Conformance tests allow us to test functionality regardless of
programming language used, by setting up a test program using PCL and
making assertions about program state before and after various
operations. This commit adds a set of conformance tests for remote
assets (that is, assets that must be retrieved from some URI), which
have until now been untested in this regard.
When the typechecker option is set, but the selected typechecker is not
installed in the project's virtual environment, the pulumi operation
will fail with an unhelpful message like `mypy failed: exit status 1`.
To make this more actionable, we check if the typechecker is installed,
and if not, we provide installation instructions to remediate the issue.
Noticed this issue while doing SDK gen for parameterised providers, but
figured it deserved its own conformance test. Check that if a provider
has a pre-release semver that the _exact_ version can be reported by the
generated SDK. This already just works for NodeJS, but Python needed a
fix to write the version to `_utilities.py` rather than trying to
unconvert the pypi version from the package.
Also needed to make the conformance test checks for
`GetProgramDependencies` even weaker (which is fine, they are just a
very basic sanity check) because the provider reports a version of
"3.0.0-alpha.1.internal" while the python version is "3.0.0a1+internal".
When the dependency installation fails because we could not find the
packagemanager executable, tell the user how to remedy the error and
finish the dependency installation.
Example:
```
The packagemangager to use for installing dependencies pnpm
Installing dependencies...
error: installing dependencies failed: Could not find `pnpm` executable.
Install pnpm from https://pnpm.io/installation and make sure it is in your PATH.
Run `pulumi install` to complete the installation.
```
This commit rebases @Maradonna90's PR #14066 to add support for
`destroy`'s `--exclude-protected` argument to the Python automation SDK.
This addresses the Python part of #12733.
Closes#14066
Co-authored-by: Jendryczko, Marco <marco.jendryczko@hermesworld.com>
Fixes https://github.com/pulumi/pulumi/issues/16025.
Looks like shutting down the executor and waiting for it to finish
pending tasks should stop callbacks being triggered after we then close
the event loop.
Bumps the go_modules group with 1 update in the /pkg directory:
[github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp).
Bumps the go_modules group with 1 update in the /tests directory:
[github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp).
Updates `github.com/hashicorp/go-retryablehttp` from 0.7.5 to 0.7.7
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md">github.com/hashicorp/go-retryablehttp's
changelog</a>.</em></p>
<blockquote>
<h2>0.7.7 (May 30, 2024)</h2>
<p>BUG FIXES:</p>
<ul>
<li>client: avoid potentially leaking URL-embedded basic authentication
credentials in logs (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/158">#158</a>)</li>
</ul>
<h2>0.7.6 (May 9, 2024)</h2>
<p>ENHANCEMENTS:</p>
<ul>
<li>client: support a <code>RetryPrepare</code> function for modifying
the request before retrying (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/216">#216</a>)</li>
<li>client: support HTTP-date values for <code>Retry-After</code> header
value (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/138">#138</a>)</li>
<li>client: avoid reading entire body when the body is a
<code>*bytes.Reader</code> (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/197">#197</a>)</li>
</ul>
<p>BUG FIXES:</p>
<ul>
<li>client: fix a broken check for invalid server certificate in go
1.20+ (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/210">#210</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1542b31176"><code>1542b31</code></a>
v0.7.7</li>
<li><a
href="defb9f441d"><code>defb9f4</code></a>
v0.7.7</li>
<li><a
href="a99f07beb3"><code>a99f07b</code></a>
Merge pull request <a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/158">#158</a>
from dany74q/danny/redacted-url-in-logs</li>
<li><a
href="8a28c574da"><code>8a28c57</code></a>
Merge branch 'main' into danny/redacted-url-in-logs</li>
<li><a
href="86e852df43"><code>86e852d</code></a>
Merge pull request <a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/227">#227</a>
from hashicorp/dependabot/github_actions/actions/chec...</li>
<li><a
href="47fe99e646"><code>47fe99e</code></a>
Bump actions/checkout from 4.1.5 to 4.1.6</li>
<li><a
href="490fc06be0"><code>490fc06</code></a>
Merge pull request <a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/226">#226</a>
