julienp/python matrix #974
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI Build | |
on: | |
workflow_dispatch: | |
inputs: | |
pulumi_version: | |
description: The version of Pulumi to use to build the Docker images. Full semver, e.g. "3.18.1". | |
type: string | |
repository_dispatch: | |
types: | |
- ci-build | |
pull_request: | |
paths: | |
- "docker/**" | |
- "tests/**" | |
- "!README.md" | |
- "!LICENSE" | |
# "Push" is a somewhat unintuitive name - the event will fire after a PR is | |
# merged to the main branch. | |
push: | |
branches: | |
- "main" | |
env: | |
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} | |
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} # Used by test-containers.sh\ | |
# The organization in the Pulumi SaaS service against which the integration | |
# tests will run: | |
PULUMI_ORG: "pulumi-test" | |
DOCKER_ORG: pulumi | |
PULUMI_VERSION: ${{ github.event.inputs.pulumi_version || github.event.client_payload.ref }} | |
# Do not depend on C library for the tests. | |
CGO_ENABLED: "0" | |
# Azure credentials for the tests | |
ARM_CLIENT_ID: ${{ secrets.ARM_CLIENT_ID }} | |
ARM_CLIENT_SECRET: ${{ secrets.ARM_CLIENT_SECRET }} | |
ARM_TENANT_ID: ${{ secrets.ARM_TENANT_ID }} | |
ARM_SUBSCRIPTION_ID: ${{ secrets.ARM_SUBSCRIPTION_ID }} | |
AWS_REGION: "us-west-2" | |
jobs: | |
comment-notification: | |
if: github.event_name == 'repository_dispatch' && github.event.client_payload.github.payload.issue.number | |
runs-on: ubuntu-latest | |
steps: | |
- name: Create URL to the run output | |
id: vars | |
run: echo run-url=https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID >> "$GITHUB_OUTPUT" | |
- name: Update with Result | |
uses: peter-evans/create-or-update-comment@v1 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
repository: ${{ github.event.client_payload.github.payload.repository.full_name }} | |
issue-number: ${{ github.event.client_payload.github.payload.issue.number }} | |
body: | | |
Please view the results of the Downstream Containers Tests [Here][1] | |
[1]: ${{ steps.vars.outputs.run-url }} | |
# kitchen-sink: | |
# name: All SDKs image | |
# strategy: | |
# matrix: | |
# go-version: [1.21.x] | |
# runs-on: ubuntu-latest | |
# steps: | |
# # If no version of Pulumi is supplied by the incoming event (e.g. in the | |
# # case of a PR or merge to main), we use the latest production version: | |
# - name: Set version to latest | |
# if: ${{ !env.PULUMI_VERSION }} | |
# run: | | |
# echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV | |
# - uses: actions/checkout@master | |
# - name: Set up QEMU | |
# uses: docker/setup-qemu-action@v3 | |
# - name: Setup docker buildx | |
# uses: docker/setup-buildx-action@v3 | |
# with: | |
# install: true | |
# - name: Build | |
# # We only build the "kitchen sink" image for AMD64 as it's rather large | |
# # and we want to steer users to use the single SDK images going forward: | |
# run: | | |
# docker build \ | |
# -f docker/pulumi/Dockerfile \ | |
# --platform linux/amd64 \ | |
# -t ${{ env.DOCKER_ORG }}/pulumi:${{ env.PULUMI_VERSION }} \ | |
# --target base \ | |
# --build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }} \ | |
# --load \ | |
# docker/pulumi | |
# - name: Install go | |
# uses: actions/setup-go@v2 | |
# with: | |
# go-version: "1.21.1" | |
# - name: Compile tests | |
# working-directory: tests | |
# run: | | |
# GOOS=linux GOARCH=amd64 go test -c -o /tmp/pulumi-test-containers ./... | |
# - name: Configure AWS credentials | |
# uses: aws-actions/configure-aws-credentials@v4 | |
# with: | |
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
