mirrors
/
pulumi
mirror of https://github.com/pulumi/pulumi.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
pulumi/.github/workflows/prerelease.yml

385 lines
14 KiB
YAML
Raw Permalink Blame History

on:
push:
tags:
- v*.*.*-**
paths-ignore:
- "CHANGELOG.md"
- "CHANGELOG_PENDING.md"
- "README.md"
env:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_PROD_ACCESS_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PULUMI_TEST_OWNER: "moolumi"
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
TRAVIS_PUBLISH_PACKAGES: true
IS_PRERELEASE: true
PYTHON: python
DOTNET_CLI_TELEMETRY_OPTOUT: "true"
jobs:
publish-sdks:
name: Publish SDKs
runs-on: ubuntu-latest
needs: publish-binaries
strategy:
matrix:
go-version: [1.17.x]
python-version: [3.9.x]
dotnet-version: [3.1.x]
node-version: [14.x]
language: ["nodejs", "python", "dotnet"]
steps:
- name: Checkout Repo
uses: actions/checkout@v2
- name: Set up Go ${{ matrix.go-version }}
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
check-latest: true
- id: go-cache-paths
run: |
echo "::set-output name=go-build::$(go env GOCACHE)"
echo "::set-output name=go-mod::$(go env GOMODCACHE)"
- name: Go Cache
uses: actions/cache@v2
id: go-cache
if: ${{ runner.os != 'Windows' }} # Note [Windows Go Cache] in build.yml
with:
path: |
${{ steps.go-cache-paths.outputs.go-build }}
${{ steps.go-cache-paths.outputs.go-mod }}
key: ${{ runner.os }}-go-cache-${{ hashFiles('*/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v3
with:
python-version: ${{ matrix.python-version }}
cache: pip
cache-dependency-path: sdk/python/requirements.txt
- name: Set up DotNet ${{ matrix.dotnet-version }}
uses: actions/setup-dotnet@v1
with:
dotnet-version: ${{ matrix.dotnet-version }}
- name: Set up Node ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
cache: yarn
cache-dependency-path: sdk/nodejs/package.json
registry-url: https://registry.npmjs.org
always-auth: true
- name: Install Python deps
run: |
python -m pip install --upgrade pip requests wheel urllib3 chardet twine
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@v1.3.1
with:
repo: pulumi/pulumictl
- name: Fetch Tags
run: |
git fetch --quiet --prune --unshallow --tags
- name: Update path
run: |
echo "${{ runner.temp }}/opt/pulumi/bin" >> $GITHUB_PATH
- name: Set Go Dep path
run: |
echo "PULUMI_GO_DEP_ROOT=$(dirname $(pwd))" >> $GITHUB_ENV
- name: Ensure
run: |
make ensure
- name: Publish Packages
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
run: |
make -C sdk/${{ matrix.language}} publish
publish-binaries:
name: Publish Binaries
runs-on: macos-latest
needs: [lint, build, test-linux, test-macos, test-windows]
strategy:
matrix:
go-version: [1.17.x]
steps:
- name: Set up Go ${{ matrix.go-version }}
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
check-latest: true
- id: go-cache-paths
run: |
echo "::set-output name=go-build::$(go env GOCACHE)"
echo "::set-output name=go-mod::$(go env GOMODCACHE)"
- name: Go Cache
uses: actions/cache@v2
id: go-cache
if: ${{ runner.os != 'Windows' }} # Note [Windows Go Cache] in build.yml
with:
path: |
${{ steps.go-cache-paths.outputs.go-build }}
${{ steps.go-cache-paths.outputs.go-mod }}
key: ${{ runner.os }}-go-cache-${{ hashFiles('*/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Checkout Repo
uses: actions/checkout@v2
- name: Fetch Tags
run: |
git fetch --quiet --prune --unshallow --tags
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@v1.3.1
with:
repo: pulumi/pulumictl
- name: Install goreleaser-filter
uses: jaxxstorm/action-install-gh-release@v1.2.0
with:
repo: t0yv0/goreleaser-filter
- name: Download pulumi-linux-x64
uses: actions/download-artifact@v2
with:
name: pulumi-linux-x64
path: goreleaser-downloads
- name: Download pulumi-linux-arm64
uses: actions/download-artifact@v2
with:
name: pulumi-linux-arm64
path: goreleaser-downloads
- name: Download pulumi-darwin-x64
uses: actions/download-artifact@v2
with:
name: pulumi-darwin-x64
path: goreleaser-downloads
- name: Download pulumi-darwin-arm64
uses: actions/download-artifact@v2
with:
name: pulumi-darwin-arm64
path: goreleaser-downloads
- name: Download pulumi-windows-x64
uses: actions/download-artifact@v2
with:
name: pulumi-windows-x64
path: goreleaser-downloads
- name: Inspect goreleaser-downloads
run: |
find goreleaser-downloads
- name: Unpack goreleaser-downloads
run: |
./scripts/unpack.sh
- name: Inspect goreleaser-prebuilt
run: |
find goreleaser-prebuilt
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 3600
role-external-id: upload-pulumi-release
role-session-name: pulumi@githubActions
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
- name: Set PreRelease Version
run: echo "GORELEASER_CURRENT_TAG=v$(pulumictl get version --language generic -o)" >> $GITHUB_ENV
- name: Download pulumi-windows-checksums
uses: actions/download-artifact@v2
with:
name: pulumi-windows-checksums
path: artifacts/checksums/windows
- name: Download pulumi-linux-checksums
uses: actions/download-artifact@v2
with:
name: pulumi-linux-checksums
path: artifacts/checksums/linux
- name: Download pulumi-darwin-checksums
uses: actions/download-artifact@v2
with:
name: pulumi-darwin-checksums
path: artifacts/checksums/darwin
- name: Filter goreleaser config for pre-release check
run: |
cat .goreleaser.prerelease.yml | goreleaser-filter -no-blobs > /tmp/.goreleaser.current.yml
- name: Run GoReleaser to verify tarball checksums
uses: goreleaser/goreleaser-action@v2
with:
version: latest
args: -p 3 -f /tmp/.goreleaser.current.yml --skip-publish --skip-announce --skip-validate --rm-dist --release-notes=CHANGELOG_PENDING.md
- name: Verify checksums
run: |
C=artifacts/checksums/pulumi-tested-checksums.txt
echo "Tested tarballs with the following checksums:"
cat artifacts/checksums/*/* | sort | tee $C
echo "Released tarballs with the following checksums:"
sort goreleaser/*-checksums.txt
echo "Checking that tested and released checksums are identical:"
diff <(sort goreleaser/*-checksums.txt) $C
- name: Run GoReleaser to actually release
uses: goreleaser/goreleaser-action@v2
with:
version: latest
args: -p 3 -f .goreleaser.prerelease.yml --rm-dist
- name: Verify checksums again
run: |
C=artifacts/checksums/pulumi-tested-checksums-2.txt
echo "Tested tarballs with the following checksums:"
cat artifacts/checksums/*/* | sort | tee $C
echo "Released tarballs with the following checksums:"
sort goreleaser/*-checksums.txt
echo "Checking that tested and released checksums are identical:"
diff <(sort goreleaser/*-checksums.txt) $C
lint:
# See https://github.com/pulumi/pulumi/issues/9280 for why this is set to v1.44
container: golangci/golangci-lint:v1.44
name: Lint ${{ matrix.directory }}
strategy:
matrix:
directory: [sdk, pkg, tests]
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v2
- name: Lint ${{ matrix.directory }}
run: |
cd ${{ matrix.directory }} && golangci-lint run -c ../.golangci.yml
language-sdk-lint:
name: Lint Language SDKs
strategy:
matrix:
go-version: [1.17.x]
python-version: [3.9.x]
dotnet-version: [3.1.x]
node-version: [14.x]
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v2
- name: Set up Go ${{ matrix.go-version }}
uses: actions/setup-go@v2
with:
go-version: ${{ matrix.go-version }}
check-latest: true
- id: go-cache-paths
run: |
echo "::set-output name=go-build::$(go env GOCACHE)"
echo "::set-output name=go-mod::$(go env GOMODCACHE)"
- name: Go Cache
uses: actions/cache@v2
id: go-cache
if: ${{ runner.os != 'Windows' }} # Note [Windows Go Cache] in build.yml
with:
path: |
${{ steps.go-cache-paths.outputs.go-build }}
${{ steps.go-cache-paths.outputs.go-mod }}
key: ${{ runner.os }}-go-cache-${{ hashFiles('*/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v3
with:
python-version: ${{ matrix.python-version }}
cache: pip
cache-dependency-path: sdk/python/requirements.txt
- name: Set up DotNet ${{ matrix.dotnet-version }}
uses: actions/setup-dotnet@v1
with:
dotnet-version: ${{ matrix.dotnet-version }}
- run: mkdir -p ${{ runner.temp }}/opt/pulumi/nuget
- name: Add NuGet packages as a local NuGet source
run: |
echo $(which dotnet)
echo $(dotnet --version)
dotnet nuget add source ${{ runner.temp }}/opt/pulumi/nuget
- name: Set up Node ${{ matrix.node-version }}
uses: actions/setup-node@v2
with:
node-version: ${{ matrix.node-version }}
cache: yarn
cache-dependency-path: sdk/nodejs/package.json
- name: Install Python deps
run: |
python -m pip install --upgrade pip requests wheel urllib3 chardet
- name: Setup git
run: |
git config --global user.email "you@example.com"
git config --global user.name "Your Name"
- name: Update path
run: |
echo "${{ runner.temp }}/opt/pulumi/bin" >> $GITHUB_PATH
- name: Fetch Tags
run: |
git fetch --quiet --prune --unshallow --tags
- name: Set Go Dep path
run: |
echo "PULUMI_GO_DEP_ROOT=$(dirname $(pwd))" >> $GITHUB_ENV
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@v1.3.1
with:
repo: pulumi/pulumictl
- name: Ensure
run: |
make ensure
- name: Lint Node
run: |
cd sdk/nodejs && make lint
- name: Lint Python
run: |
cd sdk/python && make lint
- name: Lint .NET
run: |
cd sdk/dotnet && make lint
build:
name: Build
uses: pulumi/pulumi/.github/workflows/build.yml@master
with:
# Cross-compiling from ubuntu-latest is faster but the artifact
# checksums will not match what publish-binaries expects.
default-build-platform: macos-latest
enable-coverage: false
goreleaser-config: '.goreleaser.prerelease.yml'
goreleaser-flags: '-p 3 --skip-publish --skip-announce --skip-validate'
test-linux:
name: Test Linux
needs: build
uses: pulumi/pulumi/.github/workflows/test-fast.yml@master
with:
enable-coverage: false
platform: ubuntu-latest
secrets:
pulumi-access-token: ${{ secrets.PULUMI_PROD_ACCESS_TOKEN }}
test-macos:
name: Test MacOS
needs: build
uses: pulumi/pulumi/.github/workflows/test-fast.yml@master
with:
enable-coverage: false
platform: macos-latest
secrets:
pulumi-access-token: ${{ secrets.PULUMI_PROD_ACCESS_TOKEN }}
test-windows:
name: Test Windows
needs: build
uses: pulumi/pulumi/.github/workflows/test-fast.yml@master
with:
enable-coverage: false
platform: windows-latest
secrets:
pulumi-access-token: ${{ secrets.PULUMI_PROD_ACCESS_TOKEN }}
dispatch-docker-containers-ci-build:
name: Dispatch Docker containers CI build
needs: [publish-binaries, publish-sdks]
runs-on: ubuntu-latest
steps:
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@v1.3.1
with:
repo: pulumi/pulumictl
- name: Checkout Repo
uses: actions/checkout@v2
- name: Fetch Tags
run: |
git fetch --quiet --prune --unshallow --tags
- name: Dispatch event
run: pulumictl dispatch -r pulumi/pulumi-docker-containers -c ci-build $(pulumictl get version --language generic -o)
Reference in New Issue View Git Blame Copy Permalink