main

[DOWNSTREAM TEST] Update GitHub Actions workflows. (#874) #188

Workflow file for this run

	# WARNING: This file is autogenerated - changes will be overwritten if not made via https://github.com/pulumi/ci-mgmt

	name: main # For consistency with bridged providers.
	on:
	push:
	branches:
	- master
	- main
	- feature-**
	paths-ignore:
	- CHANGELOG.md
	tags-ignore:
	- v*
	- sdk/*
	- "**"
	workflow_dispatch: {}
	env:
	PROVIDER: provider-boilerplate
	PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
	TRAVIS_OS_NAME: linux
	PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
	GOVERSION: "1.21.x"
	NODEVERSION: "20.x"
	PYTHONVERSION: "3.11.8"
	DOTNETVERSION: "8.0.x"
	JAVAVERSION: "11"
	FOO: BAR

	jobs:
	prerequisites:
	runs-on: ubuntu-latest
	name: prerequisites
	permissions:
	id-token: write # For ESC secrets.
	pull-requests: write # For schema check comment.
	steps:
	- name: Checkout Repo
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	lfs: true
	- env:
	ESC_ACTION_ENVIRONMENT: imports/github-secrets
	ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
	ESC_ACTION_OIDC_AUTH: "true"
	ESC_ACTION_OIDC_ORGANIZATION: pulumi
	ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
	id: esc-secrets
	name: Fetch secrets from ESC
	uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
	- id: version
	name: Set Provider Version
	uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
	with:
	set-env: PROVIDER_VERSION
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: Setup Tools
	uses: ./.github/actions/setup-tools
	with:
	cache: 'true'
	github_token: ${{ secrets.GITHUB_TOKEN }}
	- if: github.event_name == 'pull_request'
	name: Install Schema Tools
	uses: jaxxstorm/action-install-gh-release@6096f2a2bbfee498ced520b6922ac2c06e990ed2 # v2.1.0
	with:
	repo: pulumi/schema-tools
	- name: Build codegen binaries
	run: make codegen
	- name: Build Schema
	run: make generate_schema
	- if: github.event_name == 'pull_request'
	name: Check Schema is Valid
	run: >-
	{
	echo 'SCHEMA_CHANGES<<EOF';

	schema-tools compare -p ${{ env.PROVIDER }} -o ${{ github.event.repository.default_branch }} -n --local-path=provider/cmd/pulumi-resource-${{ env.PROVIDER }}/schema.json;

	echo 'EOF';
	} >> "$GITHUB_ENV"
	env:
	GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
	- if: github.event_name == 'pull_request' && github.actor != 'dependabot[bot]'
	name: Comment on PR with Details of Schema Check
	uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1
	with:
	message: \|
	${{ env.SCHEMA_CHANGES }}
	comment-tag: schemaCheck
	github-token: ${{ secrets.GITHUB_TOKEN }}
	- if: contains(env.SCHEMA_CHANGES, 'Looking good! No breaking changes found.') &&
	github.actor == 'pulumi-bot'
	name: Add label if no breaking changes
	uses: actions-ecosystem/action-add-labels@18f1af5e3544586314bbe15c0273249c770b2daf # v1.1.3
	with:
	labels: impact/no-changelog-required
	number: ${{ github.event.issue.number }}
	github_token: ${{ secrets.GITHUB_TOKEN }}
	- name: Build Provider
	run: make provider
	- name: Check worktree clean
	id: worktreeClean
	uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1
	with:
	allowed-changes: \|-
	sdk/**/pulumi-plugin.json
	sdk/dotnet/..csproj
	sdk/dotnet/version.txt
	sdk/go/**/pulumiUtilities.go
	sdk/nodejs/package.json
	sdk/python/pyproject.toml
	sdk/java/build.gradle
	- name: Commit SDK changes for Renovate
	if: failure() && steps.worktreeClean.outcome == 'failure' &&
	contains(github.actor, 'renovate') && github.event_name ==
	'pull_request'
	shell: bash
	run: >
	git diff --quiet -- sdk && echo "no changes to sdk" && exit

	git config --global user.email "[email protected]"

	git config --global user.name "pulumi-bot"

