Skip to content

Commit

Permalink
First attempt at on-demand recording snapshots in CI
Browse files Browse the repository at this point in the history
  • Loading branch information
@thomas11
thomas11 committed Nov 2, 2023
1 parent b000cd5 commit 379922e
Showing 1 changed file with 269 additions and 0 deletions.
269 changes: 269 additions & 0 deletions .github/workflows/record.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,269 @@
name: Record an upgrade test snapshot
on:
workflow_dispatch:
inputs:
runTests:
type: string
description: 'The tests in examples to record snapshots for, as a regex for `go test -run`'
required: true

env:
ALT_AWS_ACCESS_KEY_ID: ${{ secrets.ALT_AWS_ACCESS_KEY_ID }}
ALT_AWS_SECRET_ACCESS_KEY: ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }}
ALT_AWS_PROFILE: ${{ secrets.ALT_AWS_PROFILE }}
AWS_REGION: us-west-2
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
PROVIDER: eks
PUBLISH_REPO_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
PUBLISH_REPO_USERNAME: ${{ secrets.OSSRH_USERNAME }}
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
PULUMI_API: https://api.pulumi-staging.io
PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
PR_COMMIT_SHA: ${{ github.event.client_payload.pull_request.head.sha }}
SIGNING_KEY: ${{ secrets.JAVA_SIGNING_KEY }}
SIGNING_KEY_ID: ${{ secrets.JAVA_SIGNING_KEY_ID }}
SIGNING_PASSWORD: ${{ secrets.JAVA_SIGNING_PASSWORD }}
PULUMI_ENABLE_RESOURCE_REFERENCES: 1
PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
GOVERSION: "1.21.x"
DOTNETVERSION: "6.x"
PYTHONVERSION: "3.8"
NODEVERSION: "18.x"
JAVAVERSION: "11"

jobs:
prerequisites:
name: prerequisites
runs-on: ubuntu-latest
# if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository
steps:
- name: Checkout Repo
uses: actions/checkout@v2
- name: Checkout Scripts Repo
uses: actions/checkout@v2
with:
path: ci-scripts
repository: pulumi/scripts
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GOVERSION }}
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@v1.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/action-install-pulumi-cli@v1.0.1
- name: Build provider binary + schema
run: make schema provider
- name: Check worktree clean
run: ./ci-scripts/ci/check-worktree-is-clean
- name: Tar provider binaries
run:
tar -zcf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin/ pulumi-resource-${{ env.PROVIDER }}
- name: Upload artifacts
uses: actions/upload-artifact@v2
with:
name: ${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin/provider.tar.gz
strategy:
fail-fast: true

build_sdk:
name: Build ${{ matrix.language }} SDK
runs-on: ubuntu-latest
needs: prerequisites
if: github.event_name == 'repository_dispatch' || github.event.pull_request.head.repo.full_name == github.repository
steps:
- name: Checkout Repo
uses: actions/checkout@v2
with:
ref: ${{ env.PR_COMMIT_SHA }}
- name: Checkout Scripts Repo
uses: actions/checkout@v2
with:
path: ci-scripts
repository: pulumi/scripts
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Install Go
uses: actions/setup-go@v4
with:
go-version: ${{ env.GOVERSION }}
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@v1.1.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/action-install-pulumi-cli@v1.0.1
- name: Setup Python
uses: actions/setup-python@v2
with:
python-version: ${{ env.PYTHONVERSION }}
- name: Setup DotNet
uses: actions/setup-dotnet@v1
with:
dotnet-version: ${{ env.DOTNETVERSION }}
- name: Setup Node
uses: actions/setup-node@v1
with:
node-version: ${{ env.NODEVERSION }}
registry-url: https://registry.npmjs.org
- name: Setup Java
if: matrix.language == 'java'
uses: actions/setup-java@v3
with:
cache: gradle
distribution: temurin
java-version: ${{ env.JAVAVERSION }}
- name: Setup Gradle
if: matrix.language == 'java'
uses: gradle/gradle-build-action@v2
with:
gradle-version: "7.6"
- name: Install Yarn
run: curl -o- -L https://yarnpkg.com/install.sh | bash -s -- --version 1.13.0
- name: Update PATH for Yarn
run: |
echo "$HOME/.yarn/bin" >> $GITHUB_PATH
echo "$HOME/.config/yarn/global/node_modules/.bin" >> $GITHUB_PATH
- name: Build SDK
run: make build_${{ matrix.language }}
- name: Check worktree clean
run: ./ci-scripts/ci/check-worktree-is-clean
- name: Compress NodeJS SDK folder
if: matrix.language == 'nodejs'
run: tar -zcf ${{ matrix.language }}.tar.gz -C ${{ matrix.language }}/ .
- name: Upload NodeJS artifacts
if: matrix.language == 'nodejs'
uses: actions/upload-artifact@v2
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/${{ matrix.language }}.tar.gz
- name: Compress Other Lang SDK folder
if: matrix.language != 'nodejs'
run: tar -zcf sdk/${{ matrix.language }}.tar.gz -C sdk/${{ matrix.language }}/ .
- name: Upload Other Lang artifacts
if: matrix.language != 'nodejs'
uses: actions/upload-artifact@v2
with:
name: ${{ matrix.language }}-sdk.tar.gz
path: ${{ github.workspace}}/sdk/${{ matrix.language }}.tar.gz
strategy:
fail-fast: true
matrix:
language:
- nodejs
# - python
# - dotnet
# - go
# - java

