run-acceptance-tests.yml

env:
  AWS_REGION: us-west-2
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  LOCAL_PLAT: linux-amd64
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  PROVIDER: awsx
  PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
  PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
  PULUMI_API: https://api.pulumi-staging.io
  PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
  SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
  PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }}
  PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
  SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
  SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
  SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
  VERSION_PREFIX: 1.0.0
  GOVERSION: "1.21.x"
  DOTNETVERSION: "6.x"
  PYTHONVERSION: "3.8"
  NODEVERSION: "18.x"
  JAVAVERSION: "11"
jobs:
  comment-notification:
    # We only care about adding the result to the PR if it's a repository_dispatch event
    if: github.event_name == 'repository_dispatch'
    runs-on: ubuntu-latest
    steps:
      - name: Create URL to the run output
        id: vars
        run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
      - name: Update with Result
        uses: peter-evans/create-or-update-comment@v3
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
          repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
          issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
          body: |
            Please view the PR build - ${{ steps.vars.outputs.run-url }}
  lint:
    name: lint
    runs-on: ubuntu-latest
    continue-on-error: true
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v4
      - name: Checkout Scripts Repo
        uses: actions/checkout@v4
        with:
          path: ci-scripts
          repository: pulumi/scripts
      - name: Unshallow clone for tags
        run: git fetch --prune --unshallow --tags
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.10.0
        with:
          repo: pulumi/pulumictl
      - name: Setup Node
        uses: actions/setup-node@v3
        with:
          node-version: 18.x
          registry-url: https://registry.npmjs.org
      - name: Install Yarn
        run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.13.0
      - name: Update PATH for Yarn
        run: |
          echo "$HOME/.yarn/bin" >> $GITHUB_PATH
          echo "$HOME/.config/yarn/global/node_modules/.bin" >> $GITHUB_PATH
      - uses: MOZGIII/install-ldid-action@v1
        with:
          tag: v2.1.5-procursus2
      - name: Lint AWSX Code
        run: make lint
      - name: Lint classic AWSX Code
        run: make lint_classic
      - name: Build dist packages
        run: make dist
      - name: Upload dist
        uses: actions/upload-artifact@v3
        with:
          name: dist
          path: dist
      - name: Check worktree clean
        run: ./ci-scripts/ci/check-worktree-is-clean
  build-provider:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v4
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v3
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-region: ${{ env.AWS_REGION }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          role-duration-seconds: 3600
          role-session-name: ${{ env.PROVIDER }}@githubActions
          role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
      - name: Checkout Scripts Repo
        uses: actions/checkout@v4
        with:
          path: ci-scripts
          repository: pulumi/scripts
      - name: Unshallow clone for tags
        run: git fetch --prune --unshallow --tags
      - name: Install Go
        uses: actions/setup-go@v4
        with:
          go-version: ${{ env.GOVERSION }}
      - name: Setup Node
        uses: actions/setup-node@v3
        with:
          node-version: ${{env.NODEVERSION}}
          registry-url: https://registry.npmjs.org
      - name: Install Yarn
        run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.13.0
      - name: Update PATH for Yarn
        run: |
          echo "$HOME/.yarn/bin" >> $GITHUB_PATH
          echo "$HOME/.config/yarn/global/node_modules/.bin" >> $GITHUB_PATH
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.10.0
        with:
          repo: pulumi/pulumictl
      - name: Install Pulumi CLI
        uses: pulumi/action-install-pulumi-cli@v2
      - name: Build provider
        run: make provider
      - name: Test provider
        run: make test_provider
      - name: Check worktree clean
        run: ./ci-scripts/ci/check-worktree-is-clean
      - name: Upload bin
        uses: actions/upload-artifact@v3
        with:
          name: bin
          path: bin
      - name: Tar provider bin
        run: tar -zcf ${{ github.workspace }}/provider.tar.gz -C ${{ github.workspace }}/${{ env.PROVIDER }}/bin/ .
      - name: Upload provider bin
        uses: actions/upload-artifact@v3
        with:
          name: ${{ env.PROVIDER }}-provider.tar.gz
          path: ${{ github.workspace }}/provider.tar.gz
      - if: failure() && github.event_name == 'push'
        name: Notify Slack
        uses: 8398a7/action-slack@v3
        with:
          author_name: Failure in building provider
          fields: repo,commit,author,action
          status: ${{ job.status }}
  acceptance-test:
    needs: build-provider
    runs-on: ubuntu-latest
    if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v4
      - name: Checkout Scripts Repo
        uses: actions/checkout@v4
        with:
          path: ci-scripts
          repository: pulumi/scripts
      - name: Unshallow clone for tags
        run: git fetch --prune --unshallow --tags
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.10.0
        with:
          repo: pulumi/pulumictl
      - name: Install Languages & Frameworks
        uses: ./.github/actions/install
      - name: Install Python deps
        run: |-
          pip3 install virtualenv==20.0.23
          pip3 install pipenv
      - name: Download bin
        uses: actions/download-artifact@v3
        with:
          name: bin
          path: bin
      - name: Restore bin and avoid rebuilding
        run: |
          chmod +x bin/*
          make provider --touch
      - name: Build SDK
        run: make build_${{ matrix.language }}
      - name: Check worktree clean
        run: ./ci-scripts/ci/check-worktree-is-clean
      - name: Compress SDK folder
        run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }}
          .
      - name: Upload artifacts
        uses: actions/upload-artifact@v3
        with:
          name: ${{ matrix.language  }}-sdk.tar.gz
          path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v3
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-region: ${{ env.AWS_REGION }}
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          role-duration-seconds: 3600
          role-session-name: ${{ env.PROVIDER }}@githubActions
          role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
      - name: Run tests
        # Tell make to not rebuild the provider bin
        run: make test_${{ matrix.language }}
    strategy:
      fail-fast: false
      matrix:
        language:
          - nodejs
          - python
          - dotnet
          - go
          - java
name: Run Acceptance Tests from PR
on:
  repository_dispatch:
    types: [run-acceptance-tests-command]
  pull_request:
    branches:
      - master