Skip to content
Pull request

deps(resourcedocsgen): bump the all-go-dependencies group across 1 directory with 7 updates #12536

Sign in to view logs

deps(resourcedocsgen): bump the all-go-dependencies group across 1 directory with 7 updates

deps(resourcedocsgen): bump the all-go-dependencies group across 1 directory with 7 updates #12536

Workflow file for this run

.github/workflows/pull-request.yml at e1936f2
permissions: write-all # Equivalent to default permissions plus id-token: write
env:
ESC_ACTION_OIDC_AUTH: true
ESC_ACTION_OIDC_ORGANIZATION: pulumi
ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
ESC_ACTION_ENVIRONMENT: github-secrets/pulumi-registry
ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: false
name: Pull request
on:
pull_request:
branches:
- master
jobs:
sentinel:
# The name of this action cannot be "Sentinel", since this job exists to create an
# action result called "Sentinel".
name: Sentinel Tower
if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository
permissions:
statuses: write
needs:
- resourcedocsgen
- mktutorial
- lint-markdown
- lint-scripts
- test-provider-api-docs
- preview
- test-live-publish
runs-on: ubuntu-latest
steps:
- uses: guibranco/github-status-action-v2@3f704867b3ec00272a5f1b550c207789736bbee9 # v1.2.0
with:
authToken: ${{secrets.GITHUB_TOKEN}}
# Write an explicit status check called "Sentinel" which will only pass if this code really runs.
# This should always be a required check for PRs.
context: 'Sentinel'
description: 'All required checks passed'
state: 'success'
# Write to the PR commit SHA if it's available as we don't want the merge commit sha,
# otherwise use the current SHA for any other type of build.
sha: ${{ github.event.pull_request.head.sha || github.sha }}
resourcedocsgen:
uses: ./.github/workflows/check-go.yml
with:
path: tools/resourcedocsgen/
mktutorial:
uses: ./.github/workflows/check-go.yml
with:
path: tools/mktutorial/
lint-markdown:
name: Lint Markdown
runs-on: ubuntu-latest
steps:
- name: Check out branch
uses: actions/checkout@v6
- name: Install Node
uses: actions/setup-node@v6
with:
node-version: "24.x"
cache: 'yarn'
- name: Lint Markdown
run: |
yarn install
make lint-markdown
lint-scripts:
name: Lint Scripts
runs-on: ubuntu-latest
steps:
- name: Check out branch
uses: actions/checkout@v6
- name: Install Node
uses: actions/setup-node@v6
with:
node-version: "24.x"
cache: 'yarn'
- name: Yarn Install
run: yarn install
- name: Run Linter
run: yarn run lint
test-infra:
name: Test Infrastructure Functions
runs-on: ubuntu-latest
steps:
- name: Check out branch
uses: actions/checkout@v6
- name: Install Node
uses: actions/setup-node@v6
with:
node-version: "24.x"
- name: Run tests
run: make test-infra
test-live-publish:
name: Test Live Registry Publish
runs-on: ubuntu-latest
steps:
- name: Fetch secrets from ESC
id: esc-secrets
uses: pulumi/esc-action@f3cfbabf37488463817366338165b92b5f99117e # v2
- name: Check out branch
uses: actions/checkout@v6
- name: Install uv
uses: astral-sh/setup-uv@v7
- run: uv run --with requests,pyyaml scripts/ci/push-registry.py --dry-run
env:
PULUMI_ACCESS_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_ACCESS_TOKEN }}
test-provider-api-docs:
name: Test Provider API Docs
runs-on: ubuntu-latest
steps:
- name: Check out branch
uses: actions/checkout@v6
- name: Install Node
uses: actions/setup-node@v6
with:
node-version: "24.x"
cache: 'yarn'
cache-dependency-path: |
yarn.lock
infrastructure/yarn.lock
themes/default/yarn.lock
themes/default/theme/yarn.lock
themes/default/theme/stencil/yarn.lock
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: 1.26.x
- name: Install Hugo
uses: peaceiris/actions-hugo@v3
with:
hugo-version: "0.157.0"
extended: true
- name: Prepare
run: make ensure build-assets
- name: Run Provider Tests
run: make test_provider_api_docs
env:
GOPATH: ${{ github.workspace }}/go
# Preview runs a registry build into a commit specific S3 bucket to preview changes.
#
# A link to the generated build is appended to the PR on each commit.
preview:
