Skip to content

Ensure requested ECS container resources are within Fargate limits (#… #871

Ensure requested ECS container resources are within Fargate limits (#…

Ensure requested ECS container resources are within Fargate limits (#… #871

Workflow file for this run

env:
AWS_REGION: us-west-2
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
LOCAL_PLAT: linux-amd64
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
PROVIDER: awsx
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PYPI_USERNAME: __token__
PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }}
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
VERSION_PREFIX: 1.0.0
GOVERSION: "1.21.x"
DOTNETVERSION: "6.x"
PYTHONVERSION: "3.8"
NODEVERSION: "18.x"
JAVAVERSION: "11"
jobs:
lint:
name: lint
runs-on: ubuntu-latest
continue-on-error: true
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Checkout Scripts Repo
uses: actions/checkout@v4
with:
path: ci-scripts
repository: pulumi/scripts
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: 18.x
registry-url: https://registry.npmjs.org
- name: Install Yarn
run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.13.0
- name: Update PATH for Yarn
run: |
echo "$HOME/.yarn/bin" >> $GITHUB_PATH
echo "$HOME/.config/yarn/global/node_modules/.bin" >> $GITHUB_PATH
- name: Lint AWSX Code
run: make lint
- name: Lint classic AWSX Code
run: make lint_classic
- name: Check worktree clean
run: ./ci-scripts/ci/check-worktree-is-clean
build-provider:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v3
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: ${{ env.AWS_REGION }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 3600
role-session-name: ${{ env.PROVIDER }}@githubActions
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
- name: Checkout Scripts Repo
uses: actions/checkout@v4
with:
path: ci-scripts
repository: pulumi/scripts
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GOVERSION }}
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: ${{env.NODEVERSION}}
registry-url: https://registry.npmjs.org
- name: Install Yarn
run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.13.0
- name: Update PATH for Yarn
run: |
echo "$HOME/.yarn/bin" >> $GITHUB_PATH
echo "$HOME/.config/yarn/global/node_modules/.bin" >> $GITHUB_PATH
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/action-install-pulumi-cli@v2
- name: Build provider
run: make provider
- name: Test provider
run: make test_provider
- name: Check worktree clean
run: ./ci-scripts/ci/check-worktree-is-clean
- name: Upload bin
uses: actions/upload-artifact@v3
with:
name: bin
path: bin
- name: Tar provider bin
run: tar -zcf ${{ github.workspace }}/provider.tar.gz -C ${{ github.workspace }}/${{ env.PROVIDER }}/bin/ .
- name: Upload provider bin
uses: actions/upload-artifact@v3
with:
name: ${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/provider.tar.gz
- if: failure() && github.event_name == 'push'
name: Notify Slack
uses: 8398a7/action-slack@v3
with:
author_name: Failure in building provider
fields: repo,commit,author,action
status: ${{ job.status }}
acceptance-test:
needs: build-provider
runs-on: ubuntu-latest
steps:
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/[email protected]
with:
tool-cache: false
swap-storage: false
- name: Checkout Repo
uses: actions/checkout@v4
- name: Checkout Scripts Repo
uses: actions/checkout@v4
with:
path: ci-scripts
repository: pulumi/scripts
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Languages & Frameworks
uses: ./.github/actions/install
- name: Setup Gradle
uses: gradle/gradle-build-action@v3
with:
gradle-version: "8.4"
- name: Install Python deps
run: |-
pip3 install virtualenv==20.0.23
pip3 install pipenv
- name: Download bin
uses: actions/download-artifact@v3
with:
name: bin
path: bin
- name: Restore bin and avoid rebuilding
run: |
chmod +x bin/*
make provider --touch
- name: Build SDK
run: make build_${{ matrix.language }}
- name: Check worktree clean
run: ./ci-scripts/ci/check-worktree-is-clean
- name: Compress SDK folder
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }}
.
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v3
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: ${{ env.AWS_REGION }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 3600
role-session-name: ${{ env.PROVIDER }}@githubActions
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
- name: Run tests
# Tell make to not rebuild the provider bin
run: make test_${{ matrix.language }}
strategy:
fail-fast: false
matrix:
language:
- nodejs
- python
- dotnet
- go
- java
publish:
name: publish
needs: acceptance-test
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v3
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: us-east-2
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 3600
role-external-id: upload-pulumi-release
role-session-name: ${{ env.PROVIDER}}@githubActions
role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
- uses: MOZGIII/install-ldid-action@v1
with:
tag: v2.1.5-procursus2
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/action-install-pulumi-cli@v2
- name: Download provider binary
uses: actions/download-artifact@v3
with:
name: ${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: Untar provider binaries
run: tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace
}}/bin
- name: Restore binary perms
run: find ${{ github.workspace }}/bin -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Test provider
run: make test_provider
- name: Create Provider Binaries
run: make dist
- name: Upload Provider Binaries
run: aws s3 cp dist s3://get.pulumi.com/releases/plugins/ --recursive
publish_sdk:
name: publish_sdk
needs: publish
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- name: Checkout Scripts Repo
uses: actions/checkout@v4
with:
path: ci-scripts
repository: pulumi/scripts
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Install pulumictl
uses: jaxxstorm/[email protected]
with:
repo: pulumi/pulumictl
- name: Install Languages & Frameworks
uses: ./.github/actions/install
- name: Setup Gradle
uses: gradle/gradle-build-action@v3
with:
gradle-version: "8.4"
- name: Download python SDK
uses: actions/download-artifact@v3
with:
name: python-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress python SDK
run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C ${{github.workspace}}/sdk/python
- name: Download dotnet SDK
uses: actions/download-artifact@v3
with:
name: dotnet-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress dotnet SDK
run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C ${{github.workspace}}/sdk/dotnet
- name: Download nodejs SDK
uses: actions/download-artifact@v3
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress nodejs SDK
run: tar -zxf ${{github.workspace}}/sdk/nodejs.tar.gz -C ${{github.workspace}}/sdk/nodejs
- run: python -m pip install pip twine
- env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
name: Publish SDK
run: ./scripts/publish_packages.sh
- name: Download java SDK
uses: actions/download-artifact@v3
with:
name: java-sdk.tar.gz
path: ${{ github.workspace}}/sdk/
- name: Uncompress java SDK
run: tar -zxf ${{github.workspace}}/sdk/java.tar.gz -C ${{github.workspace}}/sdk/java
- name: Set PACKAGE_VERSION to Env
run: echo "PACKAGE_VERSION=$(pulumictl get version --language generic)" >>
$GITHUB_ENV
- name: Publish Java SDK
uses: gradle/gradle-build-action@a8f75513eafdebd8141bd1cd4e30fcd194af8dfa
with:
arguments: publishToSonatype closeAndReleaseSonatypeStagingRepository
build-root-directory: ./sdk/java
gradle-version: 7.4.1
name: master
"on":
push:
branches:
- master
paths-ignore:
- CHANGELOG.md
tags-ignore:
- v*
- sdk/*
- "**"