• Stars
    star
    237
  • Rank 169,885 (Top 4 %)
  • Language
    TypeScript
  • License
    Apache License 2.0
  • Created about 6 years ago
  • Updated 6 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Deploy continuously to your cloud of choice, using your favorite language, Pulumi, and GitHub!

Pulumi GitHub Actions

Pulumi's GitHub Actions deploy apps and infrastructure to your cloud of choice, using just your favorite language and GitHub. This includes previewing, validating, and collaborating on proposed deployments in the context of Pull Requests, and triggering deployments or promotions between different environments by merging or directly committing code.

Getting Started

name: Pulumi
on:
  push:
    branches:
      - master
jobs:
  up:
    name: Preview
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - uses: pulumi/actions@v4
        with:
          command: preview
          stack-name: org-name/stack-name
        env:
          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}

This will check out the existing directory and run pulumi preview.

Configuration

The action can be configured with the following arguments:

  • command (optional) - The command to run as part of the action. Accepted values are up (alias: update), refresh, destroy, and preview. If unspecified, the action will stop after installing Pulumi.

  • stack-name (optional) - The name of the stack that Pulumi will be operating on. Use the fully quaified org-name/stack-name when operating on a stack outside of your individual account. This field is required if a command was specified.

  • work-dir (optional) - The location of your Pulumi files. Defaults to ./.

  • cloud-url - (optional) - the Pulumi backend to login to. This would be the equivalent of what would be passed to the pulumi login command. The action will login to the appropriate backend on your behalf provided it is configured with the correct access credentials for that backend.

  • comment-on-pr - (optional) If true, then the action will add the results of the Pulumi action to the PR. Ignored unless ${{ github.event }} type is pull_request.

  • github-token - (optional) A GitHub token that has access levels to allow the Action to comment on a PR. Defaults to ${{ github.token }}

  • refresh - (optional) If true, stack is refreshed before running the command.

  • secrets-provider - (optional) The type of the provider that should be used to encrypt and decrypt secrets. Possible choices: default, passphrase, awskms, azurekeyvault, gcpkms, hashivault. e.g. gcpkms://projects//locations/us-west1/keyRings/acmecorpsec/cryptoKeys/payroll

  • color - (optional) Colorize output. Choices are: always, never, raw, auto (default "auto").

Extra options

  • config-map - (optional) Configuration of the stack. Format Yaml string: {<key | string>: {value: <value | string>, secret: <is_secret | boolean> },}.

  • diff - (optional) Display operation as a rich diff showing the overall change.

  • comment-on-pr-number - (optional) If set to a number, then the action will add the results of the Pulumi action to the specified PR number.

  • edit-pr-comment - (optional) Edit previous PR comment instead of posting new one. PLEASE NOTE: that as of 3.2.0 of the Action, this now defaults to true. This is in an effort to reduce verbosity - if you want to have a comment per PR run, please ensure that you set this to false.

  • expect-no-changes - (optional) Return an error if any changes occur during this update.

  • message - (optional) Optional message to associate with the update operation.

  • parallel - (optional) Allow P resource operations to run in parallel at once (1 for no parallelism). Defaults to unbounded.

  • policy-pack - (optional) Run one or more policy packs with the provided command

  • policy-pack-config - (optional) Path(s) to JSON file(s) containing the config for the policy pack with the corresponding "policy-pack" argument

  • pulumi-version - (optional) Install a specific version of the Pulumi CLI. Defaults to "^3"

  • remove - (optional) Removes the target stack if all resources are destroyed. Used only with destroy command.

  • replace - (optional) Specify resources to replace. Multiple resources can be specified one per line (example: <value | string>,...).

  • target - (optional) Specify a single resource URN to update. Other resources will not be updated. Multiple resources can be specified one per line (example: <value | string>,...).

  • target-dependents - (optional) Allows updating of dependent targets discovered but not specified in target.

  • upsert - (optional) Allows the creation of the specified stack if it currently doesn't exist. PLEASE NOTE: This will create a Pulumi.<stack-name>.yaml file that you will need to add back to source control as part of the action if you wish to perform any further tasks with that stack.

  • exclude-protected - (optional) Skip destroying protected resources. Only valid when command is destroy.

By default, this action will try to authenticate Pulumi with Pulumi Cloud. If you have not specified a PULUMI_ACCESS_TOKEN then you will need to specify an alternative backend via the cloud-url argument.

