Ensure requested ECS container resources are within Fargate limits (#… #871
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
env: | |
AWS_REGION: us-west-2 | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
LOCAL_PLAT: linux-amd64 | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }} | |
PROVIDER: awsx | |
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | |
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | |
PULUMI_API: https://api.pulumi-staging.io | |
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
PYPI_USERNAME: __token__ | |
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} | |
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget | |
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }} | |
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }} | |
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }} | |
VERSION_PREFIX: 1.0.0 | |
GOVERSION: "1.21.x" | |
DOTNETVERSION: "6.x" | |
PYTHONVERSION: "3.8" | |
NODEVERSION: "18.x" | |
JAVAVERSION: "11" | |
jobs: | |
lint: | |
name: lint | |
runs-on: ubuntu-latest | |
continue-on-error: true | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Checkout Scripts Repo | |
uses: actions/checkout@v4 | |
with: | |
path: ci-scripts | |
repository: pulumi/scripts | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: 18.x | |
registry-url: https://registry.npmjs.org | |
- name: Install Yarn | |
run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.13.0 | |
- name: Update PATH for Yarn | |
run: | | |
echo "$HOME/.yarn/bin" >> $GITHUB_PATH | |
echo "$HOME/.config/yarn/global/node_modules/.bin" >> $GITHUB_PATH | |
- name: Lint AWSX Code | |
run: make lint | |
- name: Lint classic AWSX Code | |
run: make lint_classic | |
- name: Check worktree clean | |
run: ./ci-scripts/ci/check-worktree-is-clean | |
build-provider: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v3 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 3600 | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
- name: Checkout Scripts Repo | |
uses: actions/checkout@v4 | |
with: | |
path: ci-scripts | |
repository: pulumi/scripts | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GOVERSION }} | |
- name: Setup Node | |
uses: actions/setup-node@v4 | |
with: | |
node-version: ${{env.NODEVERSION}} | |
registry-url: https://registry.npmjs.org | |
- name: Install Yarn | |
run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.13.0 | |
- name: Update PATH for Yarn | |
run: | | |
echo "$HOME/.yarn/bin" >> $GITHUB_PATH | |
echo "$HOME/.config/yarn/global/node_modules/.bin" >> $GITHUB_PATH | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/action-install-pulumi-cli@v2 | |
- name: Build provider | |
run: make provider | |
- name: Test provider | |
run: make test_provider | |
- name: Check worktree clean | |
run: ./ci-scripts/ci/check-worktree-is-clean | |
- name: Upload bin | |
uses: actions/upload-artifact@v3 | |
with: | |
name: bin | |
path: bin | |
- name: Tar provider bin | |
run: tar -zcf ${{ github.workspace }}/provider.tar.gz -C ${{ github.workspace }}/${{ env.PROVIDER }}/bin/ . | |
- name: Upload provider bin | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/provider.tar.gz | |
- if: failure() && github.event_name == 'push' | |
name: Notify Slack | |
uses: 8398a7/action-slack@v3 | |
with: | |
author_name: Failure in building provider | |
fields: repo,commit,author,action | |
status: ${{ job.status }} | |
acceptance-test: | |
needs: build-provider | |
runs-on: ubuntu-latest | |
steps: | |
- name: Free Disk Space (Ubuntu) | |
uses: jlumbroso/[email protected] | |
with: | |
tool-cache: false | |
swap-storage: false | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Checkout Scripts Repo | |
uses: actions/checkout@v4 | |
with: | |
path: ci-scripts | |
repository: pulumi/scripts | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Languages & Frameworks | |
uses: ./.github/actions/install | |
- name: Setup Gradle | |
uses: gradle/gradle-build-action@v3 | |
with: | |
gradle-version: "8.4" | |
- name: Install Python deps | |
run: |- | |
pip3 install virtualenv==20.0.23 | |
pip3 install pipenv | |
- name: Download bin | |
uses: actions/download-artifact@v3 | |
with: | |
name: bin | |
path: bin | |
- name: Restore bin and avoid rebuilding | |
run: | | |
chmod +x bin/* | |
make provider --touch | |
- name: Build SDK | |
run: make build_${{ matrix.language }} | |
- name: Check worktree clean | |
run: ./ci-scripts/ci/check-worktree-is-clean | |
- name: Compress SDK folder | |
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} | |
. | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v3 | |
with: | |
name: ${{ matrix.language }}-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v3 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: ${{ env.AWS_REGION }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 3600 | |
role-session-name: ${{ env.PROVIDER }}@githubActions | |
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
- name: Run tests | |
# Tell make to not rebuild the provider bin | |
run: make test_${{ matrix.language }} | |
strategy: | |
fail-fast: false | |
matrix: | |
language: | |
- nodejs | |
- python | |
- dotnet | |
- go | |
- java | |
publish: | |
name: publish | |
needs: acceptance-test | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v3 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-region: us-east-2 | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
role-duration-seconds: 3600 | |
role-external-id: upload-pulumi-release | |
role-session-name: ${{ env.PROVIDER}}@githubActions | |
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }} | |
- uses: MOZGIII/install-ldid-action@v1 | |
with: | |
tag: v2.1.5-procursus2 | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Pulumi CLI | |
uses: pulumi/action-install-pulumi-cli@v2 | |
- name: Download provider binary | |
uses: actions/download-artifact@v3 | |
with: | |
name: ${{ env.PROVIDER }}-provider.tar.gz | |
path: ${{ github.workspace }}/bin | |
- name: Untar provider binaries | |
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace | |
}}/bin | |
- name: Restore binary perms | |
run: find ${{ github.workspace }}/bin -name "pulumi-*-${{ env.PROVIDER }}" -print | |
-exec chmod +x {} \; | |
- name: Test provider | |
run: make test_provider | |
- name: Create Provider Binaries | |
run: make dist | |
- name: Upload Provider Binaries | |
run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive | |
publish_sdk: | |
name: publish_sdk | |
needs: publish | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout Repo | |
uses: actions/checkout@v4 | |
- name: Checkout Scripts Repo | |
uses: actions/checkout@v4 | |
with: | |
path: ci-scripts | |
repository: pulumi/scripts | |
- name: Unshallow clone for tags | |
run: git fetch --prune --unshallow --tags | |
- name: Install pulumictl | |
uses: jaxxstorm/[email protected] | |
with: | |
repo: pulumi/pulumictl | |
- name: Install Languages & Frameworks | |
uses: ./.github/actions/install | |
- name: Setup Gradle | |
uses: gradle/gradle-build-action@v3 | |
with: | |
gradle-version: "8.4" | |
- name: Download python SDK | |
uses: actions/download-artifact@v3 | |
with: | |
name: python-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress python SDK | |
run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python | |
- name: Download dotnet SDK | |
uses: actions/download-artifact@v3 | |
with: | |
name: dotnet-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress dotnet SDK | |
run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet | |
- name: Download nodejs SDK | |
uses: actions/download-artifact@v3 | |
with: | |
name: nodejs-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress nodejs SDK | |
run: tar -zxf ${{github.workspace}}/sdk/nodejs.tar.gz -C ${{github.workspace}}/sdk/nodejs | |
- run: python -m pip install pip twine | |
- env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
name: Publish SDK | |
run: ./scripts/publish_packages.sh | |
- name: Download java SDK | |
uses: actions/download-artifact@v3 | |
with: | |
name: java-sdk.tar.gz | |
path: ${{ github.workspace}}/sdk/ | |
- name: Uncompress java SDK | |
run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C ${{github.workspace}}/sdk/java | |
- name: Set PACKAGE_VERSION to Env | |
run: echo "PACKAGE_VERSION=$(pulumictl get version --language generic)" >> | |
$GITHUB_ENV | |
- name: Publish Java SDK | |
uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa | |
with: | |
arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository | |
build-root-directory: ./sdk/java | |
gradle-version: 7.4.1 | |
name: master | |
"on": | |
push: | |
branches: | |
- master | |
paths-ignore: | |
- CHANGELOG.md | |
tags-ignore: | |
- v* | |
- sdk/* | |
- "**" |