From 9c319759e7f14f64a0faa81a0b227cbfc7f81027 Mon Sep 17 00:00:00 2001 From: Pulumi Bot Date: Thu, 2 Jan 2025 05:04:18 +0000 Subject: [PATCH] [internal] Update GitHub Actions workflow files --- .github/workflows/build.yml | 51 ++++++++++++++++++-- .github/workflows/prerelease.yml | 50 ++++++++++++++++++-- .github/workflows/release.yml | 50 ++++++++++++++++++-- .github/workflows/run-acceptance-tests.yml | 54 ++++++++++++++++++++-- 4 files changed, 193 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ad45aa59bd..cedc3f18db 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -122,6 +122,47 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') && github.event_name == + 'pull_request' + shell: bash + run: > + git diff --quiet -- sdk && echo "no changes to sdk" && exit + + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar provider binaries run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ @@ -149,7 +190,7 @@ jobs: needs: prerequisites runs-on: pulumi-ubuntu-8core strategy: - fail-fast: true + fail-fast: ${{ ! contains(github.actor, 'renovate') }} matrix: language: - nodejs @@ -229,9 +270,12 @@ jobs: sdk/python/pyproject.toml - name: Commit ${{ matrix.language }} SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && - contains(github.actor, 'renovate') + contains(github.actor, 'renovate') && github.event_name == + 'pull_request' shell: bash run: > + git diff --quiet -- sdk && echo "no changes to sdk" && exit + git config --global user.email "bot@pulumi.com" git config --global user.name "pulumi-bot" @@ -253,7 +297,7 @@ jobs: git add sdk - git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' @@ -583,6 +627,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true + persist-credentials: false ref: ${{ env.PR_COMMIT_SHA }} - name: Install Go uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index 1dc785b9ca..bb934c7e5e 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -114,6 +114,47 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') && github.event_name == + 'pull_request' + shell: bash + run: > + git diff --quiet -- sdk && echo "no changes to sdk" && exit + + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar provider binaries run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ @@ -141,7 +182,7 @@ jobs: needs: prerequisites runs-on: pulumi-ubuntu-8core strategy: - fail-fast: true + fail-fast: ${{ ! contains(github.actor, 'renovate') }} matrix: language: - nodejs @@ -221,9 +262,12 @@ jobs: sdk/python/pyproject.toml - name: Commit ${{ matrix.language }} SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && - contains(github.actor, 'renovate') + contains(github.actor, 'renovate') && github.event_name == + 'pull_request' shell: bash run: > + git diff --quiet -- sdk && echo "no changes to sdk" && exit + git config --global user.email "bot@pulumi.com" git config --global user.name "pulumi-bot" @@ -245,7 +289,7 @@ jobs: git add sdk - git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8b5f3a72dd..0929bf32cf 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -114,6 +114,47 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') && github.event_name == + 'pull_request' + shell: bash + run: > + git diff --quiet -- sdk && echo "no changes to sdk" && exit + + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar provider binaries run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ @@ -141,7 +182,7 @@ jobs: needs: prerequisites runs-on: pulumi-ubuntu-8core strategy: - fail-fast: true + fail-fast: ${{ ! contains(github.actor, 'renovate') }} matrix: language: - nodejs @@ -221,9 +262,12 @@ jobs: sdk/python/pyproject.toml - name: Commit ${{ matrix.language }} SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && - contains(github.actor, 'renovate') + contains(github.actor, 'renovate') && github.event_name == + 'pull_request' shell: bash run: > + git diff --quiet -- sdk && echo "no changes to sdk" && exit + git config --global user.email "bot@pulumi.com" git config --global user.name "pulumi-bot" @@ -245,7 +289,7 @@ jobs: git add sdk - git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 00ef4255a3..9eb7d263d0 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -68,6 +68,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true + persist-credentials: false ref: ${{ env.PR_COMMIT_SHA }} - id: version name: Set Provider Version @@ -136,6 +137,47 @@ jobs: sdk/go/**/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + - name: Commit ${{ matrix.language }} SDK changes for Renovate + if: failure() && steps.worktreeClean.outcome == 'failure' && + contains(github.actor, 'renovate') && github.event_name == + 'pull_request' + shell: bash + run: > + git diff --quiet -- sdk && echo "no changes to sdk" && exit + + git config --global user.email "bot@pulumi.com" + + git config --global user.name "pulumi-bot" + + # Stash local changes and check out the PR's branch directly. + + git stash + + git fetch + + git checkout "origin/$HEAD_REF" + + + # Apply and add our changes, but don't commit any files we expect to + + # always change due to versioning. + + git stash pop + + git add sdk + + git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json + + git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' + + + # Push with pulumi-bot credentials to trigger a re-run of the + + # workflow. https://github.com/orgs/community/discussions/25702 + + git push https://pulumi-bot:${{ secrets.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF" + env: + HEAD_REF: ${{ github.head_ref }} - run: git status --porcelain - name: Tar provider binaries run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ @@ -165,7 +207,7 @@ jobs: needs: prerequisites runs-on: pulumi-ubuntu-8core strategy: - fail-fast: true + fail-fast: ${{ ! contains(github.actor, 'renovate') }} matrix: language: - nodejs @@ -179,6 +221,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true + persist-credentials: false ref: ${{ env.PR_COMMIT_SHA }} - id: version name: Set Provider Version @@ -246,9 +289,12 @@ jobs: sdk/python/pyproject.toml - name: Commit ${{ matrix.language }} SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && - contains(github.actor, 'renovate') + contains(github.actor, 'renovate') && github.event_name == + 'pull_request' shell: bash run: > + git diff --quiet -- sdk && echo "no changes to sdk" && exit + git config --global user.email "bot@pulumi.com" git config --global user.name "pulumi-bot" @@ -270,7 +316,7 @@ jobs: git add sdk - git reset sdk/python/*/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json sdk/python/pyproject.toml + git reset sdk/python/*/pulumi-plugin.json sdk/python/pyproject.toml sdk/dotnet/pulumi-plugin.json sdk/dotnet/Pulumi.*.csproj sdk/go/*/pulumi-plugin.json sdk/go/*/internal/pulumiUtilities.go sdk/nodejs/package.json git commit -m 'Commit ${{ matrix.language }} SDK for Renovate' @@ -322,6 +368,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true + persist-credentials: false ref: ${{ env.PR_COMMIT_SHA }} - id: version name: Set Provider Version @@ -480,6 +527,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: lfs: true + persist-credentials: false ref: ${{ env.PR_COMMIT_SHA }} - name: Install Go uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0