Skip to content
CI Build

CI Build #961

Sign in to view logs

CI Build

CI Build #961

Workflow file for this run

.github/workflows/ci.yml at a39c5da
name: CI Build
on:
workflow_dispatch:
inputs:
pulumi_version:
description: The version of Pulumi to use to build the Docker images. Full semver, e.g. "3.18.1".
type: string
repository_dispatch:
types:
- ci-build
pull_request:
paths:
- "docker/**"
- "tests/**"
- "!README.md"
- "!LICENSE"
# "Push" is a somewhat unintuitive name - the event will fire after a PR is
# merged to the main branch.
push:
branches:
- "main"
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} # Used by test-containers.sh\
# The organization in the Pulumi SaaS service against which the integration
# tests will run:
PULUMI_ORG: "pulumi-test"
# We parameterize the Docker Hub username to allow forks to easily test
# changes on a separate repo without having to change the username in multiple
# places:
DOCKER_USERNAME: pulumi
PULUMI_VERSION: ${{ github.event.inputs.pulumi_version || github.event.client_payload.ref }}
# Do not depend on C library for the tests.
CGO_ENABLED: "0"
# Azure credentials for the tests
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }}
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }}
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }}
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }}
AWS_REGION: "us-west-2"
jobs:
comment-notification:
if: github.event_name == 'repository_dispatch' && github.event.client_payload.github.payload.issue.number
runs-on: ubuntu-latest
steps:
- name: Create URL to the run output
id: vars
run: echo run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID >> "$GITHUB_OUTPUT"
- name: Update with Result
uses: peter-evans/create-or-update-comment@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
body: |
Please view the results of the Downstream Containers Tests [Here][1]
[1]: ${{ steps.vars.outputs.run-url }}
# kitchen-sink:
# name: All SDKs image
# strategy:
# matrix:
# go-version: [1.21.x]
# runs-on: ubuntu-latest
# steps:
# # If no version of Pulumi is supplied by the incoming event (e.g. in the
# # case of a PR or merge to main), we use the latest production version:
# - name: Set version to latest
# if: ${{ !env.PULUMI_VERSION }}
# run: |
# echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV
# - uses: actions/checkout@master
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v3
# - name: Setup docker buildx
# uses: docker/setup-buildx-action@v3
# with:
# install: true
# - name: Build
# # We only build the "kitchen sink" image for AMD64 as it's rather large
# # and we want to steer users to use the single SDK images going forward:
# run: |
# docker build \
# -f docker/pulumi/Dockerfile \
# --platform linux/amd64 \
# -t ${{ env.DOCKER_USERNAME }}/pulumi:${{ env.PULUMI_VERSION }} \
# --target base \
# --build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }} \
# --load \
# docker/pulumi
# - name: Install go
# uses: actions/setup-go@v2
# with:
# go-version: "1.21.1"
# - name: Compile tests
# working-directory: tests
# run: |
# GOOS=linux GOARCH=amd64 go test -c -o /tmp/pulumi-test-containers ./...
# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: ${{ env.AWS_REGION }}
# role-duration-seconds: 14400 # 4 hours
# role-session-name: pulumi-docker-containers@githubActions
# role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
# - name: Tests
# # Note we use /src/pulumi-test-containers as entrypoint and not bash to avoid bash
# # changing the environment in some way.
# run: |
# docker run \
# -e RUN_CONTAINER_TESTS=true \
# -e IMAGE_VARIANT=pulumi \
# -e PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \
# -e PULUMI_ORG=${PULUMI_ORG} \
# -e ARM_CLIENT_ID=${ARM_CLIENT_ID} \
# -e ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET} \
# -e ARM_TENANT_ID=${ARM_TENANT_ID} \
# -e ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID} \
# -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
# -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
# -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \
# -e AWS_REGION=${AWS_REGION} \
# --volume /tmp:/src \
# --entrypoint /src/pulumi-test-containers \
# ${{ env.DOCKER_USERNAME }}/pulumi:${{ env.PULUMI_VERSION }} \
# -test.parallel=1 -test.timeout=1h -test.v
# provider-build-environment:
# name: Provider Build Environment image
# strategy:
# matrix:
# go-version: [1.21.x]
# runs-on: ubuntu-latest
# steps:
# # If no version of Pulumi is supplied by the incoming event (e.g. in the
# # case of a PR or merge to main), we use the latest production version:
# - name: Set version to latest
# if: ${{ !env.PULUMI_VERSION }}
# run: |
# echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV
# - uses: actions/checkout@master
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v3