from testwill/ioutil</li>
<li><a
href="f3e9417dbf"><code>f3e9417</code></a>
chore: remove refs to deprecated io/ioutil</li>
<li><a
href="d969eaa9c9"><code>d969eaa</code></a>
Merge pull request <a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/225">#225</a>
from hashicorp/manicminer-patch-2</li>
<li><a
href="2ad8ed4a1d"><code>2ad8ed4</code></a>
v0.7.6</li>
<li>Additional commits viewable in <a
href="https://github.com/hashicorp/go-retryablehttp/compare/v0.7.5...v0.7.7">compare
view</a></li>
</ul>
</details>
<br />
Updates `github.com/hashicorp/go-retryablehttp` from 0.7.5 to 0.7.7
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md">github.com/hashicorp/go-retryablehttp's
changelog</a>.</em></p>
<blockquote>
<h2>0.7.7 (May 30, 2024)</h2>
<p>BUG FIXES:</p>
<ul>
<li>client: avoid potentially leaking URL-embedded basic authentication
credentials in logs (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/158">#158</a>)</li>
</ul>
<h2>0.7.6 (May 9, 2024)</h2>
<p>ENHANCEMENTS:</p>
<ul>
<li>client: support a <code>RetryPrepare</code> function for modifying
the request before retrying (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/216">#216</a>)</li>
<li>client: support HTTP-date values for <code>Retry-After</code> header
value (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/138">#138</a>)</li>
<li>client: avoid reading entire body when the body is a
<code>*bytes.Reader</code> (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/197">#197</a>)</li>
</ul>
<p>BUG FIXES:</p>
<ul>
<li>client: fix a broken check for invalid server certificate in go
1.20+ (<a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/210">#210</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1542b31176"><code>1542b31</code></a>
v0.7.7</li>
<li><a
href="defb9f441d"><code>defb9f4</code></a>
v0.7.7</li>
<li><a
href="a99f07beb3"><code>a99f07b</code></a>
Merge pull request <a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/158">#158</a>
from dany74q/danny/redacted-url-in-logs</li>
<li><a
href="8a28c574da"><code>8a28c57</code></a>
Merge branch 'main' into danny/redacted-url-in-logs</li>
<li><a
href="86e852df43"><code>86e852d</code></a>
Merge pull request <a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/227">#227</a>
from hashicorp/dependabot/github_actions/actions/chec...</li>
<li><a
href="47fe99e646"><code>47fe99e</code></a>
Bump actions/checkout from 4.1.5 to 4.1.6</li>
<li><a
href="490fc06be0"><code>490fc06</code></a>
Merge pull request <a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/226">#226</a>
from testwill/ioutil</li>
<li><a
href="f3e9417dbf"><code>f3e9417</code></a>
chore: remove refs to deprecated io/ioutil</li>
<li><a
href="d969eaa9c9"><code>d969eaa</code></a>
Merge pull request <a
href="https://redirect.github.com/hashicorp/go-retryablehttp/issues/225">#225</a>
from hashicorp/manicminer-patch-2</li>
<li><a
href="2ad8ed4a1d"><code>2ad8ed4</code></a>
v0.7.6</li>
<li>Additional commits viewable in <a
href="https://github.com/hashicorp/go-retryablehttp/compare/v0.7.5...v0.7.7">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/pulumi/pulumi/network/alerts).
</details>
Co-authored-by: Will Jones <will@sacharissa.co.uk>
A few weeks ago we added the concept of package references, mostly for
parametrised providers so that we wouldn't have to send the parameter
value over and over for each `RegisterResourceRequest`. This was done by
sending the package reference through the `provider` field.
Nothing yet uses this feature (it hasn't yet been added to any language
SDKs), and thinking over this the last week I realised there was an
issue using this for extension packages.
When using an extension provider it's valid to also specify an explicit
provider, which will be using the `provider` field. At this point
there's no where for the SDK to send extra information to the engine
about the parameterisation.
This is a small reworking of this idea to use a separate `package`
field, so that even for an extension type we can specify the
parameterised package it comes from and an explicit provider for it.
`Output`s are a central part of Pulumi programs. As well as tracking
dependencies between resources (e.g. that `A`'s input `x` comes from
`B`'s output `y`), they allow us to specify that some value will only be
available at a future point (e.g. after a resource has been created or
updated). This is typically done in each language by implementing
`Output`s using some asynchronous or future value, such as NodeJS's
`Promise`. In Python, we use `asyncio` `Task`s.
