pulumi/.github/workflows/release.yml

name: Release Actions

permissions:
  # To create a PR
  contents: write
  pull-requests: write

on:
  workflow_call:
    inputs:
      ref:
        required: true
        description: "GitHub ref to use"
        type: string
      version:
        required: true
        description: "Version to produce"
        type: string
      branch_from_ref:
        required: false
        description: "Commit to branch from, if not the tag"
        type: string
      next-version:
        required: true
        description: "Version to bump files to"
        type: string
      release-notes:
        required: true
        description: "Release notes to publish"
        type: string
      queue-merge:
        required: false
        default: false
        description: "Whether to queue the release for immediate merge"
        type: boolean

env:
  PULUMI_VERSION: ${{ inputs.version }}
  GITHUB_REF: ${{ inputs.ref }}
  GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_PROD_ACCESS_TOKEN }}
  PULUMI_TEST_OWNER: "moolumi"
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }}

jobs:
  sdks:
    name: ${{ matrix.language }}
    runs-on: ubuntu-latest
    strategy:
      fail-fast: false
      matrix:
        go-version: [1.17.x]
        python-version: [3.9.x]
        dotnet-version: [6.0.x]
        node-version: [14.x]
        language: ["nodejs", "python", "dotnet", "go"]
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v3
        with:
          ref: ${{ inputs.ref }}
      - name: Set up Python ${{ matrix.python-version }}
        if: matrix.language == 'python'
        uses: actions/setup-python@v3
        with:
          python-version: ${{ matrix.python-version }}
          cache-dependency-path: sdk/python/requirements.txt
      - name: Install Python deps
        if: matrix.language == 'python'
        run: |
          python -m pip install --upgrade pip requests wheel urllib3 chardet twine          
      - name: Set up DotNet ${{ matrix.dotnet-version }}
        if: matrix.language == 'dotnet'
        uses: actions/setup-dotnet@v1
        with:
          dotnet-version: ${{ matrix.dotnet-version }}
      - name: Set up Node ${{ matrix.node-version }}
        if: matrix.language == 'nodejs'
        uses: actions/setup-node@v3
        with:
          node-version: ${{ matrix.node-version }}
          registry-url: https://registry.npmjs.org
          always-auth: true
      - name: Download release artifacts
        if: matrix.language != 'go'
        run: |
          mkdir -p artifacts
          gh release download "v${PULUMI_VERSION}" --dir ./artifacts --pattern 'sdk-${{ matrix.language }}-*'
          find artifacts          
      - name: Publish Packages
        run: |
          make -C sdk/${{ matrix.language}} publish          

  s3-blobs:
    name: s3 blobs
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v3
        with:
          ref: ${{ inputs.ref }}
      - name: Download release artifacts
        run: |
          mkdir -p artifacts
          gh release download "v${PULUMI_VERSION}" --dir ./artifacts --pattern 'pulumi-*'
          find artifacts          
      - name: Publish Blobs
        run: |
          aws s3 sync artifacts s3://get.pulumi.com/releases/sdk          

  pr:
    # Relies on the Go SDK being published to update pkg
    name: PR
    needs: [sdks]
    uses: ./.github/workflows/release-pr.yml
    permissions:
      contents: write
      pull-requests: write
    with:
      ref: ${{ inputs.ref }}
      version: ${{ inputs.version }}
      next-version: ${{ inputs.next-version }}
      release-notes: ${{ inputs.release-notes }}
      queue-merge: false
    secrets: inherit

  dispatch:
    name: ${{ matrix.job.name }}
    runs-on: ubuntu-latest
    needs: [pr]
    strategy:
      fail-fast: false
      matrix:
        job:
          - name: Templates Smoke Test
            run-command: pulumictl dispatch -r pulumi/templates -c trigger-cron "${PULUMI_VERSION}"
          - name: Update Templates Version
            run-command: pulumictl dispatch -r pulumi/templates -c update-templates "${PULUMI_VERSION}"
          - name: Examples Templates Version
            run-command: pulumictl dispatch -r pulumi/examples -c smoke-test-cli "${PULUMI_VERSION}"
          - name: Chocolatey Update
            run-command: pulumictl create choco-deploy "${PULUMI_VERSION}"
          - name: Winget Update
            run-command: pulumictl winget-deploy
          - name: Build Package Docs
            run-command: pulumictl create cli-docs-build "${PULUMI_VERSION}"
          - name: Homebrew
            run-command: pulumictl create homebrew-bump "${PULUMI_VERSION}" "$(git rev-parse HEAD)"
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v3
        with:
          ref: ${{ inputs.ref }}
      - name: Install Pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.7.1
        with:
          repo: pulumi/pulumictl
          tag: v0.0.32
          cache: enable
      - name: Repository Dispatch
        run: ${{ matrix.job.run-command }}