Automate PRs that update the pulumi-aws dependency

.github/workflows/awsx-upgrade-aws.yml

@@ -0,0 +1,75 @@
+name: awsx-upgrade-aws
+
+description: |
+  This weekly workflow creates Pull Requests to upgrade pulumi-aws dependency.
+
+  This dependency is a critical part of the AWSX project and should be kept up-to-date to inherit all the fixes and
+  improvements done upstream.
+
+on:
+  schedule:
+    # Every Monday at 11AM UTC
+    - cron: 0 11 * * 1
+
+  # This stanza permits manual execution of the workflow.
+  workflow_dispatch: {}
+
+jobs:
+
+  upgrade-aws:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4
+
+      - name: Install pulumictl
+        uses: jaxxstorm/[email protected]
+        with:
+          repo: pulumi/pulumictl
+
+      - name: Prepare Git configuration
+        run: |
+          git config --local user.email '[email protected]'
+          git config --local user.name 'pulumi-bot'
+
+      - name: Upgrade pulumi-aws dependency
+        id: upgrade
+        run: |
+          VERSION=$(./scripts/get-latest-aws-version.sh)
+          echo "Upgrading pulumi-aws to $VERSION"
+          ./scripts/upgrade-aws.sh "$VERSION"
+          echo "Upgraded pulumi-aws to $VERSION"
+
+          if ! git diff-files --quiet; then
+            echo changes=1        >> "$GITHUB_OUTPUT"
+            echo version=$VERSION >> "$GITHUB_OUTPUT"
+          else
+            echo "No changes detected. Exiting."
+          fi
+
+      - name: Commit changes
+        if: steps.upgrade.outputs.changes != 0
+        env:
+          PULUMI_AWS_VERSION: ${{ steps.upgrade.outputs.version }}
+        run: |
+          branch="update-pulumi-aws/$PULUMI_AWS_VERSION-${{ github.run_id }}-${{ github.run_number }}"
+          msg="Update pulumi/pulumi-aws version to $PULUMI_AWS_VERSION"
+          git branch "$branch"
+          git checkout "$branch"
+          git add .
+          git commit -m "$msg"
+          git push origin "$branch"
+
+      - name: Create a Pull Request
+        if: steps.upgrade.outputs.changes != 0
+        env:
+          GH_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
+          PULUMI_AWS_VERSION: ${{ steps.upgrade.outputs.version }}
+        run: |
+          branch="update-pulumi-aws/$PULUMI_AWS_VERSION-${{ github.run_id }}-${{ github.run_number }}"
+          title="Update pulumi/pulumi-aws version to $PULUMI_AWS_VERSION"
+          gh pr create \
+              --title "$title" \
+              --body "$title" \
+              --head "$branch"

scripts/get-latest-aws-version.sh

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+pulumi plugin install resource aws
+pulumi plugin ls --json | jq -r '.[]|select(.name=="aws")|.version'

scripts/upgrade-aws.sh

@@ -10,6 +10,14 @@ VER="$1"
 
 echo "V=$VER"
 
-(cd awsx && yarn add "@pulumi/aws@$VER")
+# Strips the v from the version to get the correct npm version.
+(cd awsx && yarn upgrade @pulumi/aws@${VER#v})
 
+# Deduplicate the dependencies.
+(cd awsx && yarn run dedupe-deps)
+
+# Ensure that we don't have any duplicate dependencies.
+(cd awsx && yarn run check-duplicate-deps)
+
+# Rebulid the SDKs, which will also rebuild the schema and all other files.
 make build_sdks