From a85efeea0e9f74a283adfee0c6ba43966182b6d2 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:18:17 -0500 Subject: [PATCH 01/15] First pass at automating keeping pulumi-aws updated --- .github/workflows/awsx-upgrade-aws.yml | 59 ++++++++++++++++++++++++++ scripts/get-latest-aws-version.sh | 6 +++ 2 files changed, 65 insertions(+) create mode 100644 .github/workflows/awsx-upgrade-aws.yml create mode 100644 scripts/get-latest-aws-version.sh diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml new file mode 100644 index 000000000..89550e6b5 --- /dev/null +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -0,0 +1,59 @@ +name: awsx-upgrade-aws + +description: | + This weekly workflow creates Pull Requests to upgrade pulumi-aws dependency. + + This dependency is a critical part of the AWSX project and should be kept up-to-date to inherit all the fixes and + improvements done upstream. + +on: + schedule: + # Every Monday at 11AM UTC + - cron: 0 11 * * 1 + + # This stanza permits manual execution of the workflow. + workflow_dispatch: {} + +jobs: + + upgrade-aws: + runs-on: ubuntu-latest + + steps: + - name: Checkout Repo + uses: actions/checkout@v4 + + - name: Upgrade pulumi-aws dependency + id: upgrade + run: | + VERSION=$(./scripts/get-latest-aws-version.sh) + echo "Upgrading pulumi-aws to $VERSION" + ./scripts/upgrade-aws.sh "$VERSION" + echo "Upgraded pulumi-aws to $VERSION" + + if ! git diff-files --quiet; then + echo changes=1 >> "$GITHUB_OUTPUT" + echo version=$VERSION >> "$GITHUB_OUTPUT" + else + echo "No changes detected. Exiting." + fi + + - name: Commit changes + if: steps.upgrade.outputs.changes != 0 + env: + PULUMI_AWS_VERSION: ${{ steps.upgrade.outputs.version }} + run: | + branch="update-pulumi-aws/$PULUMI_AWS_VERSION-${{ github.run_id }}-${{ github.run_number }}" + msg="Update pulumi/pulumi-aws version to $PULUMI_AWS_VERSION" + git add . + git commit -m "msg" + git push origin "$branch" + + - name: Create a Pull Request + if: steps.upgrade.outputs.changes != 0 + env: + GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} + PULUMI_AWS_VERSION: ${{ steps.upgrade.outputs.version }} + run: | + title="Update pulumi/pulumi-aws version to $PULUMI_AWS_VERSION" + gh pr create --title "$title" --body "$title" diff --git a/scripts/get-latest-aws-version.sh b/scripts/get-latest-aws-version.sh new file mode 100644 index 000000000..bbad92021 --- /dev/null +++ b/scripts/get-latest-aws-version.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +set -euo pipefail + +pulumi plugin install resource aws +pulumi plugin ls --json | jq -r '.[]|select(.name=="aws")|.version' From 526d89e305dd72ab56b52cddecf811fb05af3ed7 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:19:39 -0500 Subject: [PATCH 02/15] Test --- .github/workflows/awsx-upgrade-aws.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index 89550e6b5..70dcdc745 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -14,6 +14,9 @@ on: # This stanza permits manual execution of the workflow. workflow_dispatch: {} + # Temporarily to test the workflow run it on PRs: + pull_request: {} + jobs: upgrade-aws: From df5011ce216a91e047e0a27320afb7c37ed88788 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:20:34 -0500 Subject: [PATCH 03/15] Make scripts executable --- scripts/get-latest-aws-version.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 scripts/get-latest-aws-version.sh diff --git a/scripts/get-latest-aws-version.sh b/scripts/get-latest-aws-version.sh old mode 100644 new mode 100755 From f6ad960958f57f75fea9fbd5024437ed3c59b5b2 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:23:48 -0500 Subject: [PATCH 04/15] Install missing pulumictl --- .github/workflows/awsx-upgrade-aws.