pulumi/.github/workflows/release.yml

on:
  push:
    tags:
      - v*.*.*
    paths-ignore:
      - 'CHANGELOG.md'
      - 'CHANGELOG_PENDING.md'
      - 'README.md'
env:
  PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_PROD_ACCESS_TOKEN }}
  GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
  PULUMI_TEST_OWNER: "moolumi"
  GO111MODULE: "on"
  NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
  NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
  NUGET_PUBLISH_KEY: ${{ secrets.NUGET_PUBLISH_KEY }}
  PYPI_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
  TRAVIS_PUBLISH_PACKAGES: true

jobs:
  templates_smoke_test:
    name: Trigger Templates Smoke Test
    runs-on: ubuntu-latest
    needs: publish-sdks
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.1.0
        with:
          repo: pulumi/pulumictl
      - name: Repository Dispatch
        run: |
          pulumictl dispatch -r pulumi/templates -c trigger-cron $(pulumictl get version --language generic -o)          
        env:
          GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN}}
  examples_smoke_test:
    name: Trigger Examples Smoke Test
    runs-on: ubuntu-latest
    needs: publish-sdks
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.1.0
        with:
          repo: pulumi/pulumictl
      - name: Repository Dispatch
        run: |
          pulumictl dispatch -r pulumi/examples -c smoke-test-cli $(pulumictl get version --language generic -o)          
        env:
          GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN}}
  chocolatey:
    name: Chocolatey update
    runs-on: ubuntu-latest
    needs: publish-sdks
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.1.0
        with:
          repo: pulumi/pulumictl
      - name: Repository Dispatch
        run: |
          pulumictl create choco-deploy $(pulumictl get version --language generic -o)          
        env:
          GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN}}
  docker:
    name: Build Slim Docker Images
    runs-on: ubuntu-latest
    needs: [publish-sdks, verify-containers]
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.1.0
        with:
          repo: pulumi/pulumictl
      - name: Repository Dispatch
        run: |
          pulumictl create containers $(pulumictl get version --language generic -o)          
        env:
          GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN}}
  docs:
    name: Build Package Docs
    runs-on: ubuntu-latest
    needs: publish-sdks
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.1.0
        with:
          repo: pulumi/pulumictl
      - name: Repository Dispatch
        run: |
          pulumictl create cli-docs-build $(pulumictl get version --language generic -o)          
        env:
          GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN}}
  homebrew:
    name: Update Homebrew
    runs-on: macos-latest
    needs: publish-sdks
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.1.0
        with:
          repo: pulumi/pulumictl
      - name: Repository Dispatch
        run: |
          pulumictl create homebrew-bump $(pulumictl get version --language generic -o) ${{ github.sha }}          
        env:
          GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN}}
  publish-sdks:
    name: Publish SDKs
    runs-on: ubuntu-latest
    needs: publish-binaries
    strategy:
      matrix:
        go-version: [ 1.15.x ]
        python-version: [ 3.9.x ]
        dotnet-version: [ 3.1.x ]
        node-version: [ 14.x ]
        language: [ "nodejs", "python", "dotnet" ]
    steps:
      - name: Set up Go ${{ matrix.go-version }}
        uses: actions/setup-go@v1
        with:
          go-version: ${{ matrix.go-version }}
      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v1
        with:
          python-version: ${{ matrix.python-version }}
      - name: Set up DotNet ${{ matrix.dotnet-version }}
        uses: actions/setup-dotnet@v1
        with:
          dotnet-version: ${{ matrix.dotnet-version }}
      - name: Set up Node ${{ matrix.node-version }}
        uses: actions/setup-node@v1
        with:
          node-version: ${{ matrix.node-version }}