Installation Only

If you want to only install the Pulumi CLI, omit the command field of the action.

- uses: pulumi/actions@v4

This will install Pulumi and exit without performing any other operations.

Stack Outputs

Stack outputs are available when using this action. When creating a stack as follows:

package main

import (
	random "github.com/pulumi/pulumi-random/sdk/v2/go/random"
	"github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		p, err := random.NewRandomPet(ctx, "my-user-name", &random.RandomPetArgs{})
		if err != nil {
			return err
		}
		ctx.Export("pet-name", p)
		return nil
	})
}

We can see that pet-name is an output. To get the value of this output in the action, we would use code similar to the following:

- uses: pulumi/actions@v4
  id: pulumi
  env:
    PULUMI_CONFIG_PASSPHRASE: ${{ secrets.PULUMI_CONFIG_PASSPHRASE }}
  with:
    command: up
    cloud-url: gs://my-bucket
    stack-name: org-name/stack-name
- run: echo "My pet name is ${{ steps.pulumi.outputs.pet-name }}"

the pet-name is available as a named output

Run echo "My pet name is pretty-finch"

Referencing Sensitive Values

We suggest that any sensitive environment variables be referenced using GitHub Secrets, and consuming them using the secrets attribute on your workflow's action.

Example workflows

The Pulumi GitHub action uses the Pulumi Automation API in order to coordinate the Pulumi operations. This means that there is no supporting functionality for npm or pip installs. This functionality should be deferred to the correct GitHub Marketplace actions that support it.

Release Cadence

As of v3.18, we are intending to move to a monthly cadence for minor releases. Minor releases will be published around the beginning of the month. We may cut a patch release instead, if the changes are small enough not to warrant a minor release. We will also cut patch releases periodically as needed to address bugs.

Migrating from v3

v4 of the Pulumi Action updates the NodeJS runtime from Node 12 to Node 16. Users of GitHub Enterprise will have to upgrade to v3.4 or newer. All other users are unaffected.

Migrating from GitHub Action v1 and v2

Here are some pointers when migrating from v1 to v2 of our GitHub Action.

  • The following inputs have changed from environment variables to action inputs:

    • PULUMI_ROOT is now work-dir
    • PULUMI_BACKEND_URL is now cloud-url
    • COMMENT_ON_PR is now comment-on-pr
    • GITHUB_TOKEN is now github-token
  • IS_PR_WORKFLOW is no longer a viable input. The action is able to understand if the workflow is a pull_request due to action type

  • The action now runs natively, so the action workflow needs to have the correct environment configured. There are sample workflows available. For examples, if you are running a NodeJS (for example) app then you need to ensure that your action has NodeJS available to it:

- uses: actions/setup-node@v1
with:
  node-version: 14.x
  • The action will no longer run npm ci | npm install | pip3 install | pipenv install. Please ensure that you are installing your dependencies before Pulumi commands are executed, e.g.:
- run: pip install -r requirements
  working-directory: infra

More Repositories

1

pulumi

Pulumi - Infrastructure as Code in any programming language πŸš€
Go
21,443
star
2

kubespy

Tools for observing Kubernetes resources in real time, powered by Pulumi.
Go
2,689
star
3

examples

Infrastructure, containers, and serverless apps to AWS, Azure, GCP, and Kubernetes... all deployed with Pulumi
TypeScript
2,074
star
4

pulumi-aws

An Amazon Web Services (AWS) Pulumi resource package, providing multi-language access to AWS
Java
358
star
5

pulumi-kubernetes

A Pulumi resource provider for Kubernetes to manage API resources and workloads in running clusters
Java
358
star
6

tf2pulumi

A tool to convert Terraform projects to Pulumi
Go
291
star
7

pulumi-ai

TypeScript
225
star
8

esc

Pulumi ESC (Environments, Secrets, and Configuration) for cloud applications and infrastructure.
Go
219
star
9

pulumi-kubernetes-operator

A Kubernetes Operator that automates the deployment of Pulumi Stacks
Go
211
star
10

automation-api-examples

Examples for the Pulumi Automation API https://pkg.go.dev/github.com/pulumi/pulumi/sdk/v3/go/auto?tab=doc
Go
191
star
11

pulumi-awsx

AWS infrastructure best practices in component form!
TypeScript
178
star
12

pulumi-eks

A Pulumi component for easily creating and managing an Amazon EKS Cluster
Java
154
star
13