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index 70dcdc745..7a722d1fb 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -26,6 +26,11 @@ jobs: - name: Checkout Repo uses: actions/checkout@v4 + - name: Install pulumictl + uses: jaxxstorm/action-install-gh-release@v1.10.0 + with: + repo: pulumi/pulumictl + - name: Upgrade pulumi-aws dependency id: upgrade run: | From bb47b8646592fa8f58e987a7d00a689621d65b59 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:32:40 -0500 Subject: [PATCH 05/15] Improve the script for upgrading AWS --- scripts/upgrade-aws.sh | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/scripts/upgrade-aws.sh b/scripts/upgrade-aws.sh index aa71da0a3..37590c889 100755 --- a/scripts/upgrade-aws.sh +++ b/scripts/upgrade-aws.sh @@ -10,6 +10,11 @@ VER="$1" echo "V=$VER" -(cd awsx && yarn add "@pulumi/aws@$VER") +# Strips the v from the version to get the correct npm version. +(cd awsx && yarn upgrade @pulumi/aws@${VER#v}) -make build_sdks +# Deduplicate the dependencies. +(cd awsx && yarn run dedupe-deps) + +# Ensure that we don't have any duplicate dependencies. +(cd awsx && yarn run check-duplicate-deps) From 70676471df8b1a144cc03edfa4e2cbcb656a5011 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:32:51 -0500 Subject: [PATCH 06/15] Prepare Git for committing --- .github/workflows/awsx-upgrade-aws.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index 7a722d1fb..4451d5279 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -31,6 +31,10 @@ jobs: with: repo: pulumi/pulumictl + - name: Prepare Git configuration + git config --local user.email 'bot@pulumi.com' + git config --local user.name 'pulumi-bot' + - name: Upgrade pulumi-aws dependency id: upgrade run: | From d18562bc9dfd304878a550ee2bd83017c1d71da7 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:33:40 -0500 Subject: [PATCH 07/15] Link workflow back to the new PR --- .github/workflows/awsx-upgrade-aws.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index 4451d5279..0c4bf439a 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -68,4 +68,4 @@ jobs: PULUMI_AWS_VERSION: ${{ steps.upgrade.outputs.version }} run: | title="Update pulumi/pulumi-aws version to $PULUMI_AWS_VERSION" - gh pr create --title "$title" --body "$title" + gh pr create --title "$title" --body "$title\n\nPR prepared by `awsx-upgrade-aws.yml` workflow." From b68eb2189683848b15a82ba249d159afc8427bd0 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:35:08 -0500 Subject: [PATCH 08/15] Fix YAML syntax --- .github/workflows/awsx-upgrade-aws.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index 0c4bf439a..f5ee59c0f 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -32,8 +32,9 @@ jobs: repo: pulumi/pulumictl - name: Prepare Git configuration - git config --local user.email 'bot@pulumi.com' - git config --local user.name 'pulumi-bot' + run: | + git config --local user.email 'bot@pulumi.com' + git config --local user.name 'pulumi-bot' - name: Upgrade pulumi-aws dependency id: upgrade From fa40885863c4ac51df87fed50daecaf12ba91bcc Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:38:18 -0500 Subject: [PATCH 09/15] Bring back rebuilding the SDKs --- scripts/upgrade-aws.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/upgrade-aws.sh b/scripts/upgrade-aws.sh index 37590c889..904b3232b 100755 --- a/scripts/upgrade-aws.sh +++ b/scripts/upgrade-aws.sh @@ -18,3 +18,6 @@ echo "V=$VER" # Ensure that we don't have any duplicate dependencies. (cd awsx && yarn run check-duplicate-deps) + +# Rebulid the SDKs, which will also rebuild the schema and all other files. +make build_sdks From e17b312df009f67773212e0616c8fc270d353642 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:40:08 -0500 Subject: [PATCH 10/15] Allow `gh` to push the branch as needed --- .github/workflows/awsx-upgrade-aws.