diff --git a/.config/mise.lock b/.config/mise.lock deleted file mode 100644 index f4cbfd45..00000000 --- a/.config/mise.lock +++ /dev/null @@ -1,87 +0,0 @@ -[[tools.dotnet]] -version = "8.0.414" -backend = "asdf:dotnet" - -[[tools."github:pulumi/pulumictl"]] -version = "0.0.50" -backend = "github:pulumi/pulumictl" - -[tools."github:pulumi/pulumictl".platforms.linux-x64] -checksum = "sha256:a988418240d3a985bdcb9753b7c65ba4b06608deb359dc2942cb8c9374abc164" -name = "pulumictl-v0.0.50-linux-amd64.tar.gz" -size = 27744219 -url = "https://github.com/pulumi/pulumictl/releases/download/v0.0.50/pulumictl-v0.0.50-linux-amd64.tar.gz" -url_api = "https://api.github.com/repos/pulumi/pulumictl/releases/assets/278054496" - -[[tools."github:pulumi/schema-tools"]] -version = "0.6.0" -backend = "github:pulumi/schema-tools" - -[tools."github:pulumi/schema-tools".platforms.linux-x64] -checksum = "blake3:82dfe616fee18b4258f6e3d2dc3c4e9f14afd43a0a4cc33eff2d2a04088d6ca3" -name = "schema-tools-v0.6.0-linux-amd64.tar.gz" -size = 14282746 -url = "https://github.com/pulumi/schema-tools/releases/download/v0.6.0/schema-tools-v0.6.0-linux-amd64.tar.gz" -url_api = "https://api.github.com/repos/pulumi/schema-tools/releases/assets/118725905" - -[[tools.go]] -version = "1.24.10" -backend = "core:go" - -[tools.go.platforms.macos-arm64] -checksum = "sha256:71c70841bcdadf4b5d2f7c0f099952907969f25235663622a47d6f2233ad39aa" -size = 76432098 -url = "https://dl.google.com/go/go1.24.10.darwin-arm64.tar.gz" - -[[tools.golangci-lint]] -version = "1.64.8" -backend = "aqua:golangci/golangci-lint" - -[tools.golangci-lint.platforms.linux-x64] -checksum = "sha256:b6270687afb143d019f387c791cd2a6f1cb383be9b3124d241ca11bd3ce2e54e" -size = 12364828 -url = "https://github.com/golangci/golangci-lint/releases/download/v1.64.8/golangci-lint-1.64.8-linux-amd64.tar.gz" - -[[tools.gradle]] -version = "7.6.6" -backend = "aqua:gradle/gradle" - -[tools.gradle.platforms.linux-x64] -checksum = "sha256:673d9776f303bc7048fc3329d232d6ebf1051b07893bd9d11616fad9a8673be0" -size = 128439774 -url = "https://github.com/gradle/gradle-distributions/releases/download/v7.6.6/gradle-7.6.6-bin.zip" - -[[tools.java]] -version = "corretto-11.0.29.7.1" -backend = "core:java" - -[tools.java.platforms.linux-x64] -checksum = "sha256:279c6d3124f8b0251b16297b16687fe8b3946410b05ed27de1259b5e5cea02ba" -size = 195379320 -url = "https://corretto.aws/downloads/resources/11.0.29.7.1/amazon-corretto-11.0.29.7.1-linux-x64.tar.gz" - -[[tools.node]] -version = "20.19.5" -backend = "core:node" - -[tools.node.platforms.linux-x64] -checksum = "sha256:4eba5fbe1fb10753bc06e42f001a91c5cec16798b7764a3e9257adc59af47fe1" -size = 47041607 -url = "https://nodejs.org/dist/v20.19.5/node-v20.19.5-linux-x64.tar.gz" - -[[tools."npm:yarn"]] -version = "1.22.22" -backend = "npm:yarn" - -[[tools.pulumi]] -version = "3.206.0" -backend = "aqua:pulumi/pulumi" - -[tools.pulumi.platforms.macos-arm64] -checksum = "sha256:bd0db01d82d9092c9408d2ebe8862cf37c75b00bc2d205757d02f7e4a1813f7a" -size = 86039751 -url = "https://github.com/pulumi/pulumi/releases/download/v3.206.0/pulumi-v3.206.0-darwin-arm64.tar.gz" - -[[tools.python]] -version = "3.11.8" -backend = "core:python" diff --git a/.config/mise.toml b/.config/mise.toml index f52e9c42..f7dcbda1 100644 --- a/.config/mise.toml +++ b/.config/mise.toml @@ -18,12 +18,12 @@ java = 'corretto-11' # Executable tools pulumi = "{{ get_env(name='PULUMI_VERSION_MISE', default='latest') }}" -"github:pulumi/pulumictl" = 'latest' -"github:pulumi/schema-tools" = "latest" -gradle = '7.6' +"github:pulumi/pulumictl" = '0.0.50' +"github:pulumi/schema-tools" = "0.6.0" +"aqua:gradle/gradle-distributions" = '7.6.6' golangci-lint = "1.64.8" # See note about about overrides if you need to customize this. "npm:yarn" = "1.22.22" [settings] experimental = true # Required for Go binaries (e.g. pulumictl). -lockfile = true +lockfile = false diff --git a/.github/actions/setup-tools/action.yml b/.github/actions/setup-tools/action.yml index ffb73efc..2cc5310a 100644 --- a/.github/actions/setup-tools/action.yml +++ b/.github/actions/setup-tools/action.yml @@ -5,22 +5,25 @@ inputs: cache: description: Enable caching required: false - default: 'false' + default: "false" + github_token: + description: GitHub token + required: true runs: using: "composite" steps: - name: Setup mise - uses: jdx/mise-action@be3be2260bc02bc3fbf94c5e2fed8b7964baf074 # v3 + uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3 + env: + MISE_FETCH_REMOTE_VERSIONS_TIMEOUT: 30s with: - # Latest working version. See https://github.com/jdx/mise/discussions/6781 - version: 2025.10.16 - github_token: ${{ github.token }} - cache_key: "mise-{{platform}}-{{file_hash}}" + version: 2025.11.6 cache_save: ${{ inputs.cache }} + github_token: ${{ inputs.github_token }} - name: Setup Go Cache - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: cache: ${{ inputs.cache }} cache-dependency-path: | diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9ed112b1..4f3e6966 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -16,7 +16,9 @@ on: workflow_dispatch: {} env: PROVIDER: kubernetes-cert-manager + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget TRAVIS_OS_NAME: linux + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. GOVERSION: "1.21.x" NODEVERSION: "20.x" PYTHONVERSION: "3.11.8" @@ -38,7 +40,7 @@ jobs: pull-requests: write # For schema check comment. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -52,7 +54,7 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: @@ -61,6 +63,7 @@ jobs: uses: ./.github/actions/setup-tools with: cache: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} - if: github.event_name == 'pull_request' name: Install Schema Tools uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 @@ -112,10 +115,6 @@ jobs: sdk/nodejs/package.json sdk/python/pyproject.toml sdk/java/build.gradle - **/mise.lock - **/.config/mise.lock - **/mise.*.lock - **/.config/mise.*.lock - name: Commit SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') && github.event_name == @@ -209,7 +208,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -223,13 +222,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download Provider Binary uses: ./.github/actions/download-provider - name: Generate SDK @@ -248,10 +249,6 @@ jobs: sdk/nodejs/package.json sdk/python/pyproject.toml sdk/java/build.gradle - **/mise.lock - **/.config/mise.lock - **/mise.*.lock - **/.config/mise.*.lock - name: Commit SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') && github.event_name == @@ -328,7 +325,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -373,7 +370,7 @@ jobs: id-token: write # For ESC secrets and Pulumi access token OIDC. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -387,13 +384,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download Provider Binary uses: ./.github/actions/download-provider - name: Download SDK @@ -448,7 +447,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -462,13 +461,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Clear GitHub Actions Ubuntu runner disk space uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: @@ -519,7 +520,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -533,19 +534,21 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Scripts Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: path: ci-scripts repository: pulumi/scripts - run: echo "ci-scripts" >> .git/info/exclude - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download python SDK uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: @@ -598,13 +601,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true persist-credentials: false ref: ${{ env.PR_COMMIT_SHA }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Disarm go:embed directives to enable linters that compile source code run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i 's/go:embed/ goembed/g' diff --git a/.github/workflows/command-dispatch.yml b/.github/workflows/command-dispatch.yml index b6375b55..8386d886 100644 --- a/.github/workflows/command-dispatch.yml +++ b/.github/workflows/command-dispatch.yml @@ -17,7 +17,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false - env: diff --git a/.github/workflows/community-moderation.yml b/.github/workflows/community-moderation.yml index 1989abf8..a0a1a4c5 100644 --- a/.github/workflows/community-moderation.yml +++ b/.github/workflows/community-moderation.yml @@ -6,7 +6,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false - id: schema_changed diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index b5872a32..baf7a527 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -7,7 +7,9 @@ on: - v*.*.*-** env: PROVIDER: kubernetes-cert-manager + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget TRAVIS_OS_NAME: linux + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. GOVERSION: "1.21.x" NODEVERSION: "20.x" PYTHONVERSION: "3.11.8" @@ -27,7 +29,7 @@ jobs: name: prerequisites steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -41,7 +43,7 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: @@ -50,6 +52,7 @@ jobs: uses: ./.github/actions/setup-tools with: cache: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} - if: github.event_name == 'pull_request' name: Install Schema Tools uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 @@ -101,10 +104,6 @@ jobs: sdk/nodejs/package.json sdk/python/pyproject.toml sdk/java/build.gradle - **/mise.lock - **/.config/mise.lock - **/mise.