# - name: Setup docker buildx
# uses: docker/setup-buildx-action@v3
# with:
# install: true
# - name: Build
# # This image is only built for AMD64 for the same reasons as
# # the "kitchen sink" image, listed above.
# run: |
# docker build \
# -f docker/pulumi/Dockerfile \
# --platform linux/amd64 \
# -t ${{ env.DOCKER_USERNAME }}/pulumi-provider-build-environment:${{ env.PULUMI_VERSION }} \
# --target build-environment \
# --build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }} \
# --load \
# docker/pulumi
# - name: Install go
# uses: actions/setup-go@v2
# with:
# go-version: "1.21.1"
# - name: Compile tests
# working-directory: tests
# run: |
# GOOS=linux GOARCH=amd64 go test -c -o /tmp/pulumi-test-containers ./...
# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: ${{ env.AWS_REGION }}
# role-duration-seconds: 14400 # 4 hours
# role-session-name: pulumi-docker-containers@githubActions
# role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
# - name: Tests
# run: |
# docker run \
# -e RUN_CONTAINER_TESTS=true \
# -e IMAGE_VARIANT=pulumi \
# -e PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \
# -e PULUMI_ORG=${PULUMI_ORG} \
# -e ARM_CLIENT_ID=${ARM_CLIENT_ID} \
# -e ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET} \
# -e ARM_TENANT_ID=${ARM_TENANT_ID} \
# -e ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID} \
# -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
# -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
# -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \
# -e AWS_REGION=${AWS_REGION} \
# --volume /tmp:/src \
# --entrypoint /src/pulumi-test-containers \
# ${{ env.DOCKER_USERNAME }}/pulumi-provider-build-environment:${{ env.PULUMI_VERSION }} \
# -test.parallel=1 -test.timeout=1h -test.v
# base:
# name: Base image
# runs-on: ubuntu-latest
# strategy:
# fail-fast: false
# matrix:
# os: ["debian", "ubi"]
# steps:
# # If no version of Pulumi is supplied by the incoming event (e.g. in the
# # case of a PR or merge to main), we use the latest production version:
# - name: Set version to latest
# if: ${{ !env.PULUMI_VERSION }}
# run: |
# echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV
# - uses: actions/checkout@master
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v3
# - name: Setup docker buildx
# uses: docker/setup-buildx-action@v3
# with:
# install: true
# - name: Build
# run: |
# docker build \
# -f docker/base/Dockerfile.${{ matrix.os }} \
# --platform linux/arm64,linux/amd64 \
# . \
# -t ${{ env.DOCKER_USERNAME }}/pulumi-base:${{ env.PULUMI_VERSION }}-${{ matrix.os }} \
# --build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }}
debian-sdk:
name: Debian SDK images
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
sdk: ["nodejs", "python", "dotnet", "go", "java"]
arch: ["amd64", "arm64"]
version: ["1.0"]
include:
- sdk: python
arch: amd64
version: "3.9"
- sdk: python
arch: arm64
version: "3.9"
- sdk: python
arch: amd64
version: "3.10"
- sdk: python
arch: arm64
version: "3.10"
steps:
# If no version of Pulumi is supplied by the incoming event (e.g. in the
# case of a PR or merge to main), we use the latest production version:
- name: Set version to latest
if: ${{ !env.PULUMI_VERSION }}
run: |
echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV
- name: DEBUG
run: |
echo "sdk: ${{ matrix.sdk }} arch: ${{ matrix.arch }} version: ${{ matrix.version }}"
# - uses: actions/checkout@master
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v3
# - name: Setup docker buildx
# uses: docker/setup-buildx-action@v3
# with:
# install: true
# - name: Build
# # We supply a working directory to the command below due to the
# # dnf/nodej2.module file that has to mounted into the container.
# run: |
# docker build \
# -f docker/${{ matrix.sdk }}/Dockerfile.debian \
# --platform linux/${{ matrix.arch }} \
# -t ${{ env.DOCKER_USERNAME }}/pulumi-${{ matrix.sdk }}:${{ env.PULUMI_VERSION }}-debian-${{ matrix.arch }} \
# --build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }} \
# docker/${{ matrix.sdk }} \
# --load
# - name: Install go
# uses: actions/setup-go@v2
# with:
# go-version: "1.21.1"
# - name: Compile tests
# working-directory: tests
# run: |
# GOOS=linux GOARCH=${{ matrix.arch }} go test -c -o /tmp/pulumi-test-containers ./...
# - name: Set SDKS_TO_TEST (dotnet)
# if: ${{ matrix.sdk == 'dotnet' }}
# run: echo "SDKS_TO_TEST=csharp" >> $GITHUB_ENV
# - name: Set SDKS_TO_TEST (nodejs)
# if: ${{ matrix.sdk == 'nodejs' }}
# run: echo "SDKS_TO_TEST=typescript" >> $GITHUB_ENV
# - name: Set SDKS_TO_TEST (default)
# if: ${{ matrix.sdk != 'dotnet' && matrix.sdk != 'nodejs' }}
# run: echo "SDKS_TO_TEST=${{ matrix.sdk}}" >> $GITHUB_ENV
# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: ${{ env.AWS_REGION }}