          registry-url: https://registry.npmjs.org
          always-auth: true
      - name: Install pipenv
        uses: dschep/install-pipenv-action@v1
      - name: Install Twine
        run: python -m pip install pip twine
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Fetch Tags
        run: |
          git fetch --quiet --prune --unshallow --tags          
      - name: Update path
        run: |
          echo "${{ runner.temp }}/opt/pulumi/bin" >> $GITHUB_PATH          
      - name: Set Go Dep path
        run: |
          echo "PULUMI_GO_DEP_ROOT=$(dirname $(pwd))" >> $GITHUB_ENV          
      - name: Ensure
        run: |
          make ensure          
      - name: Publish Packages
        env:
          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
        run: |
          make -C sdk/${{ matrix.language}} publish          
  publish-binaries:
    name: Publish Binaries
    runs-on: macos-latest
    needs: [build-and-test, windows-release]
    strategy:
      matrix:
        go-version: [ 1.15.x ]
    steps:
      - name: Set up Go ${{ matrix.go-version }}
        uses: actions/setup-go@v1
        with:
          go-version: ${{ matrix.go-version }}
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Fetch Tags
        run: |
          git fetch --quiet --prune --unshallow --tags          
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.1.0
        with:
          repo: pulumi/pulumictl
      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v1
        with:
          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
          aws-region: us-east-2
          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          role-duration-seconds: 3600
          role-external-id: upload-pulumi-release
          role-session-name: pulumi@githubActions
          role-to-assume: ${{ secrets.AWS_UPLOAD_ROLE_ARN }}
      - name: Set Release Version
        run: |
          echo "GORELEASER_CURRENT_TAG=v$(pulumictl get version --language generic -o)" >> $GITHUB_ENV          
      - name: Run GoReleaser
        uses: goreleaser/goreleaser-action@v2
        with:
          version: latest
          args: -f .goreleaser.yml --rm-dist --release-notes=CHANGELOG_PENDING.md
  lint:
    container: golangci/golangci-lint:latest
    name: Lint ${{ matrix.directory }}
    strategy:
      matrix:
        directory: [ sdk, pkg, tests ]
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Lint ${{ matrix.directory }}
        run: |
          cd ${{ matrix.directory }} && golangci-lint run -c ../.golangci.yml          
  build-and-test:
    name: Build & Test
    strategy:
      matrix:
        platform: [ ubuntu-latest, macos-latest ]
        go-version: [1.15.x]
        python-version: [ 3.9.x ]
        dotnet-version: [ 3.1.x ]
        node-version: [ 14.x ]
    runs-on: ${{ matrix.platform }}
    steps:
      - name: Set up Go ${{ matrix.go-version }}
        uses: actions/setup-go@v1
        with:
          go-version: ${{ matrix.go-version }}
      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v1
        with:
          python-version: ${{ matrix.python-version }}
      - name: Set up DotNet ${{ matrix.dotnet-version }}
        uses: actions/setup-dotnet@v1
        with:
          dotnet-version: ${{ matrix.dotnet-version }}
      - name: Set up Node ${{ matrix.node-version }}
        uses: actions/setup-node@v1
        with:
          node-version: ${{ matrix.node-version }}
      - name: Install pipenv
        uses: dschep/install-pipenv-action@v1
      - name: Setup git
        run: |
          git config --global user.email "you@example.com"
          git config --global user.name "Your Name"          
      - name: Update path
        run: |
          echo "${{ runner.temp }}/opt/pulumi/bin" >> $GITHUB_PATH          
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Fetch Tags
        run: |
          git fetch --quiet --prune --unshallow --tags          
      - name: Set Go Dep path
        run: |
          echo "PULUMI_GO_DEP_ROOT=$(dirname $(pwd))" >> $GITHUB_ENV          
      - name: Ensure
        run: |
          make ensure          
      - name: Dist
        run: |
          make dist          
