviceaccount.com - GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci - GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci - GOOGLE_PROJECT: pulumi-ci-gcp-provider - GOOGLE_PROJECT_NUMBER: 895284651812 - LINODE_TOKEN: ${{ secrets.LINODE_TOKEN }} - SKIPPED_TESTS: "alicloud,digitalocean,kubernetes,openstack,equinix-metal,civo,aiven,auth0,github,oci,java-jbang,java-gradle,azuredevops,vm-azure-yaml" - PULUMI_API: https://api.pulumi-staging.io - ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} - ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} - AZURE_LOCATION: westus - TESTPARALLELISM: 10 - PULUMI_TEMPLATE_LOCATION: ${{ github.workspace}} -jobs: - sentinel: - if: github.event_name == 'repository_dispatch' || - github.event.pull_request.head.repo.full_name == github.repository - name: sentinel - needs: - - test - runs-on: ubuntu-latest - steps: - - name: Is workflow a success - run: echo yes - test: - if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository - strategy: - fail-fast: false - matrix: - platform: [ubuntu-latest, macOS-latest, windows-8core-2022] - go-version: [1.21.x] - node-version: [18.x] - python-version: [3.8] - dotnet: [6.0.x] - runs-on: ${{ matrix.platform }} - permissions: - contents: read - id-token: write - steps: - - name: Install Java 11 (temurin) - uses: actions/setup-java@v3 - with: - distribution: 'temurin' - java-version: '11' - - name: Install DotNet ${{ matrix.dotnet }} - uses: actions/setup-dotnet@v3 - with: - dotnet-version: ${{ matrix.dotnet }} - - if: contains(matrix.platform, 'ubuntu') || contains(matrix.platform, 'windows') - name: DotNet clean on windows and ubuntu - run: | - dotnet nuget locals all --clear - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 - with: - node-version: ${{ matrix.node-version }} - - name: Set up Go ${{ matrix.go-version }} - uses: actions/setup-go@v3 - with: - go-version: ${{ matrix.go-version }} - - run: go env - - name: Install Pulumi CLI - uses: pulumi/actions@v5 - with: - pulumi-version: dev - - run: pulumi version - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - name: Install Python Deps - run: | - pip3 install pyenv-win - pip3 install pipenv - - name: Check out code into the Go module directory - uses: actions/checkout@v3 - with: - token: ${{ secrets.REPO_ACCESS_TOKEN }} - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - - name: Unshallow clone for tags - run: git fetch --prune --unshallow --tags - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 14400 # 4 hours - role-session-name: templates@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 - with: - workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} - service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v0 - with: - install_components: gke-gcloud-auth-plugin - - name: Install gotestfmt - uses: jaxxstorm/action-install-gh-release@v1.11.0 - with: - repo: gotesttools/gotestfmt - - name: Get dependencies - run: make ensure - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@main - with: - tool-cache: false - swap-storage: false - - if: contains(matrix.platform, 'windows') - name: Running Windows tests - shell: bash - run: | - set -euo pipefail - cd tests && go test -v -json -count=1 -cover -timeout 6h -parallel ${{ env.TESTPARALLELISM }} . 2>&1 | gotestfmt - env: - PULUMI_PYTHON_CMD: python - TESTPARALLELISM: 3 - SKIPPED_TESTS: "alicloud,digitalocean,kubernetes,openstack,equinix-metal,civo,aiven,auth0,github,oci,java-jbang,java-gradle,azuredevops,container,vm-azure-yaml,fsharp,gcp-visualbasic,azure-classic-visualbasic" - - if: contains(matrix.platform, 'macOS') - name: Running macOS tests - run: | - set -euo pipefail - cd tests && go test -v -json -count=1 -cover -timeout 6h -parallel ${{ env.TESTPARALLELISM }} . 2>&1 | gotestfmt - - if: contains(matrix.platform, 'ubuntu') - name: Running Linux tests - run: | - set -euo pipefail - cd tests && go test -v -json -count=1 -cover -timeout 6h -parallel ${{ env.TESTPARALLELISM }} . 2>&1 | gotestfmt diff --git a/.github/workflows/ci.yml b/.github/workflows/test-templates.yml similarity index 67% rename from .github/workflows/ci.yml rename to .github/workflows/test-templates.yml index e6eb583a2..4ad8662cb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/test-templates.yml @@ -1,12 +1,18 @@ -name: Run Template Tests on Push or as Part of a Release +name: Test templates on: push: branches: - master - workflow_dispatch: {} + pull_request: + branches: + - master + schedule: + - cron: '0 8 * * *' repository_dispatch: types: - trigger-cron + - run-templates-command + workflow_dispatch: {} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -21,8 +27,8 @@ env: LINODE_TOKEN: ${{ secrets.LINODE_TOKEN }} SKIPPED_TESTS: "alicloud,digitalocean,kubernetes,openstack,equinix-metal,civo,aiven,auth0,github,oci,java-jbang,java-gradle,azuredevops,vm-azure" PULUMI_API: https://api.pulumi-staging.io - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} PULUMI_VERSION: ${{ github.event.client_payload.ref }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} @@ -33,89 +39,119 @@ env: jobs: build: name: Build + strategy: fail-fast: false matrix: - platform: [ubuntu-latest, macOS-latest, windows-8core-2022] - go-version: [1.21.x] - node-version: [18.x] - python-version: [3.8] - dotnet: [6.0.x] + platform: + - ubuntu-latest + - macOS-latest + - windows-16core-2022 + go-version: + - 1.21.x + node-version: + - 18.x + python-version: + - 3.8 + dotnet-version: + - 6.0.x + java-version: + - 11 + java-distribution: + - temurin + runs-on: ${{ matrix.platform }} + permissions: contents: read id-token: write + steps: - - name: Install Java 11 (temurin) - uses: actions/setup-java@v3 + - name: Install ${{ matrix.java-version }} (${{ matrix.java-distribution }}) + uses: actions/setup-java@v4 with: - distribution: 'temurin' - java-version: '11' - - name: Install DotNet ${{ matrix.dotnet }} - uses: actions/setup-dotnet@v3 + distribution: ${{ matrix.java-distribution }} + java-version: ${{ matrix.java-version }} + + - if: contains(matrix.platform, 'macOS') + name: Install Scala + run: | + brew install sbt + + - name: Install .NET ${{ matrix.dotnet-version }} + uses: actions/setup-dotnet@v4 with: - dotnet-version: ${{ matrix.dotnet }} + dotnet-version: ${{ matrix.dotnet-version }} + - if: contains(matrix.platform, 'ubuntu') || contains(matrix.platform, 'windows') - name: DotNet clean on windows and ubuntu + name: Run 'dotnet clean' on Windows and Ubuntu run: | dotnet nuget locals all --clear - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v3 + + - name: Install Node.js ${{ matrix.node-version }} + uses: actions/setup-node@v4 with: node-version: ${{ matrix.node-version }} - - name: Set up Go ${{ matrix.go-version }} - uses: actions/setup-go@v3 + + - name: Install Go ${{ matrix.go-version }} + uses: actions/setup-go@v5 with: go-version: ${{ matrix.go-version }} - - run: go env - - name: Install Pulumi CLI + + - name: Install Pulumi uses: pulumi/actions@v5 with: pulumi-version: ${{ env.PULUMI_VERSION != '' && format('v{0}', env.PULUMI_VERSION) || 'dev' }} - - run: pulumi version - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 + + - run: echo "$(pulumi version)" + + - name: Install Python ${{ matrix.python-version }} + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - - name: Install Python Deps + + - name: Install Python deps run: | pip3 install pyenv-win pip3 install pipenv - - name: Check out code into the Go module directory - uses: actions/checkout@v3 + + - name: Check out the code + uses: actions/checkout@v4 + - name: Unshallow clone for tags run: git fetch --prune --unshallow --tags - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} role-duration-seconds: 14400 # 4 hours role-session-name: templates@githubActions role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Authenticate to Google Cloud - uses: google-github-actions/auth@v0 + uses: google-github-actions/auth@v2 with: workload_identity_provider: projects/${{ env.GOOGLE_PROJECT_NUMBER }}/locations/global/workloadIdentityPools/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_POOL }}/providers/${{ env.GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ env.GOOGLE_CI_SERVICE_ACCOUNT_EMAIL }} - - name: Setup gcloud auth - uses: google-github-actions/setup-gcloud@v0 + + - name: Set up gcloud auth + uses: google-github-actions/setup-gcloud@v2 with: install_components: gke-gcloud-auth-plugin + - name: Install gotestfmt uses: jaxxstorm/action-install-gh-release@v1.11.0 with: repo: gotesttools/gotestfmt - - name: Get dependencies + + - name: Install dependencies run: make ensure - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@main - with: - tool-cache: false - swap-storage: false + - if: contains(matrix.platform, 'windows') - name: Running Windows tests + name: Run Windows tests shell: bash run: | set -euo pipefail @@ -124,16 +160,13 @@ jobs: PULUMI_PYTHON_CMD: python TESTPARALLELISM: 3 SKIPPED_TESTS: "alicloud,digitalocean,kubernetes,openstack,equinix-metal,civo,aiven,auth0,github,oci,java-jbang,java-gradle,azuredevops,container,vm-azure,fsharp,gcp-visualbasic,azure-classic-visualbasic" - - if: contains(matrix.platform, 'macos') - name: Running macOS tests - run: | - set -euo pipefail - cd tests && go test -v -json -count=1 -cover -timeout 6h -parallel ${{ env.TESTPARALLELISM }} . 2>&1 | gotestfmt - - if: contains(matrix.platform, 'ubuntu') - name: Running Linux tests + + - if: contains(matrix.platform, 'macOS') || contains(matrix.platform, 'ubuntu') + name: Run non-Windows tests run: | set -euo pipefail cd tests && go test -v -json -count=1 -cover -timeout 6h -parallel ${{ env.TESTPARALLELISM }} . 2>&1 | gotestfmt + - if: 'failure()' name: Notify Slack uses: 8398a7/action-slack@v3 diff --git a/.github/workflows/update-templates.yml b/.github/workflows/update-templates.yml index ec280f159..535ad75e6 100644 --- a/.github/workflows/update-templates.yml +++ b/.github/workflows/update-templates.yml @@ -1,4 +1,4 @@ -name: Upgrade Templates +name: Upgrade templates on: workflow_dispatch: {} repository_dispatch: