Update GitHub Actions workflows. (#869) #460

Workflow file for this run

	# WARNING: This file is autogenerated - changes will be overwritten when regenerated by https://github.com/pulumi/ci-mgmt

	env:
	PULUMI_API: https://api.pulumi-staging.io
	PULUMI_GO_DEP_ROOT: ${{ github.workspace }}/..
	PULUMI_LOCAL_NUGET: ${{ github.workspace }}/nuget
	TF_APPEND_USER_AGENT: pulumi

	jobs:
	prerequisites:
	permissions:
	contents: read
	pull-requests: write
	id-token: write # For ESC secrets.
	uses: ./.github/workflows/prerequisites.yml
	secrets: inherit
	with:
	default_branch: ${{ github.event.repository.default_branch }}
	is_pr: ${{ github.event_name == 'pull_request' }}
	is_automated: ${{ github.actor == 'dependabot[bot]' }}

	build_provider:
	uses: ./.github/workflows/build_provider.yml
	needs: prerequisites
	secrets: inherit
	permissions:
	contents: read
	id-token: write # For ESC secrets.
	with:
	version: ${{ needs.prerequisites.outputs.version }}

	build_sdk:
	name: build_sdk
	needs: prerequisites
	uses: ./.github/workflows/build_sdk.yml
	secrets: inherit
	permissions:
	contents: write # For Renovate SDKs.
	id-token: write # For ESC secrets.
	with:
	version: ${{ needs.prerequisites.outputs.version }}

	post_build:
	name: post_build
	needs: prerequisites
	uses: ./.github/workflows/main-post-build.yml
	secrets: inherit
	permissions:
	contents: write # For Renovate SDKs.
	id-token: write # For ESC secrets.
	with:
	version: ${{ needs.prerequisites.outputs.version }}

	lint:
	name: lint
	uses: ./.github/workflows/lint.yml
	secrets: inherit
	license_check:
	name: License Check
	uses: ./.github/workflows/license.yml
	secrets: inherit

	publish:
	name: publish
	permissions:
	contents: write
	id-token: write
	needs:
	- prerequisites
	- build_provider
	- test
	- license_check
	uses: ./.github/workflows/publish.yml
	secrets: inherit
	with:
	version: ${{ needs.prerequisites.outputs.version }}
	isPrerelease: true
	skipGoSdk: true
	skipJavaSdk: true

	tag_release_if_labeled_needs_release:
	name: Tag release if labeled as needs-release
	needs: publish
	runs-on: ubuntu-latest
	permissions:
	contents: read
	id-token: write # For ESC secrets.
	steps:
	- name: Checkout Repo
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
	with:
	persist-credentials: false
	- env:
	ESC_ACTION_ENVIRONMENT: github-secrets/${{ github.repository_owner }}-${{ github.event.repository.name }}
	ESC_ACTION_EXPORT_ENVIRONMENT_VARIABLES: "false"
	ESC_ACTION_OIDC_AUTH: "true"
	ESC_ACTION_OIDC_ORGANIZATION: pulumi
	ESC_ACTION_OIDC_REQUESTED_TOKEN_TYPE: urn:pulumi:token-type:access_token:organization
	id: esc-secrets
	name: Fetch secrets from ESC
	uses: pulumi/esc-action@9eb774255b1a4afb7855678ae8d4a77359da0d9b
	- name: check if this commit needs release
	if: ${{ env.RELEASE_BOT_ENDPOINT != '' }}
	uses: pulumi/action-release-by-pr-label@main
	with:
	command: "release-if-needed"
	repo: ${{ github.repository }}
	commit: ${{ github.sha }}
	slack_channel: C02MGR8JVST
	env:
	RELEASE_BOT_ENDPOINT: ${{ steps.esc-secrets.outputs.RELEASE_BOT_ENDPOINT }}
	RELEASE_BOT_KEY: ${{ steps.esc-secrets.outputs.RELEASE_BOT_KEY }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	test:
	uses: ./.github/workflows/test.yml
	needs:
	- prerequisites
	- build_provider
	- build_sdk
	permissions:
	contents: read
	id-token: write
	secrets: inherit
	with:
	version: ${{ needs.prerequisites.outputs.version }}

	name: master
	on:
	workflow_dispatch: {}
	push:
	branches:
	- master
	paths-ignore:
	- "**.md"
	tags-ignore:
	- v*
	- sdk/*
	- "**"

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update GitHub Actions workflows. (#869) #460

Workflow file

Update GitHub Actions workflows. (#869) #460

Uh oh!

Jobs

Run details

Workflow file for this run