        env:
          PULUMI_NODE_MODULES: ${{ runner.temp }}/opt/pulumi/node_modules
          PULUMI_LOCAL_NUGET: ${{ runner.temp }}/opt/pulumi/nuget
          PULUMI_ROOT: ${{ runner.temp }}/opt/pulumi
      - name: Install
        run: |
          make install_all          
        env:
          PULUMI_NODE_MODULES: ${{ runner.temp }}/opt/pulumi/node_modules
          PULUMI_LOCAL_NUGET: ${{ runner.temp }}/opt/pulumi/nuget
          PULUMI_ROOT: ${{ runner.temp }}/opt/pulumi
      - name: Test
        run: |
          make test_all          
        env:
          PULUMI_NODE_MODULES: ${{ runner.temp }}/opt/pulumi/node_modules
          PULUMI_LOCAL_NUGET: ${{ runner.temp }}/opt/pulumi/nuget
          PULUMI_ROOT: ${{ runner.temp }}/opt/pulumi
  windows-release:
    name: Windows Build + Release
    strategy:
      matrix:
        go-version: [1.15.x]
        node-version: [14.x]
        python-version: [3.9.x]
        dotnet: [3.1.x]
    runs-on: windows-latest
    env:
      GOPATH: ${{ github.workspace }}
      PULUMI_LOCAL_NUGET: "D:\\Pulumi\\nuget"
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID_LEGACY }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY_LEGACY }}
      ACTIONS_ALLOW_UNSECURE_COMMANDS: true
    steps:
      - name: Install DotNet ${{ matrix.dotnet }}
        uses: actions/setup-dotnet@v1
        with:
          dotnet-version: ${{ matrix.dotnet }}
      - name: Use Node.js ${{ matrix.node-version }}
        uses: actions/setup-node@v1
        with:
          node-version: ${{ matrix.node-version }}
      - name: Set up Go ${{ matrix.go-version }}
        uses: actions/setup-go@v1
        with:
          go-version: ${{ matrix.go-version }}
      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v2
        with:
          python-version: ${{ matrix.python-version }}
      - name: Clean
        run: dotnet nuget locals all --clear
      - name: Install Python Deps
        run: |
          pip3 install pyenv-win
          pip3 install pipenv          
      - name: Set Build Env Vars
        shell: bash
        run: |
          echo "D:\\Pulumi\\bin" >> $GITHUB_PATH          
      - name: Install AWS CLI Tools
        uses: chrislennon/action-aws-cli@v1.1
      - name: Check out scripts repo into the Go module directory
        uses: actions/checkout@v2
        with:
          repository: pulumi/scripts
          path: ./src/github.com/pulumi/scripts
      - name: Check out code into the Go module directory
        uses: actions/checkout@v2
        with:
          path: ./src/github.com/${{ github.repository }}
      - name: Fetch Tags
        run: |
          cd ./src/github.com/${{ github.repository }} && git fetch --quiet --prune --unshallow --tags          
      - name: Get dependencies
        run: |
          cd src\github.com\${{ github.repository }}
          pushd .
          cd sdk
          go mod tidy
          go mod download
          popd
          pushd .
          cd pkg
          go mod tidy
          go mod download
          popd
          pushd .
          cd tests
          go mod tidy
          go mod download
          popd          
      - name: Publish Binary
        run: |
          cd src\github.com\${{ github.repository }}
          dotnet msbuild /t:ReleaseProcess /v:Detailed build.proj /p:PulumiRoot="D:\\Pulumi"          
  verify-containers:
    name: Run Container Tests
    needs: [publish-binaries, publish-sdks]
    strategy:
      matrix:
        go-version: [1.15.x]
        python-version: [ 3.9.x ]
        dotnet-version: [ 3.1.x ]
        node-version: [ 14.x ]
    runs-on: ubuntu-latest
    steps:
      - name: Set up Go ${{ matrix.go-version }}
        uses: actions/setup-go@v1
        with:
          go-version: ${{ matrix.go-version }}
      - name: Install pulumictl
        uses: jaxxstorm/action-install-gh-release@v1.1.0
        with:
          repo: pulumi/pulumictl
      - name: Checkout Repo
        uses: actions/checkout@v2
      - name: Fetch Tags
        run: |
          git fetch --quiet --prune --unshallow --tags          
      - name: Run Container Tests
        run: make test_containers VERSION=v$(pulumictl get version --language generic -o)