# role-duration-seconds: 14400 # 4 hours
# role-session-name: pulumi-docker-containers@githubActions
# role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
# - name: Tests
# run: |
# docker run \
# -e RUN_CONTAINER_TESTS=true \
# -e IMAGE_VARIANT=pulumi-debian-${{ matrix.sdk }} \
# -e SDKS_TO_TEST=${SDKS_TO_TEST} \
# -e PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \
# -e PULUMI_ORG=${PULUMI_ORG} \
# -e ARM_CLIENT_ID=${ARM_CLIENT_ID} \
# -e ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET} \
# -e ARM_TENANT_ID=${ARM_TENANT_ID} \
# -e ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID} \
# -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
# -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
# -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \
# -e AWS_REGION=${AWS_REGION} \
# --volume /tmp:/src \
# --entrypoint /src/pulumi-test-containers \
# --platform ${{ matrix.arch }} \
# ${{ env.DOCKER_USERNAME }}/pulumi-${{ matrix.sdk }}:${{ env.PULUMI_VERSION }}-debian-${{ matrix.arch }} \
# -test.parallel=1 -test.timeout=1h -test.v -test.run "TestPulumiTemplateTests|TestEnvironment"
# ubi-sdk:
# name: UBI SDK images
# runs-on: ubuntu-latest
# strategy:
# fail-fast: false
# matrix:
# sdk: ["nodejs", "python", "dotnet", "go", "java"]
# steps:
# # If no version of Pulumi is supplied by the incoming event (e.g. in the
# # case of a PR or merge to main), we use the latest production version:
# - name: Set version to latest
# if: ${{ !env.PULUMI_VERSION }}
# run: |
# echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV
# - uses: actions/checkout@master
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v3
# - name: Setup docker buildx
# uses: docker/setup-buildx-action@v3
# with:
# install: true
# - name: Build
# # We only build UBI for amd64 due to arm64 builds hanging on `npm
# # install -g yarn` with no additional output, plus the apparent
# # requirement of a paid subscription in order to file a bug with RedHat.
# #
# # We supply a working directory to the command below due to the
# # dnf/nodej2.module file that has to mounted into the container.
# run: |
# docker build \
# -f docker/${{ matrix.sdk }}/Dockerfile.ubi \
# --platform linux/amd64 \
# -t ${{ env.DOCKER_USERNAME }}/pulumi-${{ matrix.sdk }}:${{ env.PULUMI_VERSION }}-ubi \
# --build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }} \
# docker/${{ matrix.sdk }} \
# --load
# - name: Install go
# uses: actions/setup-go@v2
# with:
# go-version: "1.21.1"
# - name: Compile tests
# working-directory: tests
# run: |
# GOOS=linux GOARCH=amd64 go test -c -o /tmp/pulumi-test-containers ./...
# - name: Set SDKS_TO_TEST (dotnet)
# if: ${{ matrix.sdk == 'dotnet' }}
# run: echo "SDKS_TO_TEST=csharp" >> $GITHUB_ENV
# - name: Set SDKS_TO_TEST (nodejs)
# if: ${{ matrix.sdk == 'nodejs' }}
# run: echo "SDKS_TO_TEST=typescript" >> $GITHUB_ENV
# - name: Set SDKS_TO_TEST (default)
# if: ${{ matrix.sdk != 'dotnet' && matrix.sdk != 'nodejs' }}
# run: echo "SDKS_TO_TEST=${{ matrix.sdk}}" >> $GITHUB_ENV
# - name: Configure AWS credentials
# uses: aws-actions/configure-aws-credentials@v4
# with:
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
# aws-region: ${{ env.AWS_REGION }}
# role-duration-seconds: 14400 # 4 hours
# role-session-name: pulumi-docker-containers@githubActions
# role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
# - name: Tests
# run: |
# docker run \
# -e RUN_CONTAINER_TESTS=true \
# -e IMAGE_VARIANT=pulumi-ubi-${{ matrix.sdk }} \
# -e SDKS_TO_TEST=${SDKS_TO_TEST} \
# -e PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \
# -e PULUMI_ORG=${PULUMI_ORG} \
# -e ARM_CLIENT_ID=${ARM_CLIENT_ID} \
# -e ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET} \
# -e ARM_TENANT_ID=${ARM_TENANT_ID} \
# -e ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID} \
# -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \
# -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \
# -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \
# -e AWS_REGION=${AWS_REGION} \
# --volume /tmp:/src \
# --entrypoint /src/pulumi-test-containers \
# ${{ env.DOCKER_USERNAME }}/pulumi-${{ matrix.sdk }}:${{ env.PULUMI_VERSION }}-ubi \
# -test.parallel=1 -test.timeout=1h -test.v -test.run "TestPulumiTemplateTests|TestEnvironment"