record:
name: record
runs-on: pulumi-ubuntu-8core
permissions:
contents: read
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@v3
with:
ref: ${{ github.ref }}
- name: Checkout Scripts Repo
uses: actions/checkout@v3
with:
path: ci-scripts
repository: pulumi/scripts
- name: Unshallow clone for tags
run: git fetch --prune --unshallow --tags
- name: Install Go
uses: actions/setup-go@v4
with:
cache-dependency-path: |
sdk/go.sum
go-version: 1.21.x
- name: Install Kubectl
run: |
curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl
chmod +x ./kubectl
sudo mv kubectl /usr/local/bin
- name: Install awscli
run: |
python -m pip install --upgrade pip
pip install awscli --upgrade
- name: Install pulumictl
uses: jaxxstorm/action-install-gh-release@v1.5.0
with:
repo: pulumi/pulumictl
- name: Install Pulumi CLI
uses: pulumi/action-install-pulumi-cli@v2

- name: Download provider binary
uses: actions/download-artifact@v2
with:
name: ${{ env.PROVIDER }}-provider.tar.gz
path: ${{ github.workspace }}/bin
- name: Untar provider binaries
run:
tar -zxf ${{ github.workspace }}/bin/provider.tar.gz -C ${{ github.workspace }}/bin
- name: Restore binary perms
run:
find ${{ github.workspace }} -name "pulumi-*-${{ env.PROVIDER }}" -print
-exec chmod +x {} \;
- name: Update path
run: echo "${{ github.workspace }}/bin" >> $GITHUB_PATH
- name: Download SDK
uses: actions/download-artifact@v2
with:
name: nodejs-sdk.tar.gz
path: ${{ github.workspace}}
- name: Uncompress SDK folder
run: tar -zxf ${{ github.workspace}}/nodejs.tar.gz -C ${{github.workspace}}/nodejs
- name: Install dependencies
run: make install_nodejs_sdk

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-region: ${{ env.AWS_REGION }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-duration-seconds: 7200
role-session-name: ${{ env.PROVIDER }}@githubActions
role-to-assume: ${{ secrets.AWS_CI_ROLE_ARN }}
- name: Configure AWS CLI
run: |
aws configure set default.aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }}
aws configure set default.aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws configure set aws_access_key_id ${{ secrets.ALT_AWS_ACCESS_KEY_ID }} --profile ${{ secrets.ALT_AWS_PROFILE }}
aws configure set aws_secret_access_key ${{ secrets.ALT_AWS_SECRET_ACCESS_KEY }} --profile ${{ secrets.ALT_AWS_PROFILE }}
- name: Link nodejs binary for testing
run: |
cd ${{ github.workspace }}/bin
yarn install && yarn link @pulumi/eks
# - if: contains(github.ref, 'snapshot') || contains(github.head_ref, 'snapshot')
- name: Record provider test snapshots
run: |
cd provider && go test -tags nodejs -run '${{ inputs.runTests }}' -provider-snapshot -v -json -count=1 -cover -timeout 2h -parallel 5 . 2>&1 | tee /tmp/gotest.log | gotestfmt
- if: contains(github.ref, 'snapshot') || contains(github.head_ref, 'snapshot')
name: Open a PR with newly recorded test snapshots
id: create-pr
uses: peter-evans/create-pull-request@v5
with:
author: Pulumi Bot <bot@pulumi.com>
body: "Recording fresh test snapshots."
branch: "update-provider-test-snapshots-${{ github.run_number }}"
committer: Pulumi Bot <bot@pulumi.com>
commit-message: "[internal] Update provider test snapshots for ${{ inputs.runTests }}"
labels: "impact/no-changelog-required"
title: "Update Provider Test Snapshots"
token: ${{ secrets.PULUMI_BOT_TOKEN }}
base: master

0 comments on commit 379922e

Please sign in to comment.