-
Notifications
You must be signed in to change notification settings - Fork 7
131 lines (111 loc) · 4.48 KB
/
weekly-pulumi-update.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt
name: weekly-pulumi-update
on:
schedule:
- cron: 35 12 * * 4
workflow_dispatch: {}
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PROVIDER: kubernetes-cert-manager
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
TRAVIS_OS_NAME: linux
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
GOVERSION: 1.21.x
NODEVERSION: 20.x
PYTHONVERSION: "3.11"
DOTNETVERSION: |
6.0.x
3.1.301
JAVAVERSION: "11"
AWS_REGION: us-west-2
PULUMI_TEST_OWNER: moolumi
GOLANGCI_LINT_VERSION: v1.55.2
GOOGLE_CI_SERVICE_ACCOUNT_EMAIL: [email protected]
GOOGLE_CI_WORKLOAD_IDENTITY_POOL: pulumi-ci
GOOGLE_CI_WORKLOAD_IDENTITY_PROVIDER: pulumi-ci
GOOGLE_PROJECT_NUMBER: 637339343727
jobs:
weekly-pulumi-update:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v4
with:
lfs: true
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: ${{ env.GOVERSION }}
cache-dependency-path: "**/*.sum"
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/actions@v5
with:
pulumi-version-file: .pulumi.version
- name: Setup DotNet
uses: actions/setup-dotnet@v4
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Update Pulumi/Pulumi
id: gomod
run: >-
git config --local user.email '[email protected]'
git config --local user.name 'pulumi-bot'
git checkout -b update-pulumi/${{ github.run_id }}-${{ github.run_number }}
for MODFILE in $(find . -name go.mod); do pushd $(dirname $MODFILE); go get github.com/pulumi/pulumi/pkg/v3 github.com/pulumi/pulumi/sdk/v3; go mod tidy; popd; done
gh repo view pulumi/pulumi --json latestRelease --jq .latestRelease.tagName | sed 's/^v//' > .pulumi.version
git update-index -q --refresh
if ! git diff-files --quiet; then echo changes=1 >> "$GITHUB_OUTPUT"; fi
- name: Provider with Pulumi Upgrade
if: steps.gomod.outputs.changes != 0
run: >-
make codegen && make local_generate
git add sdk/nodejs
git commit -m "Regenerating Node.js SDK based on updated modules" || echo "ignore commit failure, may be empty"
git add sdk/python
git commit -m "Regenerating Python SDK based on updated modules" || echo "ignore commit failure, may be empty"
git add sdk/dotnet
git commit -m "Regenerating .NET SDK based on updated modules" || echo "ignore commit failure, may be empty"
git add sdk/go*
git commit -m "Regenerating Go SDK based on updated modules" || echo "ignore commit failure, may be empty"
git add sdk/java*
git commit -m "Regenerating Java SDK based on updated modules" || echo "ignore commit failure, may be empty"
git add .
git commit -m "Updated modules" || echo "ignore commit failure, may be empty"
git push origin update-pulumi/${{ github.run_id }}-${{ github.run_number }}
- name: Create PR
id: create-pr
if: steps.gomod.outputs.changes != 0
uses: repo-sync/[email protected]
with:
source_branch: update-pulumi/${{ github.run_id }}-${{ github.run_number }}
destination_branch: master
pr_title: Automated Pulumi/Pulumi upgrade
github_token: ${{ secrets.PULUMI_BOT_TOKEN }}
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
name: weekly-pulumi-update