# aws-region: ${{ env.AWS_REGION }} | |
# role-duration-seconds: 14400 # 4 hours | |
# role-session-name: pulumi-docker-containers@githubActions | |
# role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
# - name: Tests | |
# # Note we use /src/pulumi-test-containers as entrypoint and not bash to avoid bash | |
# # changing the environment in some way. | |
# run: | | |
# docker run \ | |
# -e RUN_CONTAINER_TESTS=true \ | |
# -e IMAGE_VARIANT=pulumi \ | |
# -e PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \ | |
# -e PULUMI_ORG=${PULUMI_ORG} \ | |
# -e ARM_CLIENT_ID=${ARM_CLIENT_ID} \ | |
# -e ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET} \ | |
# -e ARM_TENANT_ID=${ARM_TENANT_ID} \ | |
# -e ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID} \ | |
# -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \ | |
# -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \ | |
# -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \ | |
# -e AWS_REGION=${AWS_REGION} \ | |
# --volume /tmp:/src \ | |
# --entrypoint /src/pulumi-test-containers \ | |
# ${{ env.DOCKER_ORG }}/pulumi:${{ env.PULUMI_VERSION }} \ | |
# -test.parallel=1 -test.timeout=1h -test.v | |
# provider-build-environment: | |
# name: Provider Build Environment image | |
# strategy: | |
# matrix: | |
# go-version: [1.21.x] | |
# runs-on: ubuntu-latest | |
# steps: | |
# # If no version of Pulumi is supplied by the incoming event (e.g. in the | |
# # case of a PR or merge to main), we use the latest production version: | |
# - name: Set version to latest | |
# if: ${{ !env.PULUMI_VERSION }} | |
# run: | | |
# echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV | |
# - uses: actions/checkout@master | |
# - name: Set up QEMU | |
# uses: docker/setup-qemu-action@v3 | |
# - name: Setup docker buildx | |
# uses: docker/setup-buildx-action@v3 | |
# with: | |
# install: true | |
# - name: Build | |
# # This image is only built for AMD64 for the same reasons as | |
# # the "kitchen sink" image, listed above. | |
# run: | | |
# docker build \ | |
# -f docker/pulumi/Dockerfile \ | |
# --platform linux/amd64 \ | |
# -t ${{ env.DOCKER_ORG }}/pulumi-provider-build-environment:${{ env.PULUMI_VERSION }} \ | |
# --target build-environment \ | |
# --build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }} \ | |
# --load \ | |
# docker/pulumi | |
# - name: Install go | |
# uses: actions/setup-go@v2 | |
# with: | |
# go-version: "1.21.1" | |
# - name: Compile tests | |
# working-directory: tests | |
# run: | | |
# GOOS=linux GOARCH=amd64 go test -c -o /tmp/pulumi-test-containers ./... | |
# - name: Configure AWS credentials | |
# uses: aws-actions/configure-aws-credentials@v4 | |
# with: | |
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
# aws-region: ${{ env.AWS_REGION }} | |
# role-duration-seconds: 14400 # 4 hours | |
# role-session-name: pulumi-docker-containers@githubActions | |
# role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
# - name: Tests | |
# run: | | |
# docker run \ | |
# -e RUN_CONTAINER_TESTS=true \ | |
# -e IMAGE_VARIANT=pulumi \ | |
# -e PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \ | |
# -e PULUMI_ORG=${PULUMI_ORG} \ | |
# -e ARM_CLIENT_ID=${ARM_CLIENT_ID} \ | |
# -e ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET} \ | |
# -e ARM_TENANT_ID=${ARM_TENANT_ID} \ | |
# -e ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID} \ | |
# -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \ | |
# -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \ | |
# -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \ | |
# -e AWS_REGION=${AWS_REGION} \ | |
# --volume /tmp:/src \ | |
# --entrypoint /src/pulumi-test-containers \ | |
# ${{ env.DOCKER_ORG }}/pulumi-provider-build-environment:${{ env.PULUMI_VERSION }} \ | |
# -test.parallel=1 -test.timeout=1h -test.v | |
# base: | |
# name: Base image | |
# runs-on: ubuntu-latest | |
# strategy: | |
# fail-fast: false | |
# matrix: | |
# os: ["debian", "ubi"] | |
# steps: | |
# # If no