diff --git a/.ci-mgmt.yaml b/.ci-mgmt.yaml index 87928e0c886..bd5cc2e6d7e 100644 --- a/.ci-mgmt.yaml +++ b/.ci-mgmt.yaml @@ -8,6 +8,13 @@ generate-nightly-test-workflow: true providerVersion: github.com/hashicorp/terraform-provider-aws/version.ProviderVersion buildProviderPre: "VERSION=${VERSION_GENERIC} ./scripts/minimal_schema.sh" +testProviderCmd: | + VERSION=${VERSION_GENERIC} ./scripts/minimal_schema.sh && \ + cd provider && go test -v -short \ + -coverprofile="coverage.txt" \ + -coverpkg="./...,github.com/hashicorp/terraform-provider-..." \ + -parallel $(TESTPARALLELISM) \ + ./... toolVersions: go: "1.23.x" diff --git a/.github/actions/download-prerequisites/action.yml b/.github/actions/download-prerequisites/action.yml index 6adff25e0f3..5d470402062 100644 --- a/.github/actions/download-prerequisites/action.yml +++ b/.github/actions/download-prerequisites/action.yml @@ -5,7 +5,7 @@ runs: using: "composite" steps: - name: Download the prerequisites bin - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: prerequisites-bin path: bin @@ -19,7 +19,7 @@ runs: run: rm bin/executables.txt - name: Download schema-embed.json - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: # Use a pattern to avoid failing if the artifact doesn't exist pattern: schema-embed.* diff --git a/.github/actions/download-provider/action.yml b/.github/actions/download-provider/action.yml index 44e5a36d0a5..59df8ffb2a3 100644 --- a/.github/actions/download-provider/action.yml +++ b/.github/actions/download-provider/action.yml @@ -6,7 +6,7 @@ runs: steps: - name: Download pulumi-resource-aws - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: pattern: pulumi-resource-aws-*-linux-amd64.tar.gz path: ${{ github.workspace }}/bin diff --git a/.github/actions/download-sdk/action.yml b/.github/actions/download-sdk/action.yml index e0a49f36aaf..c241e3c7172 100644 --- a/.github/actions/download-sdk/action.yml +++ b/.github/actions/download-sdk/action.yml @@ -10,7 +10,7 @@ runs: using: "composite" steps: - name: Download ${{ inputs.language }} SDK - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: name: ${{ inputs.language }}-sdk.tar.gz path: ${{ github.workspace}}/sdk/ diff --git a/.github/actions/esc-action/action.yaml b/.github/actions/esc-action/action.yaml new file mode 100644 index 00000000000..86c88f0eaab --- /dev/null +++ b/.github/actions/esc-action/action.yaml @@ -0,0 +1,12 @@ +name: "Load secrets" +description: | + This is a temporary action which assists with our migration to ESC. Instead + of surrounding every step that references secrets with an "if ESC" block, we + instead modify those steps to consume their secrets from this step's outputs. + Then, later, we can replace this action with esc-action to actually load + secrets from ESC. +inputs: {} +outputs: {} +runs: + using: "node20" + main: "index.js" diff --git a/.github/actions/esc-action/index.js b/.github/actions/esc-action/index.js new file mode 100644 index 00000000000..bb9fbb445e5 --- /dev/null +++ b/.github/actions/esc-action/index.js @@ -0,0 +1,14 @@ +const fs = require("fs"); + +const file = process.env["GITHUB_OUTPUT"]; +var stream = fs.createWriteStream(file, { flags: "a" }); + +for (const [name, value] of Object.entries(process.env)) { + try { + stream.write(`${name}=${value}\n`); + } catch (err) { + console.log(`error: failed to set output for ${name}: ${err.message}`); + } +} + +stream.end(); diff --git a/.github/workflows/build_provider.yml b/.github/workflows/build_provider.yml index 7e21a86d32b..9aec57e6389 100644 --- a/.github/workflows/build_provider.yml +++ b/.github/workflows/build_provider.yml @@ -19,7 +19,8 @@ on: {"os": "linux", "arch": "arm64"}, {"os": "darwin", "arch": "amd64"}, {"os": "darwin", "arch": "arm64"}, - {"os": "windows", "arch": "amd64"} + {"os": "windows", "arch": "amd64"}, + {"os": "windows", "arch": "arm64"} ] } @@ -43,7 +44,7 @@ jobs: dotnet: false large-packages: false - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false diff --git a/.github/workflows/build_sdk.yml b/.github/workflows/build_sdk.yml index 5444fb7668b..e1b1cb20c68 100644 --- a/.github/workflows/build_sdk.yml +++ b/.github/workflows/build_sdk.yml @@ -43,7 +43,7 @@ jobs: swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false @@ -63,6 +63,8 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Download prerequisites uses: ./.github/actions/download-prerequisites + - name: Download bin + uses: ./.github/actions/download-provider - name: Update path run: echo "${{ github.workspace }}/bin" >> "$GITHUB_PATH" - name: Restore makefile progress diff --git a/.github/workflows/command-dispatch.yml b/.github/workflows/command-dispatch.yml index 1c6ece911b0..e0f402594dd 100644 --- a/.github/workflows/command-dispatch.yml +++ b/.github/workflows/command-dispatch.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false diff --git a/.github/workflows/community-moderation.yml b/.github/workflows/community-moderation.yml index f4dcc0a6178..b521346352d 100644 --- a/.github/workflows/community-moderation.yml +++ b/.github/workflows/community-moderation.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false diff --git a/.github/workflows/license.yml b/.github/workflows/license.yml index 9ddfae143f2..e981e084669 100644 --- a/.github/workflows/license.yml +++ b/.github/workflows/license.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Setup tools diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 35f422c25f3..a064b1d2f80 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false diff --git a/.github/workflows/main-post-build.yml b/.github/workflows/main-post-build.yml index 4e9801de6d5..a3c1e7f8911 100644 --- a/.github/workflows/main-post-build.yml +++ b/.github/workflows/main-post-build.yml @@ -30,12 +30,12 @@ jobs: tool-cache: false swap-storage: false - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1 + uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1 with: aws-access-key-id: ${{ secrets.AWS_CORP_S3_UPLOAD_ACCESS_KEY_ID }} aws-region: us-west-2 diff --git a/.github/workflows/prerequisites.yml b/.github/workflows/prerequisites.yml index 112e497474f..d42e91931d7 100644 --- a/.github/workflows/prerequisites.yml +++ b/.github/workflows/prerequisites.yml @@ -38,15 +38,8 @@ jobs: outputs: version: ${{ steps.provider-version.outputs.version }} steps: - # Run as first step so we don't delete things that have just been installed - - name: Free Disk Space (Ubuntu) - uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 - with: - tool-cache: false - swap-storage: false - dotnet: false - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false @@ -55,48 +48,9 @@ jobs: with: major-version: 7 set-env: 'PROVIDER_VERSION' - - name: Cache examples generation - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 - with: - path: | - .pulumi/examples-cache - key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} - - name: Setup tools - uses: ./.github/actions/setup-tools - with: - tools: go, pulumictl, pulumicli, schema-tools - - name: Prepare local workspace before restoring previously built files - run: make prepare_local_workspace - - name: Generate schema - run: make schema - - name: Build provider binary - run: make provider - - name: Unit-test provider code - run: make test_provider - - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3 - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - - if: inputs.is_pr - name: Check Schema is Valid - run: | - EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) - { - echo "SCHEMA_CHANGES<<$EOF"; - schema-tools compare -r github://api.github.com/pulumi -p aws -o "${{ inputs.default_branch }}" -n --local-path=provider/cmd/pulumi-resource-aws/schema.json; - echo "$EOF"; - } >> "$GITHUB_ENV" - - if: inputs.is_pr && inputs.is_automated == false && github.actor != 'dependabot[bot]' - name: Comment on PR with Details of Schema Check - uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - comment-tag: schemaCheck - message: >+ - ${{ env.SCHEMA_CHANGES }} - - - Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes. - + - name: Generate schema-embed + run: make schema_embed + - name: Build tfgen + run: make tfgen_build_only - name: Upload artifacts uses: ./.github/actions/upload-prerequisites diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 0b3d11f1fac..573747be8b4 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -41,7 +41,7 @@ jobs: if: inputs.skipGoSdk && inputs.isPrerelease == false run: echo "Can't skip Go SDK for stable releases. This is likely a bug in the calling workflow." && exit 1 - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false @@ -51,7 +51,7 @@ jobs: tools: pulumictl, pulumicli, go, schema-tools cache-go: false - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1 + uses: aws-actions/configure-aws-credentials@7474bc4690e29a8392af63c5b98e7449536d5c3a # v4.3.1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-region: us-east-2 @@ -63,14 +63,14 @@ jobs: - name: Create dist directory run: mkdir -p dist - name: Download provider assets - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: pattern: pulumi-resource-aws-v${{ inputs.version }}-* path: dist # Don't create a directory for each artifact merge-multiple: true - name: Download schema - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 with: # Use a pattern to avoid failing if the artifact doesn't exist pattern: schema-embed.* @@ -117,7 +117,7 @@ jobs: python_version: ${{ steps.python_version.outputs.version }} steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true # Persist credentials so we can push back to the repo @@ -211,7 +211,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Clean up release labels diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index eadb434939c..adc28691d1f 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false diff --git a/.github/workflows/release_command.yml b/.github/workflows/release_command.yml index 5712f40e5fc..5c4413dee08 100644 --- a/.github/workflows/release_command.yml +++ b/.github/workflows/release_command.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Should release PR diff --git a/.github/workflows/run-acceptance-tests.yml b/.github/workflows/run-acceptance-tests.yml index 74a8a515a7d..fe4c3613a48 100644 --- a/.github/workflows/run-acceptance-tests.yml +++ b/.github/workflows/run-acceptance-tests.yml @@ -53,11 +53,112 @@ jobs: ] } + test_provider: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + runs-on: ubuntu-latest + needs: prerequisites + permissions: + contents: read + pull-requests: write + steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 + with: + tool-cache: false + swap-storage: false + dotnet: false + - name: Checkout Repo + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + with: + submodules: true + persist-credentials: false + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go, pulumictl, pulumicli + - name: Restore prerequisites + uses: ./.github/actions/download-prerequisites + - name: Prepare local workspace + run: make prepare_local_workspace + - name: Unit-test provider code + run: make test_provider + - name: Upload coverage reports to Codecov + uses: codecov/codecov-action@fdcc8476540edceab3de004e990f80d881c6cc00 # v5.5.0 + env: + CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} + + build_schema: + if: github.event_name == 'repository_dispatch' || + github.event.pull_request.head.repo.full_name == github.repository + runs-on: ubuntu-latest + needs: prerequisites + permissions: + contents: read + pull-requests: write + steps: + # Run as first step so we don't delete things that have just been installed + - name: Free Disk Space (Ubuntu) + uses: jlumbroso/free-disk-space@54081f138730dfa15788a46383842cd2f914a1be # v1.3.1 + with: + tool-cache: false + swap-storage: false + dotnet: false + - name: Checkout Repo + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + with: + submodules: true + persist-credentials: false + - name: Cache examples generation + uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4 + with: + path: | + .pulumi/examples-cache + key: ${{ runner.os }}-${{ hashFiles('provider/go.sum') }} + - name: Setup tools + uses: ./.github/actions/setup-tools + with: + tools: go, pulumictl, pulumicli, schema-tools + - name: Prepare local workspace before restoring previously built files + run: make prepare_local_workspace + - name: Restore prerequisites + uses: ./.github/actions/download-prerequisites + - name: Restore makefile progress + # This mirrors the targets completed in the prerequisites job + run: make --touch provider + - name: Generate schema + run: make schema + env: + PROVIDER_VERSION: ${{ needs.prerequisites.outputs.version }} + - if: ${{ github.event_name == 'pull_request' }} + name: Check Schema is Valid + run: | + EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) + { + echo "SCHEMA_CHANGES<<$EOF"; + schema-tools compare -r github://api.github.com/pulumi -p aws -o "${{ github.event.pull_request.base.ref }}" -n --local-path=provider/cmd/pulumi-resource-aws/schema.json; + echo "$EOF"; + } >> "$GITHUB_ENV" + - if: github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' == false && github.actor != 'dependabot[bot]' + name: Comment on PR with Details of Schema Check + uses: thollander/actions-comment-pull-request@24bffb9b452ba05a4f3f77933840a6a841d1b32b # v3.0.1 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + comment-tag: schemaCheck + message: >+ + ${{ env.SCHEMA_CHANGES }} + + + Maintainer note: consult the [runbook](https://github.com/pulumi/platform-providers-team/blob/main/playbooks/tf-provider-updating.md) for dealing with any breaking changes. + build_sdk: if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository name: build_sdk - needs: prerequisites + needs: + - prerequisites + - build_provider uses: ./.github/workflows/build_sdk.yml secrets: inherit with: @@ -112,6 +213,7 @@ jobs: needs: - prerequisites - build_provider + - test_provider - build_sdk permissions: contents: read diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4994c440659..317210327aa 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -37,13 +37,13 @@ jobs: swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ env.PR_COMMIT_SHA }} submodules: true persist-credentials: false - name: Checkout p/examples - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: repository: pulumi/examples path: p-examples diff --git a/.github/workflows/upgrade-bridge.yml b/.github/workflows/upgrade-bridge.yml index c296d872386..6775b5efa6d 100644 --- a/.github/workflows/upgrade-bridge.yml +++ b/.github/workflows/upgrade-bridge.yml @@ -83,7 +83,7 @@ jobs: swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true persist-credentials: false diff --git a/.github/workflows/upgrade-java.yml b/.github/workflows/upgrade-java.yml index 8a3f0c4c200..341d7aa24e7 100644 --- a/.github/workflows/upgrade-java.yml +++ b/.github/workflows/upgrade-java.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Persist credentials so upgrade-provider can push a new branch. persist-credentials: true diff --git a/.github/workflows/upgrade-provider.yml b/.github/workflows/upgrade-provider.yml index c2ce80e036a..ef7ecd47d39 100644 --- a/.github/workflows/upgrade-provider.yml +++ b/.github/workflows/upgrade-provider.yml @@ -40,7 +40,7 @@ jobs: swap-storage: false dotnet: false - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true # Persist credentials so upgrade-provider can push a new branch. diff --git a/.github/workflows/verify-release.yml b/.github/workflows/verify-release.yml index e1ca7d18c2a..9a0a1ec77f1 100644 --- a/.github/workflows/verify-release.yml +++ b/.github/workflows/verify-release.yml @@ -59,7 +59,7 @@ jobs: - name: Configure Git to checkout files with long names run: git config --global core.longpaths true - name: Checkout Repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Setup tools diff --git a/Makefile b/Makefile index c21bdf1d274..4b53f2ea329 100644 --- a/Makefile +++ b/Makefile @@ -221,11 +221,13 @@ test: export PATH := $(WORKING_DIR)/bin:$(PATH) test: cd examples && go test -v -tags=all -parallel $(TESTPARALLELISM) -timeout 2h $(value GOTESTARGS) .PHONY: test -test_provider_cmd = cd provider && go test -v -short \ - -coverprofile="coverage.txt" \ - -coverpkg="./...,github.com/hashicorp/terraform-provider-..." \ - -parallel $(TESTPARALLELISM) \ - ./... +test_provider_cmd = VERSION=${VERSION_GENERIC} ./scripts/minimal_schema.sh && \ +cd provider && go test -v -short \ + -coverprofile="coverage.txt" \ + -coverpkg="./...,github.com/hashicorp/terraform-provider-..." \ + -parallel $(TESTPARALLELISM) \ + ./... + test_provider: $(call test_provider_cmd) .PHONY: test_provider @@ -249,6 +251,13 @@ bin/$(CODEGEN): provider/*.go provider/go.