name: Build and deploy preview
# Only run this job for events that originate on this repository and if the automation/merge label is not applied to the PR.
# PRs with the automation/tfgen-provider-docs label contain only metadata file changes and don't need a PR build.
if: github.event.pull_request.head.repo.full_name == github.repository && contains(github.event.pull_request.labels.*.name, 'automation/tfgen-provider-docs') != true
runs-on: pulumi-service-ubuntu-24.04-16core
environment: testing
env:
GOPATH: ${{ github.workspace }}/go
steps:
- name: Fetch secrets from ESC
id: esc-secrets
uses: pulumi/esc-action@f3cfbabf37488463817366338165b92b5f99117e # v2
- name: Check out branch
uses: actions/checkout@v6
with:
# Full history needed for registry-mirror-discover to find package versions
fetch-depth: 0
- name: Install Node
uses: actions/setup-node@v6
with:
node-version: "24.x"
cache: 'yarn'
cache-dependency-path: |
yarn.lock
infrastructure/yarn.lock
themes/default/yarn.lock
themes/default/theme/yarn.lock
themes/default/theme/stencil/yarn.lock
- name: Install Go
uses: actions/setup-go@v6
with:
go-version: 1.26.x
- name: Install Hugo
uses: peaceiris/actions-hugo@v3
with:
hugo-version: "0.157.0"
extended: true
- name: Validate JSON file syntax
uses: limitusus/json-syntax-check@v2
with:
pattern: "community-packages/package-list.json"
- name: Yarn Install
run: yarn install
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v6
with:
aws-region: us-west-2
role-to-assume: arn:aws:iam::571684982431:role/ContinuousDelivery
role-duration-seconds: 7200
role-session-name: PullRequestPreviewSession
- name: Install s5cmd for fast S3 uploads
run: |
S5CMD_VERSION="2.3.0"
S5CMD_SHA256="de0fdbfa3aceae55e069ba81a0fc17b2026567637603734a387b2fca06c299b4"
curl -fsSL -o /tmp/s5cmd.tar.gz "https://github.com/peak/s5cmd/releases/download/v${S5CMD_VERSION}/s5cmd_${S5CMD_VERSION}_Linux-64bit.tar.gz"
echo "${S5CMD_SHA256} /tmp/s5cmd.tar.gz" | sha256sum --check --strict
sudo tar -xz -C /usr/local/bin s5cmd < /tmp/s5cmd.tar.gz
- name: Configure git for private Go modules
run: git config --global url."https://${{ steps.esc-secrets.outputs.PULUMI_BOT_TOKEN }}:x-oauth-basic@github.com/pulumi/registry-mirror-tools".insteadOf "https://github.com/pulumi/registry-mirror-tools"
- name: Cache provider schemas and generated docs
uses: actions/cache@v5
with:
path: |
.cache/schemas
.cache/versioned-docs
.cache/api-docs
key: docs-cache-${{ github.run_id }}
restore-keys: docs-cache-
- name: Get registry-mirror-discover version
id: mirror-version
run: echo "hash=$(grep 'REGISTRY_MIRROR_TOOLS_COMMIT=' scripts/generate-versioned-docs.sh | cut -d'"' -f2)" >> "$GITHUB_OUTPUT"
- name: Cache registry-mirror-discover binary
uses: actions/cache@v5
with:
path: bin/registry-mirror-discover
key: registry-mirror-discover-${{ steps.mirror-version.outputs.hash }}
- name: Build and deploy preview
run: make ci-pull-request
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PULUMI_ACCESS_TOKEN: ${{ steps.esc-secrets.outputs.PULUMI_ACCESS_TOKEN }}
PULUMI_STACK_NAME: ${{ vars.PULUMI_STACK_NAME }}
NODE_OPTIONS: "--max_old_space_size=8192"
ALGOLIA_APP_ID: ${{ vars.ALGOLIA_APP_ID }}
ALGOLIA_APP_SEARCH_KEY: ${{ vars.ALGOLIA_APP_SEARCH_KEY }}
notify:
if: (github.event.pull_request.user.login == 'pulumi-bot') && failure()
name: Send slack notification
runs-on: ubuntu-latest
needs: [preview]
steps:
- name: Fetch secrets from ESC
id: esc-secrets
uses: pulumi/esc-action@f3cfbabf37488463817366338165b92b5f99117e # v2
- name: Slack Notification
uses: docker://sholung/action-slack-notify:v2.3.0
env:
SLACK_CHANNEL: registry-ops
SLACK_COLOR: "#F54242"
SLACK_MESSAGE: "pull request build failure in pulumi/registry repo :meow_sad:"
SLACK_USERNAME: registrybot
SLACK_WEBHOOK: ${{ steps.esc-secrets.outputs.SLACK_WEBHOOK_URL }}
SLACK_ICON: https://www.pulumi.com/logos/brand/avatar-on-white.png