*.lock - **/.config/mise.*.lock - name: Commit SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') && github.event_name == @@ -198,7 +197,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -212,13 +211,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download Provider Binary uses: ./.github/actions/download-provider - name: Generate SDK @@ -237,10 +238,6 @@ jobs: sdk/nodejs/package.json sdk/python/pyproject.toml sdk/java/build.gradle - **/mise.lock - **/.config/mise.lock - **/mise.*.lock - **/.config/mise.*.lock - name: Commit ${{ matrix.language }} SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') && github.event_name == @@ -326,7 +323,7 @@ jobs: id-token: write # For ESC secrets and Pulumi access token OIDC. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -340,13 +337,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download Provider Binary uses: ./.github/actions/download-provider - name: Download SDK @@ -401,7 +400,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -415,13 +414,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Clear GitHub Actions Ubuntu runner disk space uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: @@ -472,7 +473,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -486,19 +487,21 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Scripts Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: path: ci-scripts repository: pulumi/scripts - run: echo "ci-scripts" >> .git/info/exclude - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download python SDK uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: @@ -552,7 +555,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -566,13 +569,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download java SDK uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: @@ -600,12 +605,12 @@ jobs: needs: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index aead29c0..d481da30 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -10,7 +10,7 @@ jobs: name: comment-on-pr steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - name: Comment PR diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d0bab79e..a791b795 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -8,7 +8,9 @@ on: - "!v*.*.*-**" env: PROVIDER: kubernetes-cert-manager + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget TRAVIS_OS_NAME: linux + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. GOVERSION: "1.21.x" NODEVERSION: "20.x" PYTHONVERSION: "3.11.8" @@ -30,7 +32,7 @@ jobs: pull-requests: write # For schema check comment. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -44,7 +46,7 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: @@ -53,6 +55,7 @@ jobs: uses: ./.github/actions/setup-tools with: cache: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} - if: github.event_name == 'pull_request' name: Install Schema Tools uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 @@ -104,10 +107,6 @@ jobs: sdk/nodejs/package.json sdk/python/pyproject.toml sdk/java/build.gradle - **/mise.lock - **/.config/mise.lock - **/mise.*.lock - **/.config/mise.*.lock - name: Commit SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') && github.event_name == @@ -201,7 +200,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -215,13 +214,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download Provider Binary uses: ./.github/actions/download-provider - name: Generate SDK @@ -240,10 +241,6 @@ jobs: sdk/nodejs/package.json sdk/python/pyproject.toml sdk/java/build.gradle - **/mise.lock - **/.config/mise.lock - **/mise.*.lock - **/.config/mise.*.lock - name: Commit SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') && github.event_name == @@ -329,7 +326,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -343,13 +340,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download Provider Binary uses: ./.github/actions/download-provider - name: Download SDK @@ -404,7 +403,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -418,13 +417,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Clear GitHub Actions Ubuntu runner disk space uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 with: @@ -475,7 +476,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -489,19 +490,21 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout Scripts Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: path: ci-scripts repository: pulumi/scripts - run: echo "ci-scripts" >> .git/info/exclude - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download python SDK uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: @@ -555,7 +558,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -569,13 +572,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download java SDK uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: @@ -603,12 +608,12 @@ jobs: needs: publish_sdk steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: @@ -642,7 +647,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: diff --git a/.github/workflows/release_command.yml b/.github/workflows/release_command.yml index 443b8cb9..4e2450d8 100644 --- a/.github/workflows/release_command.yml +++ b/.github/workflows/release_command.