pulumi-terraform-bridge

A library allowing providers built with the Terraform Plugin SDK to be bridged into Pulumi.
Go
145
star
14

pulumi-gcp

A Google Cloud Platform (GCP) Pulumi resource package, providing multi-language access to GCP
Java
145
star
15

pulumi-kubernetesx

Kubernetes for Everyone
TypeScript
129
star
16

docs

All things Pulumi docs!
HTML
127
star
17

pulumi-azure

A Microsoft Azure Pulumi resource package, providing multi-language access to Azure
Java
123
star
18

pulumi-azure-native

Azure Native Provider
114
star
19

pulumi-cloud

A highly productive multi-cloud framework for containers, serverless, and data
TypeScript
113
star
20

pulumi-terraform

A resource package that allows Pulumi programs to use Terraform state
Go
106
star
21

kube2pulumi

Upgrade your Kubernetes YAML to a modern language
Go
105
star
22

infrastructure-as-code-workshop

Infrastructure as Code Workshop
C#
92
star
23

pulumi-aws-native

AWS Native Provider for Pulumi
Go
89
star
24

workshops

A definitive place to store all the Pulumi workshops
TypeScript
88
star
25

kubernetes-guides

Crosswalk Playbooks and Code for Teams to Manage Kubernetes in Production
TypeScript
80
star
26

crd2pulumi

Generate typed CustomResources from a Kubernetes CustomResourceDefinition
Go
74
star
27

pulumi-java

Java support for Pulumi
Java
69
star
28

pulumi-command

Java
64
star
29

pulumi-google-native

Python
64
star
30

pulumi-cloudflare

Pulumi's Cloudflare package, providing multi-language infrastructure as code for Cloudflare
Java
63
star
31

pulumi-cdk

Pulumi/CDK Interop Library
TypeScript
61
star
32

pulumi-docker

A Docker Pulumi resource package, providing multi-language access to Docker resources and building images.
Java
60
star
33

templates

Templates used by `pulumi new`
Go
58
star
34

pulumi-tf-provider-boilerplate

Boilerplate code for Terraform provider-backed Pulumi packages
Go
57
star
35

pulumi-alicloud

An AliCloud Pulumi resource package, providing multi-language access to AliCloud
Go
48
star
36

pulumi-vsphere

A Pulumi resource package for VMWare VSphere, providing multi-language access to vCenter Server and ESXi
Java
46
star
37

setup-pulumi

GitHub Action to install the Pulumi CLI
TypeScript
45
star
38

pulumi-provider-boilerplate

Boilerplate showing how to create a native Pulumi provider
Python
42
star
39

pulumi-openstack

An OpenStack Pulumi resource package, providing multi-language access to OpenStack
Java
39
star
40

pulumi-github

A Pulumi package to facilitate interacting with GitHub
Java
39
star
41

pulumi-yaml

YAML language provider for Pulumi
Go
38
star
42

pulumi-go-provider

A framework for building Go Providers for Pulumi
Go
33
star
43

pulumi-hugo

A Hugo module containing content and layouts used on pulumi.com, including hand-authored docs, the Pulumi blog, and Learn Pulumi.
CSS
32
star
44

pulumi-hcloud

A Hetzner Cloud Pulumi resource package, providing multi-language access to Hetzner Cloud
Java
32
star
45

pulumi-azure-nextgen

Next generation Microsoft Azure provider for Pulumi, providing multi-language access to Azure
29
star
46

pulumi-random

A Pulumi provider that safely enables randomness for resources
Java
29
star
47

pulumi-oci

An Oracle Cloud (OCI) Pulumi resource package, providing multi-language access to OCI
Go
28
star
48

pulumi-policy

Pulumi's Policy as Code SDK, CrossGuard. Define infrastructure checks in code to enforce security, compliance, cost, and other practices, enforced at deployment time.
TypeScript
28
star
49

registry

The global index of everything you can do with Pulumi.
HTML
27
star
50

pulumi-dotnet

.NET support for Pulumi
C#
27
star
51

pulumi-self-hosted-installers

Repository for getting started with self-hosted Pulumi Service.
TypeScript
27
star
52

pulumi-keycloak

A KeyCloak Pulumi resource package, providing multi-language access to KeyCloak
Java
27
star
53

pulumi-postgresql

A Postgresql Pulumi resource package
Go
27
star
54

pulumi-vault

A Vault Pulumi resource package, providing multi-language access to HashiCorp Vault
Go
25
star
55