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index f5ee59c0f..ec6b31b0a 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -60,7 +60,6 @@ jobs: msg="Update pulumi/pulumi-aws version to $PULUMI_AWS_VERSION" git add . git commit -m "msg" - git push origin "$branch" - name: Create a Pull Request if: steps.upgrade.outputs.changes != 0 From 960445d8e79e0c18907fa0139b4b49b307fec8a6 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:44:26 -0500 Subject: [PATCH 11/15] Fix Git branching --- .github/workflows/awsx-upgrade-aws.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index ec6b31b0a..04020b328 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -58,6 +58,8 @@ jobs: run: | branch="update-pulumi-aws/$PULUMI_AWS_VERSION-${{ github.run_id }}-${{ github.run_number }}" msg="Update pulumi/pulumi-aws version to $PULUMI_AWS_VERSION" + git branch "$branch" + git checkout "$branch" git add . git commit -m "msg" From 28c32c36bb635f1f81bd51558bff49455dd75e6c Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:48:27 -0500 Subject: [PATCH 12/15] Pass --head so that `gh` pushes the branch --- .github/workflows/awsx-upgrade-aws.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index 04020b328..1fb9d662b 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -69,5 +69,9 @@ jobs: GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }} PULUMI_AWS_VERSION: ${{ steps.upgrade.outputs.version }} run: | + branch="update-pulumi-aws/$PULUMI_AWS_VERSION-${{ github.run_id }}-${{ github.run_number }}" title="Update pulumi/pulumi-aws version to $PULUMI_AWS_VERSION" - gh pr create --title "$title" --body "$title\n\nPR prepared by `awsx-upgrade-aws.yml` workflow." + gh pr create \ + --title "$title" \ + --body "$title\n\nPR prepared by `awsx-upgrade-aws.yml` workflow." \ + --head "$branch" From 836a99f203344b0b291fddd386e592b601609a96 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 17:57:50 -0500 Subject: [PATCH 13/15] Attempt 2 --- .github/workflows/awsx-upgrade-aws.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index 1fb9d662b..cdfb14825 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -62,6 +62,7 @@ jobs: git checkout "$branch" git add . git commit -m "msg" + git push origin "$branch" - name: Create a Pull Request if: steps.upgrade.outputs.changes != 0 From 73ab59f7f0920e836e3db3c97c90dcd28ced1ad5 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 18:02:35 -0500 Subject: [PATCH 14/15] Cosmetic fixes --- .github/workflows/awsx-upgrade-aws.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index cdfb14825..260afd107 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -61,7 +61,7 @@ jobs: git branch "$branch" git checkout "$branch" git add . - git commit -m "msg" + git commit -m "$msg" git push origin "$branch" - name: Create a Pull Request @@ -74,5 +74,5 @@ jobs: title="Update pulumi/pulumi-aws version to $PULUMI_AWS_VERSION" gh pr create \ --title "$title" \ - --body "$title\n\nPR prepared by `awsx-upgrade-aws.yml` workflow." \ + --body "$title" \ --head "$branch" From c359d0674d4e444f2177f2d0f8308f626819f138 Mon Sep 17 00:00:00 2001 From: Anton Tayanovskyy Date: Tue, 5 Nov 2024 18:04:07 -0500 Subject: [PATCH 15/15] Remove temp PR trigger --- .github/workflows/awsx-upgrade-aws.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/awsx-upgrade-aws.yml b/.github/workflows/awsx-upgrade-aws.yml index 260afd107..b9604c74b 100644 --- a/.github/workflows/awsx-upgrade-aws.yml +++ b/.github/workflows/awsx-upgrade-aws.yml @@ -14,9 +14,6 @@ on: # This stanza permits manual execution of the workflow. workflow_dispatch: {} - # Temporarily to test the workflow run it on PRs: - pull_request: {} - jobs: upgrade-aws: