diff --git a/updatecli/policies/pulumi/CHANGELOG.md b/updatecli/policies/pulumi/CHANGELOG.md new file mode 100644 index 0000000..a715cde --- /dev/null +++ b/updatecli/policies/pulumi/CHANGELOG.md @@ -0,0 +1,5 @@ +# CHANGELOG + +## 0.1.0 + + * Initial release diff --git a/updatecli/policies/pulumi/Policy.yaml b/updatecli/policies/pulumi/Policy.yaml new file mode 100644 index 0000000..314b0ff --- /dev/null +++ b/updatecli/policies/pulumi/Policy.yaml @@ -0,0 +1,29 @@ +--- +# Policy.yaml contains metadata for the Updatecli policy. + +## Authors is the policy authors +authors: + - olivier Vernin + +## URL is the policy url +url: ghcr.io/updatecli/policies/updatecli/pulumi + +## Documentation is the policy documentation URL +documentation: https://github.com/updatecli/policies/blob/main/updatecli/policies/pulumi/README.md + +## Source is the policy source URL +source: https://github.com/updatecli/policies/blob/main/updatecli/policies/pulumi/ + +# Version is the policy version. +version: 0.1.0 + +## Vendor is the policy vendor +vendor: Updatecli Project + +# License is the policy licenses +licenses: + - "Apache-2.0 license" + +# Description is the short policy description +description: | + Bump Pulumi golang packages to align with versions defined in github.com/pulumi/pulumi-terraform-bridge diff --git a/updatecli/policies/pulumi/README.md b/updatecli/policies/pulumi/README.md new file mode 100644 index 0000000..e8bf9e5 --- /dev/null +++ b/updatecli/policies/pulumi/README.md @@ -0,0 +1,85 @@ +# README + +WARNING: This policy is written for demo purpose and will be relocated to a better place if needed. + +## DESCRIPTION + +Bump Pulumi golang packages to align with versions defined in github.com/pulumi/pulumi-terraform-bridge + +Pulumi can "bridge" TF providers. In this setup, the Pulumi provider uses this Go module: + +github.com/pulumi/pulumi-terraform-bridge + +The provider *and* the bridge uses the core Pulumi SDK: + +github.com/pulumi/pulumi/pkg/v3 +github.com/pulumi/pulumi/sdk/v3 + +Upgrading the dependency on pulumi-terraform-bridge, I need to upgrade core pulumi SDK (sdk & pkg) to the same version that the bridge uses. + + +## HOW TO USE + +**Show** + +They are two different approaches to see the content of this policy: + +Using the policy from the local filesystem by running: + + updatecli manifest show --config updatecli.d --values values.d/default.yaml + +Using the policy from the registry by running: + + updatecli manifest show $OCI_REGISTRY/< insert your policy name>:v0.1.0 + + +**Use** + +Similarly to the show command, they are two ways to execute an Updatecli policy, either using the local file or the one stored on the registry. + +Using the policy from the local filesystem by running: + + updatecli diff --config updatecli.d --values values.d/default.yaml + +Using the policy from the registry by running: + + updatecli diff ghcr.io/updatecli/policies/:v0.1.0 + + +If "diff" is replaced by "apply", then the policy will be executed in enforce mode. + +⚠ Any values files specified at runtime will override default values set from the policy bundle + +**Login** + +Regardless your Updatecli policy is meant to be public or private, you probably always want to be authenticated with your registry, by running: + + docker login "$OCI_REGISTRY" + +INFO: OCI_REGISTRY can be any OCI compliant registry such as [Zot](https://github.com/project-zot/zot), [DockerHub](https://hub.docker.com), [ghcr.io](https://ghcr.io),etc. + +**Publish** + +Policies defines in this repository can be published to your registry by running: + + updatecli manifest push \ + --config updatecli.d \ + --values values.d/default.yaml \ + --policy Policy.yaml \ + --tag "$OCI_REGISTRY/" \ + . + +⚠ The tag is defined by the version field in the policy file +⚠ The latest tag always represents the latest version published from +a semantic versioning point of view. + +## NEXT STEPS + +Feel free to look on the [Updatecli documentation](https://updatecli.io) to learn more about how to use Updatecli. + +Another good starting point is to understand how to use [update-compose.yaml](https://www.updatecli.io/docs/core/compose/) to orchestrate multiple Updatecli policies. + +## CONTRIBUTING + +This document has been generated from this [template](https://github.com/updatecli/updatecli/blob/main/pkg/core/scaffold/readme.go). +Feel free to suggest any improvements or open an [issue](https://github.com/updatecli/updatecli/issues). diff --git a/updatecli/policies/pulumi/testdata/values.yaml b/updatecli/policies/pulumi/testdata/values.yaml new file mode 100644 index 0000000..15f1c38 --- /dev/null +++ b/updatecli/policies/pulumi/testdata/values.yaml @@ -0,0 +1,9 @@ +scm: + default: + owner: pulumiverse + repository: pulumi-talos + branch: main + user: updatecli + email: + #username: + #token: diff --git a/updatecli/policies/pulumi/updatecli.d/pulumi-pkg.yaml b/updatecli/policies/pulumi/updatecli.d/pulumi-pkg.yaml new file mode 100644 index 0000000..c90456e --- /dev/null +++ b/updatecli/policies/pulumi/updatecli.d/pulumi-pkg.yaml @@ -0,0 +1,65 @@ +--- +name: "deps: bump github.com/pulumi/pulumi/pkg/v3" + +## scms defines the source control management system to interact with. +scms: + default: + kind: github + spec: + owner: "{{ .scm.default.owner }}" + repository: "{{ .scm.default.repository }}" + branch: "{{ .scm.default.branch }}" + user: "{{ .scm.default.user }}" + email: "{{ .scm.default.email }}" + username: '{{ requiredEnv "UPDATECLI_GITHUB_ACTOR" }}' + token: '{{ requiredEnv "UPDATECLI_GITHUB_TOKEN" }}' + +## actions defines what to do when a target with the same scmid is modified. +actions: + default: + kind: "github/pullrequest" + scmid: "default" + spec: + automerge: false + labels: + - "dependencies" + +## sources defines where to find the information. +sources: + bridge: + scmid: "default" + kind: "golang/gomod" + spec: + file: "provider/go.mod" + module: "github.com/pulumi/pulumi-terraform-bridge/v3" + + pulumi/pkg: + name: 'Get github.com/pulumi/pulumi/pkg/v3 version used by github.com/pulumi/pulumi-terraform-bridge/v3 {{ source "bridge" }}' + kind: "golang/gomod" + dependson: + - "bridge" + spec: + file: 'https://raw.githubusercontent.com/pulumi/pulumi-terraform-bridge/{{ source "bridge" }}/go.mod' + module: "github.com/pulumi/pulumi/pkg/v3" + +conditions: + pulumi/pkg: + name: 'is github.com/pulumi/pulumi/pkg/v3 is defined' + scmid: "default" + disablesourceinput: true + kind: "golang/gomod" + spec: + file: "provider/go.mod" + module: "github.com/pulumi/pulumi/pkg/v3" + +targets: + pulumi/pkg: + name: 'deps: bump github.com/pulumi/pulumi/pkg/v3 to {{ source "pulumi/pkg" }}' + scmid: "default" + kind: "golang/gomod" + sourceid: "pulumi/pkg" + spec: + file: "provider/go.mod" + module: "github.com/pulumi/pulumi/pkg/v3" + +version: 0.76.0 \ No newline at end of file diff --git a/updatecli/policies/pulumi/updatecli.d/pulumi-sdk.yaml b/updatecli/policies/pulumi/updatecli.d/pulumi-sdk.yaml new file mode 100644 index 0000000..5b78df6 --- /dev/null +++ b/updatecli/policies/pulumi/updatecli.d/pulumi-sdk.yaml @@ -0,0 +1,65 @@ +--- +name: Default pipeline name + +## scms defines the source control management system to interact with. +scms: + default: + kind: github + spec: + owner: "{{ .scm.default.owner }}" + repository: "{{ .scm.default.repository }}" + branch: "{{ .scm.default.branch }}" + user: "{{ .scm.default.user }}" + email: "{{ .scm.default.email }}" + username: '{{ requiredEnv "UPDATECLI_GITHUB_ACTOR" }}' + token: '{{ requiredEnv "UPDATECLI_GITHUB_TOKEN" }}' + +## actions defines what to do when a target with the same scmid is modified. +actions: + default: + kind: "github/pullrequest" + scmid: "default" + spec: + automerge: false + labels: + - "dependencies" + +## sources defines where to find the information. +sources: + bridge: + scmid: "default" + kind: "golang/gomod" + spec: + file: "provider/go.mod" + module: "github.com/pulumi/pulumi-terraform-bridge/v3" + + pulumi/sdk: + name: 'Get github.com/pulumi/pulumi/sdk/v3 version used by github.com/pulumi/pulumi-terraform-bridge/v3 {{ source "bridge" }}' + kind: "golang/gomod" + dependson: + - "bridge" + spec: + file: 'https://raw.githubusercontent.com/pulumi/pulumi-terraform-bridge/{{ source "bridge" }}/go.mod' + module: "github.com/pulumi/pulumi/sdk/v3" + +conditions: + pulumi/sdk: + name: 'is github.com/pulumi/pulumi/sdk/v3 defined' + scmid: "default" + disablesourceinput: true + kind: "golang/gomod" + spec: + file: "provider/go.mod" + module: "github.com/pulumi/pulumi/sdk/v3" + +targets: + pulumi/sdk: + name: 'deps: bump github.com/pulumi/pulumi/sdk/v3 to {{ source "pulumi/sdk" }}' + scmid: "default" + kind: "golang/gomod" + sourceid: "pulumi/sdk" + spec: + file: "provider/go.mod" + module: "github.com/pulumi/pulumi/sdk/v3" + +version: 0.76.0 \ No newline at end of file diff --git a/updatecli/policies/pulumi/values.yaml b/updatecli/policies/pulumi/values.yaml new file mode 100644 index 0000000..c2110af --- /dev/null +++ b/updatecli/policies/pulumi/values.yaml @@ -0,0 +1,10 @@ +--- +# Values.yaml contains settings that be used from Updatecli manifest. +# scm: +# default: +# user: updatecli-bot +# email: updatecli-bot@updatecli.io +# owner: github_owner +# repository: github_repository +# username: "updatecli-bot" +# branch: main