version of Pulumi is supplied by the incoming event (e.g. in the | |
# # case of a PR or merge to main), we use the latest production version: | |
# - name: Set version to latest | |
# if: ${{ !env.PULUMI_VERSION }} | |
# run: | | |
# echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV | |
# - uses: actions/checkout@master | |
# - name: Set up QEMU | |
# uses: docker/setup-qemu-action@v3 | |
# - name: Setup docker buildx | |
# uses: docker/setup-buildx-action@v3 | |
# with: | |
# install: true | |
# - name: Build | |
# run: | | |
# docker build \ | |
# -f docker/base/Dockerfile.${{ matrix.os }} \ | |
# --platform linux/arm64,linux/amd64 \ | |
# . \ | |
# -t ${{ env.DOCKER_ORG }}/pulumi-base:${{ env.PULUMI_VERSION }}-${{ matrix.os }} \ | |
# --build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }} | |
define-matrix: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.define-matrix.outputs.matrix }} | |
steps: | |
- uses: actions/checkout@master | |
- name: Define Matrix | |
id: define-matrix | |
run: | | |
python ./.github/scripts/gen-matrix.py >> "$GITHUB_OUTPUT" | |
debian-sdk: | |
name: Debian SDK images | |
runs-on: ubuntu-latest | |
needs: define-matrix | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJSON(needs.define-matrix.outputs.matrix) }} | |
steps: | |
# If no version of Pulumi is supplied by the incoming event (e.g. in the | |
# case of a PR or merge to main), we use the latest production version: | |
- name: Set version to latest | |
if: ${{ !env.PULUMI_VERSION }} | |
run: | | |
echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV | |
- name: Set image name | |
run: | | |
echo "IMAGE_NAME=${{ env.DOCKER_ORG }}/pulumi-${{ matrix.sdk }}${{ matrix.suffix }}:${{ env.PULUMI_VERSION }}-debian-${{ matrix.arch }}" >> $GITHUB_ENV | |
- uses: actions/checkout@master | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Setup docker buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
install: true | |
- name: Build | |
run: | | |
docker build \ | |
-f docker/${{ matrix.sdk }}/Dockerfile.debian \ | |
--platform linux/${{ matrix.arch }} \ | |
-t ${{ env.IMAGE_NAME }} \ | |
--build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }} \ | |
--build-arg LANGUAGE_VERSION=${{ matrix.language_version }} \ | |
docker/${{ matrix.sdk }} \ | |
--load | |
- name: Install go | |
uses: actions/setup-go@v2 | |
with: | |
go-version: "1.21.1" | |
- name: Compile tests | |
working-directory: tests | |
run: | | |
GOOS=linux GOARCH=${{ matrix.arch }} go test -c -o /tmp/pulumi-test-containers ./... | |
- name: Set SDKS_TO_TEST (dotnet) | |
if: ${{ matrix.sdk == 'dotnet' }} | |
run: echo "SDKS_TO_TEST=csharp" >> $GITHUB_ENV | |
- name: Set SDKS_TO_TEST (nodejs) | |
if: ${{ matrix.sdk == 'nodejs' }} | |
run: echo "SDKS_TO_TEST=typescript" >> $GITHUB_ENV | |
- name: Set SDKS_TO_TEST (default) | |
if: ${{ matrix.sdk != 'dotnet' && matrix.sdk != 'nodejs' }} | |
run: echo "SDKS_TO_TEST=${{ matrix.sdk}}" >> $GITHUB_ENV | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ env.AWS_REGION }} | |
role-duration-seconds: 14400 # 4 hours | |
role-session-name: pulumi-docker-containers@githubActions | |
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
- name: Tests | |
run: | | |
docker run \ | |
-e RUN_CONTAINER_TESTS=true \ | |
-e IMAGE_VARIANT=pulumi-debian-${{ matrix.sdk }} \ | |
-e SDKS_TO_TEST=${SDKS_TO_TEST} \ | |
-e PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \ | |
-e PULUMI_ORG=${PULUMI_ORG} \ | |
-e ARM_CLIENT_ID=${ARM_CLIENT_ID} \ | |
-e ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET} \ | |
-e ARM_TENANT_ID=${ARM_TENANT_ID} \ | |
-e ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID} \ | |
-e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \ | |
-e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \ | |
-e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \ | |
-e AWS_REGION=${AWS_REGION} \ | |
--volume /tmp:/src \ | |
--entrypoint /src/pulumi-test-containers \ | |
--platform ${{ matrix.arch }} \ | |
${{ env.IMAGE_NAME }} \ | |
-test.parallel=1 -test.timeout=1h -test.v -test.run "TestPulumiTemplateTests|TestEnvironment" | |
# ubi-sdk: | |
# name: UBI SDK images | |
# runs-on: ubuntu-latest | |
# strategy: | |
# fail-fast: false | |
# matrix: | |
# sdk: ["nodejs", "python", "dotnet", "go", "java"] | |
# steps: | |
# # If no version of Pulumi is supplied by the incoming event (e.g. in the | |
# # case of a PR or merge to main), we use the latest production version: | |
# - name: Set version to latest | |
# if: ${{ !env.PULUMI_VERSION }} | |
# run: | | |
# echo "PULUMI_VERSION=$(curl https://www.pulumi.com/latest-version)" >> $GITHUB_ENV | |
# - uses: actions/checkout@master | |
# - name: Set up QEMU | |
# uses: docker/setup-qemu-action@v3 | |
# - name: Setup docker buildx | |
# uses: docker/setup-buildx-action@v3 | |
# with: | |
# install: true | |
# - name: Build | |
# # We only build UBI for amd64 due to arm64 builds hanging on `npm | |
# # install -g yarn` with no additional output, plus the apparent | |
# # requirement of a paid subscription in order to file a bug with RedHat. | |
# # | |
# # We supply a working directory to the command below due to the | |
# # dnf/nodej2.module file that has to mounted into the container. | |
# run: | | |
# docker build \ | |
# -f docker/${{ matrix.sdk }}/Dockerfile.ubi \ | |
# --platform linux/amd64 \ | |
# -t ${{ env.DOCKER_ORG }}/pulumi-${{ matrix.sdk }}:${{ env.PULUMI_VERSION }}-ubi \ | |
# --build-arg PULUMI_VERSION=${{ env.PULUMI_VERSION }} \ | |
# docker/${{ matrix.sdk }} \ | |
# --load | |
# - name: Install go | |
# uses: actions/setup-go@v2 | |
# with: | |
# go-version: "1.21.1" | |
# - name: Compile tests | |
# working-directory: tests | |
# run: | | |
# GOOS=linux GOARCH=amd64 go test -c -o /tmp/pulumi-test-containers ./... | |
# - name: Set SDKS_TO_TEST (dotnet) | |
# if: ${{ matrix.sdk == 'dotnet' }} | |
# run: echo "SDKS_TO_TEST=csharp" >> $GITHUB_ENV | |
# - name: Set SDKS_TO_TEST (nodejs) | |
# if: ${{ matrix.sdk == 'nodejs' }} | |
# run: echo "SDKS_TO_TEST=typescript" >> $GITHUB_ENV | |
# - name: Set SDKS_TO_TEST (default) | |
# if: ${{ matrix.sdk != 'dotnet' && matrix.sdk != 'nodejs' }} | |
# run: echo "SDKS_TO_TEST=${{ matrix.sdk}}" >> $GITHUB_ENV | |
# - name: Configure AWS credentials | |
# uses: aws-actions/configure-aws-credentials@v4 | |
# with: | |
# aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
# aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
# aws-region: ${{ env.AWS_REGION }} | |
# role-duration-seconds: 14400 # 4 hours | |
# role-session-name: pulumi-docker-containers@githubActions | |
# role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }} | |
# - name: Tests | |
# run: | | |
# docker run \ | |
# -e RUN_CONTAINER_TESTS=true \ | |
# -e IMAGE_VARIANT=pulumi-ubi-${{ matrix.sdk }} \ | |
# -e SDKS_TO_TEST=${SDKS_TO_TEST} \ | |
# -e PULUMI_ACCESS_TOKEN=${PULUMI_ACCESS_TOKEN} \ | |
# -e PULUMI_ORG=${PULUMI_ORG} \ | |
# -e ARM_CLIENT_ID=${ARM_CLIENT_ID} \ | |
# -e ARM_CLIENT_SECRET=${ARM_CLIENT_SECRET} \ | |
# -e ARM_TENANT_ID=${ARM_TENANT_ID} \ | |
# -e ARM_SUBSCRIPTION_ID=${ARM_SUBSCRIPTION_ID} \ | |
# -e AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID} \ | |
# -e AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY} \ | |
# -e AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN} \ | |
# -e AWS_REGION=${AWS_REGION} \ | |
# --volume /tmp:/src \ | |
# --entrypoint /src/pulumi-test-containers \ | |
# ${{ env.DOCKER_ORG }}/pulumi-${{ matrix.sdk }}:${{ env.PULUMI_VERSION }}-ubi \ | |
# -test.parallel=1 -test.timeout=1h -test.v -test.run "TestPulumiTemplateTests|TestEnvironment" |