diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml new file mode 100644 index 0000000000..a4094855ce --- /dev/null +++ b/.github/workflows/license.yml @@ -0,0 +1,78 @@ +# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt + +name: license_check + +on: + workflow_call: + inputs: {} + + +env: + ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} + ARM_ENVIRONMENT: public + ARM_LOCATION: westus2 + ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} + ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} + DOTNETVERSION: | + 6.0.x + 3.1.301 + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GOVERSION: 1.21.x + JAVAVERSION: "11" + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NODEVERSION: 20.x + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PULUMI_MISSING_DOCS_ERROR: true + PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }} + PYTHONVERSION: "3.9" + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + TF_APPEND_USER_AGENT: pulumi + TRAVIS_OS_NAME: linux + +jobs: + license_check: + name: License Check + runs-on: ubuntu-latest + steps: + - name: Checkout Repo + uses: actions/checkout@v3 + with: + ref: ${{ env.PR_COMMIT_SHA }} + - name: Unshallow clone for tags + run: git fetch --prune --unshallow --tags + - name: Install Go + uses: actions/setup-go@v4 + with: + cache-dependency-path: | + sdk/go.sum + go-version: 1.21.x + - run: make upstream + - uses: pulumi/license-check-action@main + with: + module-path: provider + ignore-modules: >- + github.com/aead/chacha20, + github.com/apache/arrow/go/v12, + github.com/apache/thrift/lib/go/thrift, + github.com/cloudflare/circl, + github.com/golang, + github.com/jmespath/go-jmespath, + github.com/klauspost/compress, + github.com/mattn/go-localereader, + github.com/modern-go/reflect2, + github.com/pierrec/lz4, + github.com/pjbgf/sha1cd, + github.com/pulumi, + github.com/segmentio/asm, + golang.org diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index 6a2a3a2374..b66dd98153 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -182,6 +182,10 @@ jobs: s3FullURI="s3://${{ secrets.S3_COVERAGE_BUCKET_NAME }}/summaries/${summaryName}" aws s3 cp "${{ env.COVERAGE_OUTPUT_DIR }}/summary.json" "${s3FullURI}" --acl bucket-owner-full-control + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit prerequisites: name: prerequisites runs-on: pulumi-ubuntu-8core @@ -261,7 +265,9 @@ jobs: publish: name: publish - needs: test + needs: + - test + - license_check runs-on: pulumi-ubuntu-8core steps: - name: Checkout Repo diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index d22ec57dd4..f5925e5f58 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -129,6 +129,10 @@ jobs: - dotnet - go - java + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit prerequisites: name: prerequisites runs-on: pulumi-ubuntu-8core @@ -208,7 +212,9 @@ jobs: publish: name: publish - needs: test + needs: + - test + - license_check runs-on: pulumi-ubuntu-8core steps: - name: Checkout Repo diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 71eaa1fbf1..79143b5480 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -142,6 +142,10 @@ jobs: name: Dispatch Event run: pulumictl create docs-build pulumi-${{ env.PROVIDER }} "${GITHUB_REF#refs/tags/}" + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit prerequisites: name: prerequisites runs-on: pulumi-ubuntu-8core @@ -221,7 +225,9 @@ jobs: publish: name: publish - needs: test + needs: + - test + - license_check runs-on: pulumi-ubuntu-8core steps: - name: Checkout Repo diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 58dc7c3e0e..322f488341 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -258,6 +258,7 @@ jobs: ! cancelled() needs: - test + - license_check runs-on: ubuntu-latest steps: - name: Workflow is not a success @@ -373,6 +374,10 @@ jobs: - dotnet - go - java + license_check: + name: License Check + uses: ./.github/workflows/license.yml + secrets: inherit name: run-acceptance-tests on: pull_request: diff --git a/.upgrade-config.yml b/.upgrade-config.yml index caf6c8095b..0c1a386cca 100644 --- a/.upgrade-config.yml +++ b/.upgrade-config.yml @@ -4,5 +4,5 @@ upstream-provider-name: terraform-provider-azurerm pulumi-infer-version: true remove-plugins: true -pr-reviewers: pulumi/Providers,lukehoban +pr-reviewers: iwahbe # Team: pulumi/Providers javaVersion: "v0.9.8"