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false - env: diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index fbc30d1a..b0b67922 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -11,7 +11,9 @@ on: workflow_dispatch: {} env: PROVIDER: kubernetes-cert-manager + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget TRAVIS_OS_NAME: linux + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. GOVERSION: "1.21.x" NODEVERSION: "20.x" PYTHONVERSION: "3.11.8" @@ -31,7 +33,7 @@ jobs: name: comment-notification steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true persist-credentials: false @@ -56,7 +58,7 @@ jobs: pull-requests: write # For schema check comment. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true persist-credentials: false @@ -72,7 +74,7 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: @@ -81,6 +83,7 @@ jobs: uses: ./.github/actions/setup-tools with: cache: 'true' + github_token: ${{ secrets.GITHUB_TOKEN }} - if: github.event_name == 'pull_request' name: Install Schema Tools uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0 @@ -132,10 +135,6 @@ jobs: sdk/nodejs/package.json sdk/python/pyproject.toml sdk/java/build.gradle - **/mise.lock - **/.config/mise.lock - **/mise.*.lock - **/.config/mise.*.lock - name: Commit SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') && github.event_name == @@ -231,7 +230,7 @@ jobs: id-token: write # For ESC secrets. steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true persist-credentials: false @@ -247,13 +246,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download provider uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: @@ -281,10 +282,6 @@ jobs: sdk/nodejs/package.json sdk/python/pyproject.toml sdk/java/build.gradle - **/mise.lock - **/.config/mise.lock - **/mise.*.lock - **/.config/mise.*.lock - name: Commit SDK changes for Renovate if: failure() && steps.worktreeClean.outcome == 'failure' && contains(github.actor, 'renovate') && github.event_name == @@ -372,7 +369,7 @@ jobs: id-token: write steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true persist-credentials: false @@ -388,13 +385,15 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - id: version name: Set Provider Version - uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1 + uses: pulumi/provider-version-action@f96d032a2758fdda7939e5728eff6c0d980ae894 # v1.6.0 with: set-env: PROVIDER_VERSION env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Download provider uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: @@ -461,7 +460,7 @@ jobs: name: sentinel steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true persist-credentials: false @@ -476,7 +475,7 @@ jobs: name: Fetch secrets from ESC uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - name: Mark workflow as successful - uses: guibranco/github-status-action-v2@0849440ec82c5fa69b2377725b9b7852a3977e76 # v1.1.13 + uses: guibranco/github-status-action-v2@631f55ea0251f0fb284525ad86c30e9f7a8dd284 # v1.1.14 with: authToken: ${{ secrets.GITHUB_TOKEN }} context: Sentinel @@ -496,13 +495,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true persist-credentials: false ref: ${{ env.PR_COMMIT_SHA }} - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Disarm go:embed directives to enable linters that compile source code run: git grep -l 'go:embed' -- provider | xargs --no-run-if-empty sed -i 's/go:embed/ goembed/g' diff --git a/.github/workflows/weekly-pulumi-update.yml b/.github/workflows/weekly-pulumi-update.yml index 79ad8dfd..8760a3f6 100644 --- a/.github/workflows/weekly-pulumi-update.yml +++ b/.github/workflows/weekly-pulumi-update.yml @@ -8,7 +8,9 @@ on: env: GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} PROVIDER: kubernetes-cert-manager + PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget TRAVIS_OS_NAME: linux + PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/.. GOVERSION: "1.21.x" NODEVERSION: "20.x" PYTHONVERSION: "3.11.8" @@ -27,7 +29,7 @@ jobs: permissions: write-all steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: lfs: true - env: @@ -41,6 +43,8 @@ jobs: uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b - name: Setup Tools uses: ./.github/actions/setup-tools + with: + github_token: ${{ secrets.GITHUB_TOKEN }} - name: Update Pulumi/Pulumi id: gomod run: >-