	# Stash local changes and check out the PR's branch directly.

	git stash

	git fetch

	git checkout "origin/$HEAD_REF"


	# Apply and add our changes, but don't commit any files we expect to

	# always change due to versioning.

	git stash pop

	git add sdk

	git reset sdk/python/*/pulumi-plugin.json \
	sdk/python/pyproject.toml \
	sdk/dotnet/pulumi-plugin.json \
	sdk/dotnet/..csproj \
	sdk/dotnet/version.txt \
	sdk/go/*/pulumi-plugin.json \
	sdk/go/*/internal/pulumiUtilities.go \
	sdk/nodejs/package.json

	git commit -m 'Commit SDK for Renovate'


	# Push with pulumi-bot credentials to trigger a re-run of the

	# workflow. https://github.com/orgs/community/discussions/25702

	git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
	env:
	HEAD_REF: ${{ github.head_ref }}
	- run: git status --porcelain
	- name: Tar provider binaries
	run: tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{
	github.workspace}}/bin/ pulumi-resource-${{ env.PROVIDER }}
	pulumi-gen-${{ env.PROVIDER}}
	- name: Upload artifacts
	uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
	with:
	name: pulumi-${{ env.PROVIDER }}-provider.tar.gz
	path: ${{ github.workspace }}/bin/provider.tar.gz
	- name: Test Provider Library
	run: make test_provider
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: Upload coverage reports to Codecov
	uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1
	env:
	CODECOV_TOKEN: ${{ steps.esc-secrets.outputs.CODECOV_TOKEN }}
	- if: failure() && github.event_name == 'push'
	name: Notify Slack
	uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
	with:
	author_name: Failure in building provider prerequisites
	fields: repo,commit,author,action
	status: ${{ job.status }}
	env:
	SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
	build_sdks:
	needs: prerequisites
	runs-on: pulumi-ubuntu-8core
	strategy:
	fail-fast: ${{ ! contains(github.actor, 'renovate') }}
	matrix:
	language:
	- nodejs
	- python
	- dotnet
	- go
	- java
	name: build_sdks
	permissions:
	pull-requests: write # For Renovate SDK updates.
	id-token: write # For ESC secrets.
	steps:
	- name: Checkout Repo
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	lfs: true
	- env:
	ESC_ACTION_ENVIRONMENT: imports/github-secrets
	ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
	ESC_ACTION_OIDC_AUTH: "true"
	ESC_ACTION_OIDC_ORGANIZATION: pulumi
	ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
	id: esc-secrets
	name: Fetch secrets from ESC
	uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
	- id: version
	name: Set Provider Version
	uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
	with:
	set-env: PROVIDER_VERSION
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: Setup Tools
	uses: ./.github/actions/setup-tools
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	- name: Download Provider Binary
	uses: ./.github/actions/download-provider
	- name: Generate SDK
	run: make generate_${{ matrix.language }}
	- name: Build SDK
	run: make build_${{ matrix.language }}
	- name: Check worktree clean
	id: worktreeClean
	uses: pulumi/git-status-check-action@54000b91124a8dd9fd6a872cb41f5dd246a46e7c # v1.1.1
	with:
	allowed-changes: \|-
	sdk/**/pulumi-plugin.json
	sdk/dotnet/..csproj
	sdk/dotnet/version.txt
	sdk/go/**/pulumiUtilities.go
	sdk/nodejs/package.json
	sdk/python/pyproject.toml
	sdk/java/build.gradle
	- name: Commit SDK changes for Renovate
	if: failure() && steps.worktreeClean.outcome == 'failure' &&
	contains(github.actor, 'renovate') && github.event_name ==
	'pull_request'
	shell: bash
	run: >
	git diff --quiet -- sdk && echo "no changes to sdk" && exit

	git config --global user.email "[email protected]"

	git config --global user.name "pulumi-bot"

	# Stash local changes and check out the PR's branch directly.

	git stash

	git fetch

	git checkout "origin/$HEAD_REF"


	# Apply and add our changes, but don't commit any files we expect to

	# always change due to versioning.

	git stash pop

	git add sdk

	git reset sdk/python/*/pulumi-plugin.json \
	sdk/python/pyproject.toml \
	sdk/dotnet/pulumi-plugin.json \
	sdk/dotnet/..csproj \
	sdk/dotnet/version.txt \
	sdk/go/*/pulumi-plugin.json \
	sdk/go/*/internal/pulumiUtilities.go \
	sdk/nodejs/package.json

	git commit -m 'Commit SDK for Renovate'


	# Push with pulumi-bot credentials to trigger a re-run of the

	# workflow. https://github.com/orgs/community/discussions/25702

	git push https://pulumi-bot:${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}@github.com/${{ github.repository }} "HEAD:$HEAD_REF"
	env:
	HEAD_REF: ${{ github.head_ref }}
	- run: git status --porcelain
	- name: Tar SDK folder
	run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }} .
	- name: Upload artifacts
	uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
	with:
	name: ${{ matrix.language }}-sdk.tar.gz
	path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
	retention-days: 30
	- if: failure() && github.event_name == 'push'
	name: Notify Slack
	uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
	with:
	author_name: Failure while building SDKs
	fields: repo,commit,author,action
	status: ${{ job.status }}
	env:
	SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}

	tag_release_if_labeled_needs_release:
	name: Tag release if labeled as needs-release
	needs: publish
	runs-on: ubuntu-latest
	permissions:
	contents: read
	id-token: write # For ESC secrets.
	steps:
	- name: Checkout Repo
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	lfs: true
	- env:
	ESC_ACTION_ENVIRONMENT: imports/github-secrets
	ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
	ESC_ACTION_OIDC_AUTH: "true"
	ESC_ACTION_OIDC_ORGANIZATION: pulumi
	ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
	id: esc-secrets
	name: Fetch secrets from ESC
	uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
	- name: check if this commit needs release
	if: ${{ env.RELEASE_BOT_ENDPOINT != '' }}
	uses: pulumi/action-release-by-pr-label@main
	with:
	command: "release-if-needed"
	repo: ${{ github.repository }}
	commit: ${{ github.sha }}
	slack_channel: C02MGR8JVST
	env:
	RELEASE_BOT_ENDPOINT: ${{ steps.esc-secrets.outputs.RELEASE_BOT_ENDPOINT }}
	RELEASE_BOT_KEY: ${{ steps.esc-secrets.outputs.RELEASE_BOT_KEY }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	test:
	runs-on: pulumi-ubuntu-8core
	needs:
	- build_sdks
	strategy:
	fail-fast: true
	matrix:
	language:
	- nodejs
	- python
	- dotnet
	- go
	- java
	- yaml
	name: test
	permissions:
	contents: read
	id-token: write # For ESC secrets and Pulumi access token OIDC.
	steps:
	- name: Checkout Repo
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	lfs: true
	- env:
	ESC_ACTION_ENVIRONMENT: imports/github-secrets
	ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
	ESC_ACTION_OIDC_AUTH: "true"
	ESC_ACTION_OIDC_ORGANIZATION: pulumi
	ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
	id: esc-secrets
	name: Fetch secrets from ESC
	uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
	- id: version
	name: Set Provider Version
	uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
	with:
	set-env: PROVIDER_VERSION
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: Setup Tools
	uses: ./.github/actions/setup-tools
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	- name: Download Provider Binary
	uses: ./.github/actions/download-provider
	- name: Download SDK
	if: ${{ matrix.language != 'yaml' }}
	uses: ./.github/actions/download-sdk
	with:
	language: ${{ matrix.language }}
	- name: Update path
	run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH"
	- name: Install Node dependencies
	run: yarn global add typescript
	- run: dotnet nuget add source ${{ github.workspace }}/nuget
	- name: Install Python deps
	run: \|-
	pip3 install virtualenv==20.0.23
	pip3 install pipenv
	- name: Install dependencies
	if: ${{ matrix.language != 'yaml' }}
	run: make install_${{ matrix.language}}_sdk
	- name: Install gotestfmt
	uses: GoTestTools/gotestfmt-action@v2
	with:
	version: v2.5.0
	token: ${{ secrets.GITHUB_TOKEN }}
	- name: Run tests
	run: >-
	set -euo pipefail

	cd examples && go test -count=1 -cover -timeout 2h -tags=${{ matrix.language }} -parallel 4 .
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- if: failure() && github.event_name == 'push'
	name: Notify Slack
	uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
	with:
	author_name: Failure in SDK tests
	fields: repo,commit,author,action
	status: ${{ job.status }}
	env:
	SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
	publish:
	runs-on: ubuntu-latest
	needs: test
	name: publish
	permissions:
	contents: read
	id-token: write # For ESC secrets.
	steps:
	- name: Checkout Repo
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	lfs: true
	- env:
	ESC_ACTION_ENVIRONMENT: imports/github-secrets
	ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
	ESC_ACTION_OIDC_AUTH: "true"
	ESC_ACTION_OIDC_ORGANIZATION: pulumi
	ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
	id: esc-secrets
	name: Fetch secrets from ESC
	uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
	- id: version
	name: Set Provider Version
	uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
	with:
	set-env: PROVIDER_VERSION
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: Setup Tools
	uses: ./.github/actions/setup-tools
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	- name: Clear GitHub Actions Ubuntu runner disk space
	uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1
	with:
	tool-cache: false
	dotnet: false
	android: true
	haskell: true
	swap-storage: true
	large-packages: false
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@61815dcd50bd041e203e49132bacad1fd04d2708 # v5.1.1
	with:
	aws-access-key-id: ${{ steps.esc-secrets.outputs.AWS_ACCESS_KEY_ID }}
	aws-region: us-east-2
	aws-secret-access-key: ${{ steps.esc-secrets.outputs.AWS_SECRET_ACCESS_KEY }}
	role-duration-seconds: 7200
	role-session-name: ${{ env.PROVIDER }}@githubActions
	role-external-id: upload-pulumi-release
	role-to-assume: ${{ steps.esc-secrets.outputs.AWS_UPLOAD_ROLE_ARN }}
	- name: Run GoReleaser
	uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
	env:
	GORELEASER_CURRENT_TAG: v${{ steps.version.outputs.version }}
	AZURE_SIGNING_CLIENT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID }}
	AZURE_SIGNING_CLIENT_SECRET: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET }}
	AZURE_SIGNING_TENANT_ID: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID }}
	AZURE_SIGNING_KEY_VAULT_URI: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI }}
	SKIP_SIGNING: ${{ steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_CLIENT_SECRET == '' && steps.esc-secrets.outputs.AZURE_SIGNING_TENANT_ID == '' && steps.esc-secrets.outputs.AZURE_SIGNING_KEY_VAULT_URI == '' }}
	GITHUB_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}
	with:
	args: -p 3 -f .goreleaser.prerelease.yml --clean --skip=validate --timeout 60m0s
	version: latest
	- if: failure() && github.event_name == 'push'
	name: Notify Slack
	uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
	with:
	author_name: Failure in publishing binaries
	fields: repo,commit,author,action
	status: ${{ job.status }}
	env:
	SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
	publish_sdk:
	runs-on: ubuntu-latest
	needs: publish
	name: publish_sdk
	permissions:
	contents: read
	id-token: write # For ESC secrets.
	steps:
	- name: Checkout Repo
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	lfs: true
	- env:
	ESC_ACTION_ENVIRONMENT: imports/github-secrets
	ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
	ESC_ACTION_OIDC_AUTH: "true"
	ESC_ACTION_OIDC_ORGANIZATION: pulumi
	ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
	id: esc-secrets
	name: Fetch secrets from ESC
	uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
	- id: version
	name: Set Provider Version
	uses: pulumi/provider-version-action@3a647064cf4697c7c6352b9a1d9e554450cbe957 # v1.6.1
	with:
	set-env: PROVIDER_VERSION
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	- name: Checkout Scripts Repo
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	path: ci-scripts
	repository: pulumi/scripts
	- run: echo "ci-scripts" >> .git/info/exclude
	- name: Setup Tools
	uses: ./.github/actions/setup-tools
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	- name: Download python SDK
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
	with:
	name: python-sdk.tar.gz
	path: ${{ github.workspace}}/sdk/
	- name: Uncompress python SDK
	run: tar -zxf ${{github.workspace}}/sdk/python.tar.gz -C
	${{github.workspace}}/sdk/python
	- name: Download dotnet SDK
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
	with:
	name: dotnet-sdk.tar.gz
	path: ${{ github.workspace}}/sdk/
	- name: Uncompress dotnet SDK
	run: tar -zxf ${{github.workspace}}/sdk/dotnet.tar.gz -C
	${{github.workspace}}/sdk/dotnet
	- name: Download nodejs SDK
	uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
	with:
	name: nodejs-sdk.tar.gz
	path: ${{ github.workspace}}/sdk/
	- name: Uncompress nodejs SDK
	run: tar -zxf ${{github.workspace}}/sdk/nodejs.tar.gz -C
	${{github.workspace}}/sdk/nodejs
	- name: Install Twine
	run: python -m pip install twine==5.0.0
	- name: Publish SDKs
	run: ./ci-scripts/ci/publish-tfgen-package ${{ github.workspace }}
	env:
	NUGET_PUBLISH_KEY: ${{ steps.esc-secrets.outputs.NUGET_PUBLISH_KEY }}
	NODE_AUTH_TOKEN: ${{ steps.esc-secrets.outputs.NPM_TOKEN }}
	PYPI_PUBLISH_ARTIFACTS: all
	PYPI_USERNAME: __token__
	PYPI_PASSWORD: ${{ steps.esc-secrets.outputs.PYPI_API_TOKEN }}
	SIGNING_KEY_ID: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY_ID }}
	SIGNING_KEY: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_KEY }}
	SIGNING_PASSWORD: ${{ steps.esc-secrets.outputs.JAVA_SIGNING_PASSWORD }}
	PUBLISH_REPO_USERNAME: ${{ steps.esc-secrets.outputs.OSSRH_USERNAME }}
	PUBLISH_REPO_PASSWORD: ${{ steps.esc-secrets.outputs.OSSRH_PASSWORD }}
	- if: failure() && github.event_name == 'push'
	name: Notify Slack
	uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.19.0
	with:
	author_name: Failure in publishing SDK
	fields: repo,commit,author,action
	status: ${{ job.status }}
	env:
	SLACK_WEBHOOK_URL: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
	lint:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout Repo
	uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
	with:
	lfs: true
	persist-credentials: false
	ref: ${{ env.PR_COMMIT_SHA }}
	- name: Setup Tools
	uses: ./.github/actions/setup-tools
	with:
	github_token: ${{ secrets.GITHUB_TOKEN }}
	- name: Disarm go:embed directives to enable linters that compile source code
	run: git grep -l 'go:embed' -- provider \| xargs --no-run-if-empty sed -i
	's/go:embed/ goembed/g'
	- name: golangci-lint provider pkg
	uses: golangci/golangci-lint-action@55c2c1448f86e01eaae002a5a3a9624417608d84 # v6.5.2
	with:
	install-mode: none # Handled by mise.
	working-directory: .
	name: lint
	if: github.event_name == 'repository_dispatch' \|\|
	github.event.pull_request.head.repo.full_name == github.repository

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[DOWNSTREAM TEST] Update GitHub Actions workflows. (#874) #188

Workflow file

[DOWNSTREAM TEST] Update GitHub Actions workflows. (#874) #188

Uh oh!

Jobs

Run details

Workflow file for this run