In order to make `Output`s ergonomic to use, we implement "lifting" of
properties in languages that support it. Suppose for instance we have an
object `c` that is an instance of the following class `C`:
```python
class C:
x: str
y: int
def __init__(self, x: str, y: int) -> None:
self.x = x
self.y = y
c = C("x", 42)
```
Because `c: C`, we have that `c.x == "x"` and `c.y == 42` as we might
expect. Consider though some output property of a resource that produces
a `C`. This property will be of type `Output[C]`, since the value of
type `C` won't be available until the resource has been set up by Pulumi
as part of program execution. If we want to pass that output's `x` value
to some other resource, we might have to write:
```python
r1 = ... # r1 has a property c: Output[C]
r2 = R("r", RArgs(x=r1.c.apply(lambda cc: cc.x)))
```
Observe that we have to use `apply` to unwrap the output and access the
property inside. This is tedious and ugly, and exactly the problem
lifting solves. Lifting allows us to write `r1.c.x` and have it be
implemented as `r1.c.apply(lambda cc: cc.x)` under the hood. In Python,
this is achieved using Python's `__getattr__` "dunder" method ("dunder"
being short for "double underscore", the convention adopted for
"special" identifiers in Python). `__getattr__` allows us to perform
dynamic property lookup on an object, which in the case of `Output` we
use to delegate property access to the underlying value using `apply`.
This works really well and contributes significantly to Pulumi programs
being easy to read and write in Python. Unfortunately, it has a flaw:
`__getattr__` is also used to check whether attributes exist on an
object (using `hasattr`), and thus has a contract whereby it is
_synchronously_ expected to raise an `AttributeError` if an attribute
does not exist. In returning an _asynchronous_ task (that may _later_
resolve to an `AttributeError`), `Output` is in violation of this
contract. This means that code which calls e.g. `hasattr(r1.c, "z")`
will yield a future task that if resolved, will blow up with an
`AttributeError`.
Historically, this hasn't really been a problem. With the advent of
https://github.com/pulumi/pulumi/pull/15744 and subsequent
improvements/fixes, however, this is now an issue, since we explicitly
await all outstanding outputs before program termination. In the example
above, for instance, the orphaned task will be forced at the end of
program execution. The `AttributeError` will rear its head and Pulumi
will exit with an error and stack trace.
This commit implements a fix proportional to the cases where this
appears to be a problem. Namely, libraries such as Pydantic that use
dunder attributes in their implementation and check for the presence of
these attributes when executing. When `__getattr__` is called with a
dunder attribute, we synchronously `raise AttributeError` rather than
lifting it. There are (we believe) no cases where this would affect a
Pulumi-generated SDK (since dunder names aren't generally used for
public resource properties) and the dunder properties on the `Output`
itself (e.g. `__dict__`, etc.) will continue to work since their
resolution will succeed normally and a call to `__getattr__` will thus
not be made.
Fixes#16399
In subsequent PRs we're going to introduce transforms for Calls, Invokes
and Reads. Add an alias to the current register stack transforms
functions, and deprecate the old version. This is both for consistency,
and because it's a bit confusing that register stack transforms only
works for register resource calls, and not other types of pulumi
operations.
/xref https://github.com/pulumi/pulumi/issues/16171
The latest version of the core Pulumi SDK contains a decorator,
`@deprecated`, that is used when generating SDK code in order to signify
deprecated properties in a way that can be recognised by other SDK code.
This is useful when writing generic Python code that e.g. traverses
class properties without triggering deprecation warnings for those not
explicitly mentioned in user code. The [original pull
request](https://github.com/pulumi/pulumi/pull/16400) has more details.
Alas, we can't rely on the fact that a user will upgrade _both_ a
particular (generated) provider SDK and the core Pulumi SDK at the same
time. Thus, it's entirely possible that a user bumps their version of
(say) `pulumi_aws`, whilst leaving their `pulumi` library at the same
(compatible, according to specified bounds) version. In doing so they'd
hit errors when the new SDK tried to import the `@deprecated` decorator,
which doesn't exist in the old core SDK.
This commit thus fixes this by altering code generation so that each SDK
receives its own inlined copy of the `@deprecated` decorator, which it
can reference regardless of the version of the core SDK. This decorator
applies the same `_pulumi_deprecated_callable` tag to functions it
decorates, which a sufficiently modern SDK will recognise to avoid
triggering e.g. https://github.com/pulumi/pulumi/issues/15894. Later on,
we can hopefully find a way to avoid doing this and use only a version
of `@deprecated` specified in the core SDK.
Codegen tests have been updated and the inlined decorator has manually
been tested using the AWS Classic SDK.
Addresses
https://github.com/pulumi/pulumi/pull/16400#discussion_r1646562455
Activating a virtual environment sets a VIRTUAL_ENV environment
variable. Replicate this behaviour in `ActivateVirtualEnv` function.
https://docs.python.org/3/library/venv.html#how-venvs-work
> When a virtual environment has been activated, the VIRTUAL_ENV
environment variable is set to the path of the environment
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
The gedex/inflector (singularization/pluralization) library has been
seemingly abandoned: still no go module support, no changes in years,
etc. It was decided that we want to fork it and maintain ourselves to
ensure both a) stability and backwards compatibility b) modernization
and quality.
This PR switches the inflector library. The next step will be TF bridge.
There are no functional changes in behavior - the library code is
exactly the same.
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
Bumps the go_modules group with 1 update in the /pkg directory:
[github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go).
Bumps the go_modules group with 1 update in the /tests directory:
[github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go).
Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.5.1 to
1.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Azure/azure-sdk-for-go/releases">github.com/Azure/azure-sdk-for-go/sdk/azidentity's
releases</a>.</em></p>
<blockquote>
<h2>sdk/internal/v1.6.0</h2>
<h2>1.6.0 (2024-04-16)</h2>
<h3>Features Added</h3>
<ul>
<li>Options types for <code>SetBodilessMatcher</code> and
<code>SetDefaultMatcher</code> now embed
<code>RecordingOptions</code></li>
<li>Added a collection of default sanitizers for test recordings</li>
</ul>
<h2>sdk/azidentity/v1.6.0</h2>
<h2>1.6.0 (2024-06-10)</h2>
<h3>Features Added</h3>
<ul>
<li><code>NewOnBehalfOfCredentialWithClientAssertions</code> creates an
on-behalf-of credential
that authenticates with client assertions such as federated
credentials</li>
</ul>
<h3>Breaking Changes</h3>
<blockquote>
<p>These changes affect only code written against a beta version such as
v1.6.0-beta.4</p>
</blockquote>
<ul>
<li>Removed <code>AzurePipelinesCredential</code> and the persistent
token caching API.
They will return in v1.7.0-beta.1</li>
</ul>
<h3>Bugs Fixed</h3>
<ul>
<li>Managed identity bug fixes</li>
</ul>
<h2>sdk/azidentity/v1.6.0-beta.4</h2>
<h2>1.6.0-beta.4 (2024-05-14)</h2>
<h3>Features Added</h3>
<ul>
<li><code>AzurePipelinesCredential</code> authenticates an Azure
Pipeline service connection with
workload identity federation</li>
</ul>
<h2>sdk/azidentity/v1.6.0-beta.3</h2>
<h2>1.6.0-beta.3 (2024-04-09)</h2>
<h3>Breaking Changes</h3>
<ul>
<li><code>DefaultAzureCredential</code> now sends a probe request with
no retries for IMDS managed identity
environments to avoid excessive retry delays when the IMDS endpoint is
not available. This
should improve credential chain resolution for local development
scenarios.</li>
</ul>
<h3>Bugs Fixed</h3>
<ul>
<li><code>ManagedIdentityCredential</code> now specifies resource IDs
correctly for Azure Container Instances</li>
</ul>
<h2>sdk/azidentity/v1.5.2</h2>
<h2>1.5.2 (2024-04-09)</h2>
<h3>Bugs Fixed</h3>
<ul>
<li><code>ManagedIdentityCredential</code> now specifies resource IDs
correctly for Azure Container Instances</li>
</ul>
<h3>Other Changes</h3>
<ul>
<li>Restored v1.4.0 error behavior for empty tenant IDs</li>
<li>Upgraded dependencies</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="36f766d2fe"><code>36f766d</code></a>
add sdk/resourcemanager/cosmos/armcosmos live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20705">#20705</a>)</li>
<li><a
href="c005ed6159"><code>c005ed6</code></a>
sdk/resourcemanager/network/armnetwork live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20331">#20331</a>)</li>
<li><a
href="5fa7df4852"><code>5fa7df4</code></a>
add sdk/resourcemanager/compute/armcompute live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20048">#20048</a>)</li>
<li><a
href="0d22aeddaa"><code>0d22aed</code></a>
add sdk/resourcemanager/eventhub/armeventhub live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20686">#20686</a>)</li>
<li><a
href="2a8d96d355"><code>2a8d96d</code></a>
add sdk/resourcemanager/postgresql/armpostgresql live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20685">#20685</a>)</li>
<li><a
href="b2cddab175"><code>b2cddab</code></a>
[Release] sdk/resourcemanager/paloaltonetworksngfw/armpanngfw/0.1.0 (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20437">#20437</a>)</li>
<li><a
href="ed7f3c719e"><code>ed7f3c7</code></a>
Fix azidentity troubleshooting guide link (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20736">#20736</a>)</li>
<li><a
href="6dfd0cbd7c"><code>6dfd0cb</code></a>
[azeventhubs] Fixing checkpoint store race condition (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20727">#20727</a>)</li>
<li><a
href="745d967e27"><code>745d967</code></a>
pass along the artifact name so we can override it later (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20732">#20732</a>)</li>
<li><a
href="20b4dd8c3e"><code>20b4dd8</code></a>
Update changelog with latest features (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20730">#20730</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Azure/azure-sdk-for-go/compare/sdk/internal/v1.5.1...sdk/azcore/v1.6.0">compare
view</a></li>
</ul>
</details>
<br />
Updates `github.com/Azure/azure-sdk-for-go/sdk/azidentity` from 1.5.1 to
1.6.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Azure/azure-sdk-for-go/releases">github.com/Azure/azure-sdk-for-go/sdk/azidentity's
releases</a>.</em></p>
<blockquote>
<h2>sdk/internal/v1.6.0</h2>
<h2>1.6.0 (2024-04-16)</h2>
<h3>Features Added</h3>
<ul>
<li>Options types for <code>SetBodilessMatcher</code> and
<code>SetDefaultMatcher</code> now embed
<code>RecordingOptions</code></li>
<li>Added a collection of default sanitizers for test recordings</li>
</ul>
<h2>sdk/azidentity/v1.6.0</h2>
<h2>1.6.0 (2024-06-10)</h2>
<h3>Features Added</h3>
<ul>
<li><code>NewOnBehalfOfCredentialWithClientAssertions</code> creates an
on-behalf-of credential
that authenticates with client assertions such as federated
credentials</li>
</ul>
<h3>Breaking Changes</h3>
<blockquote>
<p>These changes affect only code written against a beta version such as
v1.6.0-beta.4</p>
</blockquote>
<ul>
<li>Removed <code>AzurePipelinesCredential</code> and the persistent
token caching API.
They will return in v1.7.0-beta.1</li>
</ul>
<h3>Bugs Fixed</h3>
<ul>
<li>Managed identity bug fixes</li>
</ul>
<h2>sdk/azidentity/v1.6.0-beta.4</h2>
<h2>1.6.0-beta.4 (2024-05-14)</h2>
<h3>Features Added</h3>
<ul>
<li><code>AzurePipelinesCredential</code> authenticates an Azure
Pipeline service connection with
workload identity federation</li>
</ul>
<h2>sdk/azidentity/v1.6.0-beta.3</h2>
<h2>1.6.0-beta.3 (2024-04-09)</h2>
<h3>Breaking Changes</h3>
<ul>
<li><code>DefaultAzureCredential</code> now sends a probe request with
no retries for IMDS managed identity
environments to avoid excessive retry delays when the IMDS endpoint is
not available. This
should improve credential chain resolution for local development
scenarios.</li>
</ul>
<h3>Bugs Fixed</h3>
<ul>
<li><code>ManagedIdentityCredential</code> now specifies resource IDs
correctly for Azure Container Instances</li>
</ul>
<h2>sdk/azidentity/v1.5.2</h2>
<h2>1.5.2 (2024-04-09)</h2>
<h3>Bugs Fixed</h3>
<ul>
<li><code>ManagedIdentityCredential</code> now specifies resource IDs
correctly for Azure Container Instances</li>
</ul>
<h3>Other Changes</h3>
<ul>
<li>Restored v1.4.0 error behavior for empty tenant IDs</li>
<li>Upgraded dependencies</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="36f766d2fe"><code>36f766d</code></a>
add sdk/resourcemanager/cosmos/armcosmos live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20705">#20705</a>)</li>
<li><a
href="c005ed6159"><code>c005ed6</code></a>
sdk/resourcemanager/network/armnetwork live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20331">#20331</a>)</li>
<li><a
href="5fa7df4852"><code>5fa7df4</code></a>
add sdk/resourcemanager/compute/armcompute live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20048">#20048</a>)</li>
<li><a
href="0d22aeddaa"><code>0d22aed</code></a>
add sdk/resourcemanager/eventhub/armeventhub live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20686">#20686</a>)</li>
<li><a
href="2a8d96d355"><code>2a8d96d</code></a>
add sdk/resourcemanager/postgresql/armpostgresql live test (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20685">#20685</a>)</li>
<li><a
href="b2cddab175"><code>b2cddab</code></a>
[Release] sdk/resourcemanager/paloaltonetworksngfw/armpanngfw/0.1.0 (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20437">#20437</a>)</li>
<li><a
href="ed7f3c719e"><code>ed7f3c7</code></a>
Fix azidentity troubleshooting guide link (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20736">#20736</a>)</li>
<li><a
href="6dfd0cbd7c"><code>6dfd0cb</code></a>
[azeventhubs] Fixing checkpoint store race condition (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20727">#20727</a>)</li>
<li><a
href="745d967e27"><code>745d967</code></a>
pass along the artifact name so we can override it later (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20732">#20732</a>)</li>
<li><a
href="20b4dd8c3e"><code>20b4dd8</code></a>
Update changelog with latest features (<a
href="https://redirect.github.com/Azure/azure-sdk-for-go/issues/20730">#20730</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/Azure/azure-sdk-for-go/compare/sdk/internal/v1.5.1...sdk/azcore/v1.6.0">compare
view</a></li>
</ul>
</details>
<br />
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts page](https://github.com/pulumi/pulumi/network/alerts).
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Justin Van Patten <jvp@justinvp.com>
# Description
Fixes https://github.com/pulumi/pulumi/issues/16309
During `pulumi new` we query the language runtime using the new
`RuntimeOptionsPrompts` RPC call to get additional prompts to ask the
user.
<img width="900" alt="Screenshot 2024-06-07 at 14 28 58"
src="https://github.com/pulumi/pulumi/assets/387068/e68ef702-978b-47f7-9d4b-afdf10409ed8">
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!-- av pr metadata
This information is embedded by the av CLI when creating PRs to track
the status of stacks when using Aviator. Please do not delete or edit
this section of the PR.
```
{"parent":"master","parentHead":"","trunk":"master"}
```
-->
---------
Co-authored-by: Will Jones <will@sacharissa.co.uk>
Co-authored-by: Thomas Gummerer <t.gummerer@gmail.com>
Presently, the Python SDK incorrectly emits deprecation warnings for
properties even if user code does not reference them. This is due to
various pieces of code in the SDK that enumerate properties e.g. for the
purpose of serialisation/RPC calls. In enumerating properties, their
getters are invoked, triggering the deprecation warnings.
There isn't currently a way for us to detect which properties may or may
not be deprecated and handle them appropriately, so this commit
introduces one. Deprecation messages are moved into a new decorator,
`@pulumi.deprecated`. This decorator accepts a `Callable` and wraps it,
making two changes:
* Before the decorated `Callable`'s execution, deprecation messages are
printed.
* The returned `Callable` is tagged with a new reserved property,
`_pulumi_deprecated_callable`, which references the wrapped `Callable`
(that is, the original `Callable` whose invocation will _not_ produce
deprecation warnings).
With this in place, we subsequently make the following two changes:
* We modify the SDK enumeration code (specifically that in
`input_type_to_dict` to check for `_pulumi_deprecated_callable`
properties and use them where appropriate to invoke getters without
triggering deprecation warnings.
* We modify Python code generation so that instead of emitting
statements to print deprecation warnings, we simply emit applications of
the `@pulumi.deprecated` decorator instead.
This commit adds some Python unit tests to exercise the decorator and
manual testing has been performed using the AWS Classic SDK.
Fixes#15894
The python policy plugin argument parsing was very brittle and would
fail when passed extra flags such as `--tracing <file>` or
`--logtostderr`. We now properly parse these standard plugin falgs (see
plugin#buildPluginArguments). Note that the flags are currently not
being used by the policy plugins.
Nodejs does not suffer from the same issue because we are already using
`minimist` to parse the arguments.
Fixes https://github.com/pulumi/pulumi/issues/11092
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
This PR adds an optional `opts` argument to the NodeJS SDK
`Workspace::removeStack` method, which has `force` and `preserveConfig`
optional booleans. Setting these bools to true will add their
corresponding CLI flag to the command.
Fixes#16332
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [x] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
Many of our tests test JavaScript/TypeScript behaviour and thus rely on
`package.json` files specifying dependencies and `package-lock.json`
files pinning those dependencies. While the dependencies we use in our
tests are minimal and their bounds haven't changed (nor maybe have much
reason to change), the transitive dependency set is potentially large
and worth keeping up-to-date (e.g. for security reasons, or just keeping
Dependabot happy). This commit thus regenerates all the
`package-lock.json` files associated with tests that Dependabot has
previously recommended we bump.
* Closes#13478
* Closes#13473
* Closes#13472
* Closes#13471
* Closes#13470
* Closes#13469
* Closes#13468
* Closes#13467
* Closes#13424
* Closes#13419
* Closes#13418
* Closes#13414
* Closes#13412
* Closes#13411
* Closes#13408
For transforms, we want to make sure all resources are registered before
registering them, and that no resource registration happens while the
transform is being registered in the engine.
The latter is already given, since `register_stack_transform` happens
synchronously, so no new RegisterResource calls can be started while the
transforms are registered.
For the former, we can make use of the event loop. Since all of the rpc
calls are being put on the event loop, we can make sure to wait for them
to finish before re start registering the transforms. Note that we can't
just wait for all tasks to finish because there might be more than RPCs
in flight. However when the RPCs finished we can be certain that the
resources are registered in the engine, and registering the stack
transforms is now a valid operation.
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
Adds a conformance test for an explicit provider resource.
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
This is the first part of paramaterized providers in the engine. This
only supports "replacement" packages, that is where we fully replace a
providers package with a new package (think how dynamic tfbridge will
work, vs how crd2pulumi will work).
I've made the decision to _not_ support using parameterised providers by
sending the parameter in the RegisterResource request. This will
necessitate some different work in how we send the parameter for
explicit providers compared to version and pluginDownloadURL, but I
think it's worth it going forward.
No changelog as this is still basically unusable without codegen support
done, and should still be considered primarily for internal experimental
use for now.
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [x] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
# Description
To correctly determine which python executable we are using, we need the
ProgramInfo so we can determine which virtual environment is in use.
This PR updates the `About` rpc call to take `ProgramInfo` as argument.
Fixes https://github.com/pulumi/pulumi/issues/16299
Ref https://github.com/pulumi/pulumi/issues/15937
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
Adds Go/Nodejs/Python automation API support for pulumi stack ls --all.
Fixes: [#14226](https://github.com/pulumi/pulumi/issues/14226)
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
---------
Co-authored-by: Thomas Gummerer <t.gummerer@gmail.com>
# Description
This PR refactors the existing Python dependency installation and
command running code to use the `Toolchain` interface. This will make it
possible to swap out the default Pip based toolchain for a Poetry based
toolchain.
Fixes https://github.com/pulumi/pulumi/issues/16285
Ref https://github.com/pulumi/pulumi/issues/15937
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
Registering stack transforms is now non-experimental. This change
updates the function signatures in the Go, Node.js, and Python SDKs
along with associated types and comments.
Follow-up to #16080