Merge pull request #42 from 1Password/andi/fix-installation-configura… #19
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| on: | |
| push: | |
| tags: | |
| - v*.*.* | |
| env: | |
| # THIS GITHUB_TOKEN IS A REQUIREMENT TO BE ABLE TO WRITE TO GH RELEASES | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # IF YOU NEED TO PUBLISH A NPM PACKAGE THEN ENSURE A NPM_TOKEN SECRET IS SET | |
| # AND PUBLISH_NPM: TRUE. IF YOU WANT TO PUBLISH TO A PRIVATE NPM REGISTRY | |
| # THEN ENSURE THE NPM_REGISTRY_URL IS CHANGED | |
| NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| NPM_TOKEN: ${{ secrets.NPM_TOKEN }} | |
| PUBLISH_NPM: true | |
| NPM_REGISTRY_URL: https://registry.npmjs.org | |
| # Skip NuGet publishing for now. | |
| # IF YOU NEED TO PUBLISH A NUGET PACKAGE THEN ENSURE AN NUGET_PUBLISH_KEY | |
| # SECRET IS SET AND PUBLISH_NUGET: TRUE. IF YOU WANT TO PUBLISH TO AN ALTERNATIVE | |
| # NUGET FEED THEN ENSURE THE NUGET_FEED_URL IS CHANGED. | |
| # NUGET_PUBLISH_KEY: ${{ YOUR NUGET PUBLISH KEY HERE }} | |
| NUGET_FEED_URL: https://api.nuget.org/v3/index.json | |
| PUBLISH_NUGET: false | |
| # IF YOU NEED TO PUBLISH A PYPI PACKAGE SET PUBLISH_PYPI: TRUE AND CHANGE PYPI_PASSWORD, PYPI_USERNAME TO YOUR CREDENTIALS. | |
| # IF YOU WANT TO PUBLISH TO AN ALTERNATIVE PYPI REGISTRY THEN ENSURE THE PYPI_REPOSITORY_URL IS SET. | |
| PYPI_USERNAME: __token__ | |
| PYPI_PASSWORD: ${{ secrets.PYPI_API_TOKEN }} | |
| PYPI_REPOSITORY_URL: "" | |
| PUBLISH_PYPI: true | |
| jobs: | |
| publish_binary: | |
| name: publish | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| - name: Unshallow clone for tags | |
| run: git fetch --prune --unshallow --tags | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ matrix.goversion }} | |
| - name: Install pulumictl | |
| uses: jaxxstorm/action-install-gh-release@v1 | |
| with: | |
| repo: pulumi/pulumictl | |
| - name: Set PreRelease Version | |
| run: echo "GORELEASER_CURRENT_TAG=v$(pulumictl get version --language generic)" >> $GITHUB_ENV | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@v5 | |
| with: | |
| args: -p 3 release --rm-dist | |
| version: latest | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| goversion: | |
| - 1.21.x | |
| publish_sdk: | |
| name: Publish SDKs | |
| runs-on: ubuntu-latest | |
| needs: publish_binary | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@v4 | |
| - name: Unshallow clone for tags | |
| run: git fetch --prune --unshallow --tags | |
| - name: Install Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ matrix.goversion }} | |
| - name: Install pulumictl | |
| uses: jaxxstorm/action-install-gh-release@v1 | |
| with: | |
| repo: pulumi/pulumictl | |
| - name: Install pulumi | |
| uses: pulumi/actions@v5 | |
| - name: Setup Node | |
| uses: actions/setup-node@v4 | |
| with: | |
| node-version: ${{ matrix.nodeversion }} | |
| registry-url: ${{ env.NPM_REGISTRY_URL }} | |
| - name: Setup DotNet | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{ matrix.dotnetverson }} | |
| - name: Setup Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.pythonversion }} | |
| - name: Build SDK | |
| run: make build_${{ matrix.language }} | |
| # Usually there are no Git diffs produced in the pipeline, however there are currently two files manually excluded | |
| # (see below) since the `make tfgen` and `make build_sdks` commands both produce small Git diffs due to a bug in the | |
| # Pulumi code generation process where the custom package name is not being used: | |
| # https://github.com/pulumi/pulumi/issues/15979 | |
| - name: Check worktree clean | |
| run: | | |
| git update-index -q --refresh | |
| if ! git diff-files --quiet \ | |
| ':(exclude)provider/cmd/pulumi-resource-onepassword/schema.json' \ | |
| ':(exclude)sdk/nodejs/getItem.ts' \ | |
| ':(exclude)sdk/nodejs/getVault.ts'; then | |
| >&2 echo "error: working tree is not clean, aborting!" | |
| git status | |
| git diff | |
| exit 1 | |
| fi | |
| - if: ${{ matrix.language == 'python' && env.PUBLISH_PYPI == 'true' }} | |
| name: Publish to PyPI | |
| uses: pypa/gh-action-pypi-publish@release/v1 | |
| with: | |
| user: ${{ env.PYPI_USERNAME }} | |
| password: ${{ env.PYPI_PASSWORD }} | |
| packages-dir: ${{github.workspace}}/sdk/python/bin/dist | |
| - if: ${{ matrix.language == 'nodejs' && env.PUBLISH_NPM == 'true' }} | |
| name: Publish to NPM | |
| uses: JS-DevTools/npm-publish@v3 | |
| with: | |
| access: "public" | |
| token: ${{ env.NPM_TOKEN }} | |
| package: ${{github.workspace}}/sdk/nodejs/bin/package.json | |
| - if: ${{ matrix.language == 'dotnet' && env.PUBLISH_NUGET == 'true' }} | |
| name: Publish to NuGet | |
| run: | | |
| dotnet nuget push ${{github.workspace}}/sdk/dotnet/bin/Debug/*.nupkg -s ${{ env.NUGET_FEED_URL }} -k ${{ env.NUGET_PUBLISH_KEY }} | |
| echo "done publishing packages" | |
| strategy: | |
| fail-fast: true | |
| matrix: | |
| dotnetversion: | |
| - 3.1.301 | |
| goversion: | |
| - 1.21.x | |
| language: | |
| - nodejs | |
| - python | |
| - dotnet | |
| - go | |
| nodeversion: | |
| - 20.x | |
| pythonversion: | |
| - "3.9" |