From f9e7d62125b1e208d51472c86206e52887d8b7d9 Mon Sep 17 00:00:00 2001 From: Pulumi Bot Date: Fri, 13 Dec 2024 06:11:16 +0000 Subject: [PATCH] [internal] Update GitHub Actions workflow files --- .github/actions/setup-tools/action.yml | 8 ++ .github/workflows/license.yml | 1 + .github/workflows/master.yml | 65 +------------ .github/workflows/prerelease.yml | 64 +------------ .github/workflows/prerequisites.yml | 4 + .github/workflows/publish.yml | 10 ++ .github/workflows/release.yml | 64 +------------ .github/workflows/run-acceptance-tests.yml | 78 ++-------------- .github/workflows/test.yml | 103 +++++++++++++++++++++ .github/workflows/verify-release.yml | 8 ++ Makefile | 6 +- 11 files changed, 158 insertions(+), 253 deletions(-) create mode 100644 .github/workflows/test.yml diff --git a/.github/actions/setup-tools/action.yml b/.github/actions/setup-tools/action.yml index 0435bfd..5b80b74 100644 --- a/.github/actions/setup-tools/action.yml +++ b/.github/actions/setup-tools/action.yml @@ -14,6 +14,12 @@ inputs: dotnet java default: all + cache-go: + description: | + Whether to enable the GitHub cache for Go. Appropriate for disabling in + smaller jobs that typically completely before the "real" job has an + opportunity to populate the cache. + default: "true" runs: using: "composite" @@ -27,6 +33,8 @@ runs: provider/*.sum upstream/*.sum sdk/*.sum + # TODO(https://github.com/actions/setup-go/issues/316): Restore but don't save the cache. + cache: ${{ inputs.cache-go }} - name: Install pulumictl if: inputs.tools == 'all' || contains(inputs.tools, 'pulumictl') diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml index 40766b0..b6cdede 100644 --- a/.github/workflows/license.yml +++ b/.github/workflows/license.yml @@ -38,6 +38,7 @@ jobs: uses: ./.github/actions/setup-tools with: tools: go + cache-go: false - run: make upstream - uses: pulumi/license-check-action@main with: diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index 832957d..b91d06d 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -127,70 +127,15 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_provider - build_sdk - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: - - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, ${{ matrix.language }} - - name: Prepare local workspace - run: make prepare_local_workspace - - name: Download bin - uses: ./.github/actions/download-bin - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Restore makefile progress - run: make --touch provider schema build_${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: rke@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - run: cd examples && go test -v -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 - strategy: - fail-fast: false - matrix: - language: - - nodejs - - python - - dotnet - - go - - java + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + name: master on: workflow_dispatch: {} diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index c53b0e1..b5799b8 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -68,70 +68,14 @@ jobs: isPrerelease: true test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_provider - build_sdk - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: - - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, nodejs, python, dotnet, go, java - - name: Prepare local workspace - run: make prepare_local_workspace - - name: Download bin - uses: ./.github/actions/download-bin - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Restore makefile progress - run: make --touch provider schema build_${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: rke@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - run: cd examples && go test -v -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - strategy: - fail-fast: false - matrix: - language: - - nodejs - - python - - dotnet - - go - - java + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} name: prerelease on: diff --git a/.github/workflows/prerequisites.yml b/.github/workflows/prerequisites.yml index 1b418a3..39f1343 100644 --- a/.github/workflows/prerequisites.yml +++ b/.github/workflows/prerequisites.yml @@ -71,6 +71,10 @@ jobs: run: make provider - name: Unit-test provider code run: make test_provider + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@c2fcb216de2b0348de0100baa3ea2cad9f100a01 # v5.1.0 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - if: inputs.is_pr name: Check Schema is Valid run: | diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 9365997..90d6535 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -113,6 +113,8 @@ jobs: name: publish_sdk needs: publish runs-on: ubuntu-latest + outputs: + python_version: ${{ steps.python_version.outputs.version }} steps: - name: Checkout Repo uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 @@ -153,6 +155,13 @@ jobs: go.* go/** !*.tar.gz + - name: Extract python version + id: python_version + working-directory: sdk/python + run: | + pip install toml-cli==0.7.0 + version=$(toml get --toml-path pyproject.toml project.version) + echo "version=${version}" >> "$GITHUB_OUTPUT" create_docs_build: name: create_docs_build needs: publish_sdk @@ -204,3 +213,4 @@ jobs: # Prelease is run often but we only have 5 concurrent macos runners, so we only test after the stable release. enableMacosRunner: ${{ inputs.isPrerelease == false }} skipGoSdk: ${{ inputs.skipGoSdk }} + pythonVersion: ${{ needs.publish_sdk.outputs.python_version }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bc4b4bd..0f5d4e9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -74,67 +74,11 @@ jobs: isPrerelease: false test: - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_provider - build_sdk - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: - - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, ${{ matrix.language }} - - name: Prepare local workspace - run: make prepare_local_workspace - - name: Download bin - uses: ./.github/actions/download-bin - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Restore makefile progress - run: make --touch provider schema build_${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: rke@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - run: cd examples && go test -v -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 . - strategy: - fail-fast: false - matrix: - language: - - nodejs - - python - - dotnet - - go - - java + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index c53224d..4139042 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -114,84 +114,18 @@ jobs: sha: ${{ github.event.pull_request.head.sha || github.sha }} test: + # Don't run tests on PRs from forks. if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository - name: test + uses: ./.github/workflows/test.yml needs: - prerequisites - build_provider - build_sdk - permissions: - contents: read - id-token: write - runs-on: ubuntu-latest - env: - PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} - steps: - - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - ref: ${{ env.PR_COMMIT_SHA }} - persist-credentials: false - - name: Checkout p/examples - if: matrix.testTarget == 'pulumiExamples' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: pulumi/examples - path: p-examples - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: pulumictl, pulumicli, ${{ matrix.language }} - - name: Prepare local workspace - run: make prepare_local_workspace - - name: Download bin - uses: ./.github/actions/download-bin - - name: Download SDK - uses: ./.github/actions/download-sdk - with: - language: ${{ matrix.language }} - - name: Restore makefile progress - run: make --touch provider schema build_${{ matrix.language }} - - name: Update path - run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - - name: Install Python deps - if: matrix.language == 'python' - run: |- - pip3 install virtualenv==20.0.23 - pip3 install pipenv - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-region: ${{ env.AWS_REGION }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - role-duration-seconds: 7200 - role-session-name: rke@githubActions - role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} - - name: Install dependencies - run: make install_${{ matrix.language}}_sdk - - name: Install gotestfmt - uses: GoTestTools/gotestfmt-action@v2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - version: v2.5.0 - - name: Run tests - if: matrix.testTarget == 'local' - run: cd examples && go test -v -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . - - name: Run pulumi/examples tests - if: matrix.testTarget == 'pulumiExamples' - run: cd examples && go test -v -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . - strategy: - fail-fast: false - matrix: - language: - - nodejs - - python - - dotnet - - go - - java - testTarget: [local] + secrets: inherit + with: + version: ${{ needs.prerequisites.outputs.version }} + license_check: name: License Check uses: ./.github/workflows/license.yml diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..fd2bc2c --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,103 @@ +name: "Test Provider" + +on: + workflow_call: + inputs: + version: + required: true + type: string + description: Version of the provider to test + +env: + PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }} + AWS_REGION: us-west-2 + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} + NPM_TOKEN: ${{ secrets.NPM_TOKEN }} + NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} + PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} + PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} + PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + PULUMI_API: https://api.pulumi-staging.io + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget + PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} + PYPI_USERNAME: __token__ + SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} + SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} + SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} + TF_APPEND_USER_AGENT: pulumi + +jobs: + test: + permissions: + contents: read + id-token: write + runs-on: ubuntu-latest + env: + PROVIDER_VERSION: ${{ inputs.version }} + steps: + - name: Checkout Repo + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + ref: ${{ env.PR_COMMIT_SHA }} + persist-credentials: false + - name: Checkout p/examples + if: matrix.testTarget == 'pulumiExamples' + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + repository: pulumi/examples + path: p-examples + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: pulumictl, pulumicli, ${{ matrix.language }} + - name: Prepare local workspace + run: make prepare_local_workspace + - name: Download bin + uses: ./.github/actions/download-bin + - name: Download SDK + uses: ./.github/actions/download-sdk + with: + language: ${{ matrix.language }} + - name: Restore makefile progress + run: make --touch provider schema build_${{ matrix.language }} + - name: Update path + run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" + - name: Install Python deps + if: matrix.language == 'python' + run: |- + pip3 install virtualenv==20.0.23 + pip3 install pipenv + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-region: ${{ env.AWS_REGION }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + role-duration-seconds: 7200 + role-session-name: rke@githubActions + role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} + - name: Install dependencies + run: make install_${{ matrix.language}}_sdk + - name: Install gotestfmt + uses: GoTestTools/gotestfmt-action@v2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + version: v2.5.0 + - name: Run tests + if: matrix.testTarget == 'local' + run: cd examples && go test -v -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -skip TestPulumiExamples -parallel 4 . + - name: Run pulumi/examples tests + if: matrix.testTarget == 'pulumiExamples' + run: cd examples && go test -v -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -run TestPulumiExamples -parallel 4 . + strategy: + fail-fast: false + matrix: + language: + - nodejs + - python + - dotnet + - go + - java + testTarget: [local] diff --git a/.github/workflows/verify-release.yml b/.github/workflows/verify-release.yml index ec0fab6..df669ce 100644 --- a/.github/workflows/verify-release.yml +++ b/.github/workflows/verify-release.yml @@ -16,6 +16,10 @@ on: required: false type: boolean default: false + pythonVersion: + description: "Optional python SDK version to verify. Defaults to inputs.providerVersion." + type: string + required: false workflow_call: inputs: providerVersion: @@ -32,6 +36,10 @@ on: required: false type: boolean default: false + pythonVersion: + description: "Optional python SDK version to verify. Defaults to inputs.providerVersion." + type: string + required: false env: AWS_REGION: us-west-2 diff --git a/Makefile b/Makefile index 22f4d38..bea4d68 100644 --- a/Makefile +++ b/Makefile @@ -233,7 +233,11 @@ test: .PHONY: test test_provider: - cd provider && go test -v -short ./... -parallel $(TESTPARALLELISM) + cd provider && go test -v -short \ + -coverprofile="coverage.txt" \ + -coverpkg="./...,github.com/hashicorp/terraform-provider-..." \ + -parallel $(TESTPARALLELISM) \ + ./... .PHONY: test_provider tfgen: schema