* .make/upstream (cd provider && go build $(PULUMI_PROVIDER_BUILD_PARALLELISM) -o $(WORKING_DIR)/bin/$(CODEGEN) -ldflags "$(LDFLAGS_PROJ_VERSION) $(LDFLAGS_EXTRAS)" $(PROJECT)/$(PROVIDER_PATH)/cmd/$(CODEGEN)) .PHONY: tfgen schema tfgen_no_deps tfgen_build_only +provider/cmd/$(PROVIDER)/schema-embed.json: +schema_embed: provider/cmd/$(PROVIDER)/schema-embed.json + (cd provider && VERSION=$(PROVIDER_VERSION) go generate cmd/$(PROVIDER)/main.go) + +.PHONY: schema_embed + + # Apply patches to the upstream submodule, if it exists upstream: .make/upstream # Re-run if the upstream commit or the patches change. diff --git a/scripts/crossbuild.mk b/scripts/crossbuild.mk index bdde184fcf6..4c7562e6ab1 100644 --- a/scripts/crossbuild.mk +++ b/scripts/crossbuild.mk @@ -19,6 +19,8 @@ bin/darwin-arm64/$(PROVIDER): GOOS := darwin bin/darwin-arm64/$(PROVIDER): GOARCH := arm64 bin/windows-amd64/$(PROVIDER).exe: GOOS := windows bin/windows-amd64/$(PROVIDER).exe: GOARCH := amd64 +bin/windows-arm64/$(PROVIDER).exe: GOOS := windows +bin/windows-arm64/$(PROVIDER).exe: GOARCH := arm64 bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: bin/jsign-6.0.jar $(call build_provider_cmd,$(GOOS),$(GOARCH),$(WORKING_DIR)/$@) @@ -26,7 +28,7 @@ bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: bin/jsign-6.0.jar @# Test variables set by joining with | between and looking for || showing at least one variable is empty. @# Move the binary to a temporary location and sign it there to avoid the target being up-to-date if signing fails. @set -e; \ - if [[ "${GOOS}-${GOARCH}" = "windows-amd64" && "${SKIP_SIGNING}" != "true" ]]; then \ + if [[ "${GOOS}" = "windows" && "${SKIP_SIGNING}" != "true" ]]; then \ if [[ "|${AZURE_SIGNING_CLIENT_ID}|${AZURE_SIGNING_CLIENT_SECRET}|${AZURE_SIGNING_TENANT_ID}|${AZURE_SIGNING_KEY_VAULT_URI}|" == *"||"* ]]; then \ echo "Can't sign windows binaries as required configuration not set: AZURE_SIGNING_CLIENT_ID, AZURE_SIGNING_CLIENT_SECRET, AZURE_SIGNING_TENANT_ID, AZURE_SIGNING_KEY_VAULT_URI"; \ echo "To rebuild with signing delete the unsigned $@ and rebuild with the fixed configuration"; \ @@ -58,13 +60,15 @@ provider-linux-arm64: bin/linux-arm64/$(PROVIDER) provider-darwin-amd64: bin/darwin-amd64/$(PROVIDER) provider-darwin-arm64: bin/darwin-arm64/$(PROVIDER) provider-windows-amd64: bin/windows-amd64/$(PROVIDER).exe -.PHONY: provider-linux-amd64 provider-linux-arm64 provider-darwin-amd64 provider-darwin-arm64 provider-windows-amd64 +provider-windows-arm64: bin/windows-arm64/$(PROVIDER).exe +.PHONY: provider-linux-amd64 provider-linux-arm64 provider-darwin-amd64 provider-darwin-arm64 provider-windows-amd64 provider-windows-arm64 bin/$(PROVIDER)-v$(PROVIDER_VERSION)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER) bin/$(PROVIDER)-v$(PROVIDER_VERSION)-linux-arm64.tar.gz: bin/linux-arm64/$(PROVIDER) bin/$(PROVIDER)-v$(PROVIDER_VERSION)-darwin-amd64.tar.gz: bin/darwin-amd64/$(PROVIDER) bin/$(PROVIDER)-v$(PROVIDER_VERSION)-darwin-arm64.tar.gz: bin/darwin-arm64/$(PROVIDER) bin/$(PROVIDER)-v$(PROVIDER_VERSION)-windows-amd64.tar.gz: bin/windows-amd64/$(PROVIDER).exe +bin/$(PROVIDER)-v$(PROVIDER_VERSION)-windows-arm64.tar.gz: bin/windows-arm64/$(PROVIDER).exe bin/$(PROVIDER)-v$(PROVIDER_VERSION)-%.tar.gz: @mkdir -p dist @# $< is the last dependency (the binary path from above) e.g. bin/linux-amd64/pulumi-resource-xyz @@ -76,5 +80,6 @@ provider_dist-linux-arm64: bin/$(PROVIDER)-v$(PROVIDER_VERSION)-linux-arm64.tar. provider_dist-darwin-amd64: bin/$(PROVIDER)-v$(PROVIDER_VERSION)-darwin-amd64.tar.gz provider_dist-darwin-arm64: bin/$(PROVIDER)-v$(PROVIDER_VERSION)-darwin-arm64.tar.gz provider_dist-windows-amd64: bin/$(PROVIDER)-v$(PROVIDER_VERSION)-windows-amd64.tar.gz +provider_dist-windows-arm64: bin/$(PROVIDER)-v$(PROVIDER_VERSION)-windows-arm64.tar.gz provider_dist: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 .PHONY: provider_dist-linux-amd64 provider_dist-linux-arm64 provider_dist-darwin-amd64 provider_dist-darwin-arm64 provider_dist-windows-amd64 provider_dist