pulumictl

A swiss army knife for Pulumi development
Go
24
star
56

pulumi-policy-aws

A policy pack of rules to enforce AWS best practices for security, reliability, cost, and more!
TypeScript
24
star
57

pulumi-libvirt

Java
23
star
58

pulumi-linode

Linode resource provider for Pulumi
Java
23
star
59

pulumi-lsp

A LSP server for Pulumi YAML
Go
22
star
60

pulumi-component-provider-ts-boilerplate

Go
22
star
61

pulumi-auth0

An auth0Pulumi resource package, providing multi-language access to Auth0
Go
22
star
62

pulumi-az-pipelines-task

Azure Pipelines task extension for running Pulumi apps.
TypeScript
20
star
63

circleci

CircleCI Orbs for CI/CD using Pulumi.
JavaScript
19
star
64

pulumi-component-provider-py-boilerplate

Demonstrates building a multi-lang Pulumi component provider in Python
Python
19
star
65

pulumi-gitlab

A GitLab Pulumi resource package, providing multi-language access to GitLab
Java
18
star
66

pulumi-azuredevops

An AzureDevOps Pulumi resource package, providing multi-language access to AzureDevOps
Go
17
star
67

halloumi

Go
17
star
68

actions-example-gke-rails

Deploys a Dockerized Rails app to Kubernetes on Google, using GitHub Actions and Pulumi
HTML
17
star
69

pulumi-backstage-plugin

Pulumi plugin for Backstage
TypeScript
17
star
70

compliance-policies

A library of policies for Pulumi's Policy as Code
TypeScript
16
star
71

pulumi-datadog

An Datadog Pulumi resource package, providing multi-language access to Datadog
Go
16
star
72

pulumitv

Projects and examples related to Pulumi TV
TypeScript
15
star
73

pulumi-aws-serverless

Easy serverless programming for AWS
TypeScript
15
star
74

pulumi-azuread

A Microsoft Azure Active Directory (Azure AD) Pulumi resource package, providing multi-language access to Azure AD
Java
15
star
75

pulumi-snowflake

Go
15
star
76

pulumi-databricks

Go
15
star
77

pulumi-docker-containers

Definitions for official Pulumi Docker images.
Dockerfile
14
star
78

pulumi-component-provider-go-boilerplate

Go
14
star
79

pulumi-tailscale

Makefile
14
star
80

pulumi-kubernetes-cert-manager

A Pulumi Kubernetes CertManager component
Java
14
star
81

pulumi-pulumiservice

Go
13
star
82

eks-blueprint

Go
13
star
83

pulumi-yandex

Python
13
star
84

pulumi-mongodbatlas

A MongoDB Atlas Pulumi resource package, providing multi-language access to MongoDB Atlas
Java
12
star
85

actions-pulumify

Pulumify - A GitHub Action to continuously deploy static website previews
Python
12
star
86

devcontainer

Pulumi build and development artifacts
Makefile
12
star
87

pulumi-aiven

An Aiven Pulumi resource package, providing multi-language access to Aiven
Go
12
star
88

pulumi-kafka

A Kafka Pulumi resource package, providing multi-language access to Kafka
Java
12
star
89

pulumi-aws-static-website

TypeScript
11
star
90

pulumi-policy-opa

A bridge enabling Pulumi CrossGuard to run OPA rules
Go
11
star
91

pulumi-cloud-requests

Welcome to the public issue tracker for Pulumi Cloud (app.pulumi.com)! Feature requests and bug reports welcome!
11
star
92

pulumi-aws-apigateway

TypeScript
11
star
93

pulumi-import-aws-account-scraper

Example of using boto3 to generate JSON for pulumi import
Python
11
star
94

pulumi-query-kubernetes

A relational TypeScript SDK for querying Kubernetes resources in any cluster, either on-prem or in any cloud.
TypeScript
11
star
95

pulumi-kubernetes-ingress-nginx

A Pulumi NGINX Ingress Controller component
Python
11
star
96

pulumi-newrelic

An New Relic Pulumi resource package, providing multi-language access to New Relic
Java
10
star
97

pulumi-nomad

Go
10
star
98

tf12-vs-pulumi

A collection of HCL2 examples, rewritten to Pulumi
10
star
99

introduction-to-pulumi

An interactive workshop to get started with Pulumi
Dockerfile
10
star
100

travisqueue

Sequence Travis builds per branch
Go
9
star