We're seeing this error from esc
([issue](https://github.com/pulumi/esc/issues/401)) which is confusing
because it recommends `pulumi login` when using `esc login`.
Additionally, rerunning `pulumi login` (or `esc login`) as the message
suggests doesn't actually fix anything. I think a better error message
is to suggest fixing or deleting the invalid credentials file - open to
suggestions though
Testing:
```
❯ go run ./cmd/pulumi login
error: could not determine current cloud: failed to read Pulumi credentials file. Please fix or delete invalid credentials file: '/Users/sean/.pulumi/credentials.json': invalid character 'a' looking for beginning of value
exit status 255
```
Issue #10659 lists a number of extra linting checks that we could enable
in order to make our Go code more robust. This commit implements as many
as seem sensible:
* `durationcheck`, which checks for multiplication of `time.Duration`s,
which can lead to unexpected behaviour (e.g. `time.Second * time.Second`
is *not* one second)
* `goprintffuncname`, which checks that `Printf`-like functions are
appropriately suffixed with `f` to indicate as such
* `tenv`, which checks for `os.Setenv` in tests where `t.Setenv` is
generally a better solution
* `wastedassign`, which checks for assignments whose values are never
used (such as initial values before an `if` where both branches then
overwrite the value)
* `whitespace`, which checks for blank lines at the beginning and end of
blocks such as functions, `if`s, `for`s and so on.
This commit does *not* enable the following checks listed in #10659:
* `wrapcheck`, which insists that third-party library errors are always
`%w`rapped -- we have a lot of cases where we don't do this and it's
probably a bit more involved than "just wrap them" in terms of making
sure we don't break anything (maybe)
* `predeclared`, which checks for shadowing of existing Go identifiers
-- we use `old` and `new` a lot, especially in step generation, so this
is probably a slightly bigger clean-up/one we might want to opt out of
* `mnd` (magic number detection) -- we have a lot of failures on this
* `nilnil` -- we only have a couple of failures on this; these could
probably be handled with `//nolint` but for now I've opted not to take
this route.
This fix does not append new nodes when encountered but instead adds
them to the end after all nodes are processed.
I also took to opportunity to rename new to newNode to not shadow the
keyword. Suprising that go even allows this.
Fixes: #14860
This commit strengthens the validation of project templates supplied as
`.zip` archives, checking them for a `Pulumi.yaml` before copying the
contents.
Closes#14824
Co-authored-by: Derek Schaller <d_a_schaller@yahoo.com>
Part one of fixing https://github.com/pulumi/pulumi/issues/17217. This
disables and retries the plugin http request without GITUHB_TOKEN if we
get a 401 error.
This should help with cases where people have tokens that don't have
access to public resources. We'll see the 401 and retry without the
token set.
This doesn't fix the other part of #17217 to retry 403 error without the
token.
---------
Co-authored-by: Thomas Gummerer <t.gummerer@gmail.com>
Plugins are the core means by which Pulumi may be extended. Language
hosts, resource providers, analyzers, and converters, for instance, are
all kinds of plugin. Plugins are loaded by a plugin `Host`, which also
offers convenience methods for loading specific kinds of plugin such as
those mentioned above.
The `Provider` method on `Host` currently accepts a name and version.
This is not ideal, since there are several other parameters that may
affect the plugin to be loaded, as well as what operations may be run on
it when it is loaded:
* Custom download URLs and checksums may be desirable to control where a
plugin is retrieved from, and to verify a plugin's integrity.
* Parameterization means that while the `aws` provider is desired, it is
actually provided by a dynamically-bridging `terraform` plugin which is
to be supplied with a parameter such as
`{"name":"aws","version":"..."}`.
This PR begins reworking the `Host` interface so that its `Provider`
method accepts a more complete `PackageDescriptor`, consisting of a full
`PluginSpec` and an optional `Parameterization`. Presently this PR just
replicates existing call sites to use the new data structure -- if this
merges successfully then several of these call sites can likely be
cleaned up further by moving duplicated logic that handles things like
custom download URLs, etc. _into_ the newly capable `Provider`
implementation.
This commit adds the `goheader` rule to `golangci-lint` to enforce that
all our Go source code includes appropriate licence headers, fixing up
files that currently fail that check.
---------
Co-authored-by: Will Jones <will@sacharissa.co.uk>
Pulumi stores credentials in a `credentials.json`. If a non-atomic
operation that writes this file is interrupted, we may end up with a
zero-byte `credentials.json` file. Presently, this will create a
situation where the user has to manually remove the file before e.g.
`pulumi login` will work and retrieve new credentials again (see #11017
for an example). This commit changes this behaviour, spotting empty
credentials files and returning an empty set of credentials instead of
throwing an error.
Fixes#11017
When the user specifies a provider with a specific path in the
`Pulumi.yaml`, we later in the program assert that the path that was
passed in also matches with the path where we found the plugin. We do
this by using a string comparison, however that doesn't work if the path
the user passes is not clean, e.g. has a trailing slash, or has a double
slash, or some such.
Fix this by using `filepath.Clean` on the user supplied path, which
these things up.
I was also briefly wondering if this works properly if the user passes
in a path that is a symlink (it does), and wrote a test for that,
checking that behaviour.
Fixes https://github.com/pulumi/pulumi/issues/17130
This change switches back to using the stdlib's `os/user` to get the
current user. We originally used `os/user` but moved to a drop-in
replacement (https://github.com/tweekmonster/luser) in #5065 which
worked better without `cgo` at the time. However,
https://github.com/tweekmonster/luser no longer appears to be maintained
and the stdlib's `os/user` has a pure Go implementation (which doesn't
require `cgo`) which has improved since then, so we should be able to
switch back to it now.
Commits:
1. Update the *.go files
2. Result of running `make tidy`
Fixes#17123
Before this fix GetPluginInfo would error because stat on the expected
`pulumi-resource-exe` file would fail (because it didn't exist). This
fixes it to fallback to looking at the folder instead.
This moves GetCurrentCloudURL to the pkg workspace, and updates all
calls in pkg to use the interface method.
This allowed the writing of some unit test for GetCurrentCloudURL.
In preparation for moving `workspace.GetCurrentCloudURL` to the package
workspace we need to move `GetBackendConfigDefaultOrg` first.
(N.B. this also uses `workspace.GetPulumiConfig` which we also want to
move, but will take a bit longer)
Looking into writing some mocked tests for `state destroy` this env var
is touched on the login path and is currently not in our "env" system so
tricky to mock out. This is a small PR to just lift it into the env
system without worrying about plumbing the env instance all the way down
to where it's used (yet).
---------
Co-authored-by: Will Jones <will@sacharissa.co.uk>
The latest version of golangci-lint (1.60.3) flags a bunch of new issues
in our code base. This PR addresses part of them ahead of the upgrade.
* A dynamic string passed to printf style functions as first argument,
this can lead to bad `%` interpolations. The fix is typically to use
`"%s"` as first argument and pass the dynamic string as 2nd argument.
* Using `os.ModePerm` in tests instead of more restricted file
permissions. The fix is to use 0o600 for files, or 0o700 for
directories.
* Int conversion overflows. The fix has to be done case by case,
checking that no overflow can occur.
Adds the flag `--use-language-version-tools` to `pulumi install`. When
passed, and `pyenv` is installed, and a `.python-version` file is in the
project directory or any of its parent directories, Pulumi will install
the requested python version if it is not already installed.
`LanguageRuntime.InstallDependencies` now takes a struct
`InstallDependenciesRequest` as argument to make it easier to extend
this call with options.
See https://github.com/pulumi/pulumi-docker-containers/pull/232
---------
Co-authored-by: Thomas Gummerer <t.gummerer@gmail.com>
We don't need to search upwards for PolicyPack files, we already know
that there aren't any since we don't recurse into policy packs. The
directory traversal is plenty fast on Linux, however it is much slower
on Windows. Node modules often have fairly wide and deep directory
structures, so this can considerably slow down any Pulumi operation that
runs `GetRequiredPlugins`.
Fixes https://github.com/pulumi/pulumi/issues/16863
On an `was-typescript` example, we can see the impact with
`Measure-Command {start-process pulumi -argumentlist "about" -Wait}`,
which goes from 25 seconds to 2 seconds on an Azure Windows VM.
### Motivation
Pulumi plugin binaries can be downloaded by the CLI from multiple
sources. By default, it's downloaded from Pulumi's GitHub releases or
get.pulumi.com, but plugins can also specify their binary sources via
the `PluginDownloadURL` schema option. They can point to custom GitHub,
Gitlab, or HTTP locations.
Enterprise customers ask for a way to isolate the CLI from downloads
from random locations and to configure the CLI to go to their internal
pre-approved artefact location instead. This way, Pulumi can run in
"air-gapped" environments (which still have access to Cloud APIs, of
course).
Related issues:
- https://github.com/pulumi/pulumi/issues/14459
- https://github.com/pulumi/pulumi/issues/16240
Currently, there is a basic mechanism to do so via the variable
`pluginDownloadURLOverrides`, but it has two major limitations:
- The variable value is set via a compile-time flag, so it requires a
custom build of the CLI
- The overrides are based on the plugin name, so the rules must be
defined without access to the original URL, which makes it hard to
provide universal rules and still distinguish between first-party,
public third-party, or private in-house plugins
- We ignore overrides for all plugins that have `PluginDownloadURL` set
- Overrides can set a plugin replacement redirect only to HTTP(s)
addresses
### Proposal
This PR makes two sets of changes:
1. It allows passing overrides via the
`PULUMI_PLUGIN_DOWNLOAD_URL_OVERRIDES` environment variable. The
compile-time flag is still supported, but the env var takes priority.
More configuration levers could be supported, but it not clear if we
have good ones until [Support .pulumirc file for global
config](https://github.com/pulumi/pulumi/issues/13484) is implemented. I
don't expect users to want to set this via their stack configs, but I'm
curious what others think. In any case, more sources can be added later.
2. The overrides now apply based on the original download URL, not just
on plugin names. Actually, it's the base URL of a download source that
is passed to the regexp matcher. Examples of possible options are:
- `github://api.github.com/pulumi/pulumi-xyz` for a first-party plugin
(note that we don't pass `get.pulumi.com`
- `github://api.github.com/pulumiverse/pulumi-grafana` for a community
plugin that sets `PluginDownloadURL`
- `gitlab://gitlab-host/proj-name` for a community plugin hosted on
Gitlab
- `https://example.com/downloads/` for HTTP sources
So, the override
`^github://api.github.com/pulumi/pulumi-xyz=https://example.com/downloads/pulumi-xyz/`
will override the single provider URL from our GitHub releases to the
given HTTP location.
On top of that, regular expressions may contain name groups to capture
and use templated values. For example,
`^github://api.github.com/(?P<org>[^/]+)/(?P<repo>[^/]+)=https://example.com/downloads/${org}/${repo}`
captures any GitHub plugin and redirects it to its corresponding HTTP
location. Group indices are also supported: the above override can also
be written as
`^github://api.github.com/(?P<org>[^/]+)/(?P<repo>[^/]+)=https://example.com/downloads/$1/$2`,
with `$0` meaning the full match.
The override URLs have the same semantics as `PluginDownloadURL`, so
they can point to GitHub, Gitlab, HTTP, or anything we introduce in the
future.
### Impact
Technically, this is a breaking change, because name-based overrides
will stop working. However, we are fairly certain that we have a single
customer using the existing compile-time approach, and they indicated
that they don't need the name-based overrides if they have URL-based
overrides. I reviewed this PR with them and made sure they can migrate
immediately after the change is released.
Backwards compatibility is slightly tricky, because we'd need to keep
name-based override _and_ not applying them to third-party plugins. But
we can do it if necessary.
Resolve#16240
https://github.com/pulumi/pulumi/pull/16346 introduced the capability to
query the language runtime for additional prompts. We use this to let
the user pick a package manager among npm, yarn and pnpm during `pulumi
new` when using the nodejs runtime.
When there is no explicitly configured package manager, we re-use the
previous behaviour for determining the package manager (check
`PULUMI_PREFER_YARN` env variable, look for lock files).
Defaults to `npm` when running `new` in non-interactive mode.
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
- Add new deployment settings pull command: this command will pull the
deployment settings from pulumi cloud and generate the new deployment
file. For now it will be hidden until we have completed the whole
feature.
- Add support for the new deployment file, this will contain all the
deployment related information (for now just the settings), example:
```
settings:
-executorContext: {}
sourceContext:
git:
branch: main
repoDir: .
gitHub:
repository: glena/test-action
deployCommits: true
previewPullRequests: false
operationContext:
preRunCommands: []
operation: ""
environmentVariables: {}
options:
skipInstallDependencies: false
skipIntermediateDeployments: true
shell: ""
deleteAfterDestroy: false
remediateIfDriftDetected: false
agentPoolID: ...
```
Fixes https://github.com/pulumi/pulumi-service/issues/20306
## Checklist
- [ ] I have run `make tidy` to update any new dependencies
- [ ] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
---------
Co-authored-by: Komal <komal@pulumi.com>
Co-authored-by: Will Jones <will@sacharissa.co.uk>
# Description
When trying to install a plugin of type `tool` from GitHub, the Pulumi
convention is to have these plugins available in repositories named
`pulumi-tool-<name>` so that we can install them via the CLI as follows:
```
pulumi plugin install tool <name>
```
However, today this fails because we don't prefix the repository name
correctly with `"pulumi-tool-"`. This PR fixes that. Tested against
[Zaid-Ajaj/pulumi-tool-importer](https://github.com/Zaid-Ajaj/pulumi-tool-importer)
Also removes hardcoded plugin download URL for known converter plugins
of mine. These are moved to the `pulumi` organisation and no longer
require a separate URL.
## Checklist
- [ ] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
This PR improves the error messages produced during project schema
validation so that, where possible, we suggest valid attribute names
that the user may have meant to type. For instance, if they provide a
"Name" attribute where we wanted "name" (lowercase "n"), we'll now say
so. Where there is not a close match, we'll enumerate the full list of
valid names to try and guide the user.
Matching is implemented using Levenshtein distances and ignores case.
Some examples of the new functionality:
* `{"Name": ...}` yields `project is missing a 'name' attribute; found
'Name' instead`
* `{..., "rutnime": ...}` yields `project is missing a 'runtime'
attribute; found 'rutnime' instead`
* `{..., "template": {"displayNameDisplayName": ...}, ...}` yields
`'displayNameDisplayName' not allowed; the allowed attributes are
'config', 'description', 'displayName', 'important', 'metadata' and
'quickstart'`
Co-authored-by: Will Jones <will@sacharissa.co.uk>
# Description
This PR refactors the existing Python dependency installation and
command running code to use the `Toolchain` interface. This will make it
possible to swap out the default Pip based toolchain for a Poetry based
toolchain.
Fixes https://github.com/pulumi/pulumi/issues/16285
Ref https://github.com/pulumi/pulumi/issues/15937
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
Overriding plugin download URLs with compilation flags was originally
added in #8798. Its intent was allowing our customers to override
download locations for all plugins, so that only trusted pre-approved
plugins could be downloaded.
Since then, we've added `PluginDownloadURL` for a package, which is the
default URL for that package's binary if it's shipped outside our Pulumi
org. Currently, `PluginDownloadURL` takes precedence over
`pluginDownloadURLOverrides`, which means it's impossible to override
third-party package binary locations.
This PR changes plugin source resolution to flip the priority of those
two. If an override matches regex, its URL will take priority over the
default `PluginDownloadURL` specified in the package.
I have added tests to verify `pluginDownloadURLOverrides` with and
without `PluginDownloadURL`. The second one fails before my change.
Resolves#16058
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [x] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
This PR moves PluginKind to apitype to prevent circular dependencies
when adding apitype as a dependency of the workspace module.
It also re-exports PluginKind to keep backward compatibility
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [x] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
`mergeConfig` uses `Crypter.Encrypt` that needs a context and was using
`context.TODO()`. This lifts that to a context parameter and fixes up
all call sites.
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
https://github.com/pulumi/pulumi/pull/15160 tries to fix
https://github.com/pulumi/pulumi/issues/15159 by checking that user is
nil or user.HomeDir is nil. Given github.com/tweekmonster/luser embeds
the builtin Golang User type as pointer, it still possible that
user.User is nil and calling user.HomeDir causes a nil pointer access.
this PR checks the embedded pointer explicitly
Fixes https://github.com/pulumi/pulumi/issues/15159
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
Fixes#15150
## Checklist
- [ ] I have run `make tidy` to update any new dependencies
- [ ] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [X] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
Mostly for providers to experiment with, currently hidden behind
"PULUMI_DEV".
# Description
If project settings are not valid `contract.Requiref(proj.Validate() ==
nil, "proj", "Validate()")` just returns `Validate()` which makes it
difficult to debug why the call to `proj.Validate()` failed. This change
captures the error returned by `proj.Validate()` and includes that as
part of the message.
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
---------
Co-authored-by: Fraser Waters <frassle@gmail.com>
# Description
I had a question about how to configure the Go Automation SDK to use
Pulumi Cloud as a backend. This adds documentation to make things easier
for the next person with the same question by clarifying what values to
use in different situations.
## Checklist
Doc change only.
- [ ] I have run `make tidy` to update any new dependencies
- [ ] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
We are using our terminal in raw mode, which means we're not getting CRs
automatically added. Add one after a progress bar has finished to
improve the output slightly.
The final output after this looks like:
```
$ pulumi preview
Please choose a stack, or create a new one: dev
Previewing update (dev):
Downloading plugin: 18.39 MiB / 18.39 MiB [========================] 100.00% 15s
[resource plugin docker-3.6.1] installing
Downloading plugin: 20.19 MiB / 20.19 MiB [========================] 100.00% 15s
[resource plugin awsx-1.0.5] installing
Downloading plugin: 164.18 MiB / 164.18 MiB [======================] 100.00% 32s
[resource plugin aws-5.42.0] installing
[...]
```
Which seems slightly better, but not a huge improvement, and the
progress bar is unfortunately also still jumpy. I'll write down the rest
of my learnings here in https://github.com/pulumi/pulumi/issues/14250.
I'm not entirely sure it's even worth merging this, but I'm putting this
up as a PR for further discussion and to show where the investigation
led.
Turn on the golangci-lint exhaustive linter. This is the first step
towards catching more missing cases during development rather than
in tests, or in production.
This might be best reviewed commit-by-commit, as the first commit turns
on the linter with the `default-signifies-exhaustive: true` option set,
which requires a lot less changes in the current codebase.
I think it's probably worth doing the second commit as well, as that
will get us the real benefits, even though we end up with a little bit
more churn. However it means all the `switch` statements are covered,
which isn't the case after the first commit, since we do have a lot of
`default` statements that just call `assert.Fail`.
Fixes#14601
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
Fixes https://github.com/pulumi/pulumi/issues/15159.
`user.Current()` can potentially return nil in cases where the user
lookup fails, further there's a chance that `HomeDir` might be empty
even if a user is found. This makes both of these cases an error,
preventing a panic in the former and preventing trying to use
"/.pulumi/" in the later.
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
Now that we support .zip archive sources for Pulumi New, we have all of
the API surface we need to provide a full Pulumi New experience using
Pulumi AI. This PR introduces a few modes of interacting with Pulumi AI
to generate Pulumi projects.
- The default `pulumi new` experience now begins with a choice between
`ai` and `template` modes - the `template` mode represents the current
state of running `pulumi new`, while `ai` provides an interactive
experience with Pulumi AI.
- The user can iteratively ask questions to improve or change the
resulting program - each time a prompt is completed, they are asked to
`refine`, `no`, or `yes` their session - `refine` allows a follow-on
prompt to be submitted. `no` ends the session without generating a
pulumi project, and `yes` generates a Pulumi project from the most
recent program returned by Pulumi AI.
- Additionally, top-level flags, `--ai` and `--language` are provided to
fill in default values for the AI mode. When a prompt is provided with a
language, it is automatically submitted to Pulumi AI - if either is
missing, the user is prompted for whichever value is missing.
Fixes https://github.com/pulumi/pulumi.ai/issues/441
Fixes https://github.com/pulumi/pulumi.ai/issues/443
Fixes https://github.com/pulumi/pulumi.ai/issues/444
Depends on https://github.com/pulumi/pulumi.ai/pull/472
Depends on https://github.com/pulumi/pulumi.ai/pull/507
Depends on https://github.com/pulumi/pulumi.ai/pull/508
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [x] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
---------
Co-authored-by: Aaron Friel <mayreply@aaronfriel.com>
Combination of a few cleanups.
1. Don't call .Error() on errors that are being passed to "%s" format
functions. Format will call `Error()` itself.
2. Don't call assert.Error then assert.Equal/Contains, just use
assert.ErrorEqual/ErrorContains instead.
3. Use "%w" if appropriate, instead of "%v"/"%s".
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
Adds a `pulumi config env ls` command to list the environments imported
into the stack configuration.
Fixes#14774
## Checklist
- [ ] I have run `make tidy` to update any new dependencies
- [ ] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
Prompted by a comment in another review:
https://github.com/pulumi/pulumi/pull/14654#discussion_r1419995945
This lints that we don't use `fmt.Errorf` when `errors.New` will
suffice, it also covers a load of other cases where `Sprintf` is
sub-optimal.
Most of these edits were made by running `perfsprint --fix`.
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [ ] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
This is a pass over all of /sdk to replace asserts that just checked we
had an error with asserts for what the error value is.
Just checking for an error is a weak test that can result in error paths
being broken and tests not detecting it.
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
Fixes https://github.com/pulumi/pulumi/issues/14680.
Updated the plugin logic (which we still use when no explict version is
given) to prefer selecting a stable version over a pre-release version
when no explict requested version is given.
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [x] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
This isn't currently getting picked up by the linter because it's behind
a build tag and the linter doesn't run with those set.
It _should_ because it turns out loads of test files aren't being linted
right now, but there's quite a few fixes that need to happen so linting
doesn't then fail, so this is just one step towards that.
These changes add two commands for managing a stack's environments:
- `pulumi config env add`, which adds environments to a stack's import
list
- `pulumi config env rm`, which removes an environment from a stack's
import list
As implied by their paths, these commands hang off of a new sub-command
of `pulumi config`, `pulumi config env`.
From the usage:
* `pulumi config env add`
Adds environments to the end of a stack's import list. Imported
environments are merged in order per the ESC merge rules. The list of
stacks behaves as if it were the import list in an anonymous
environment.
* `pulumi config env rm`
Removes an environment from a stack's import list.
Each of these commands previews the new stack environment and shows the
environment definition. These commands print a warning if the stack's
environment does not define any of the `environmentVariables`, `files`,
or `pulumiConfig` properties.
These changes include any configuration values sourced from a stack's
ESC environment to the output of `pulumi config`.
These changes also add an `ENVIRONMENT` block to the output of `pulumi
config` for stacks that reference environments. This block shows the
definition of the stack's environment.
Finally, these changes add a warning to `pulumi config` if the stack's
ESC environment does not define any of the `environmentVariables`,
`files`, or `pulumiConfig` properties.