runs init, preview and apply on pulumi stacks right in your Github Actions. Inspired from Atalantis for Terraform

Meet Vasani

Last update: Aug 7, 2023

Related tags

Utilities rust aws utility iac action pulumi github-action ci-tool

Overview

pulumi-actions

runs init, preview and apply on pulumi stacks right in your Github-Actions. Inspired from Atlantis for Terraform

PREVIEW Release

Currently, In this release; the following are supported only for Pulumi Cloud and AWS S3 with Typescript runtime:

Init the stack if it does not exists
Preview the stack
Apply the stack

Future plans

Note: Strikethrough comments are already implemented.

~~Add support for AWS Infra, though we can write and use AWS modules and all. But it won't be able to authenticate with AWS Account.~~
~~Add support for AWS Backend (S3)~~
Add other runtime support i.e python, go

Usage

Usage: pulumi-actions [OPTIONS] --stack <STACK_NAME> --backend <BACKEND> --path <STACK_PATH> --runtime <RUNTIME> --passphrase <PASSPHRASE>

Options:
  -s, --stack <STACK_NAME>
          pulumi stack name
      --pulumi-cloud-token <PULUMI_CLOUD_TOKEN>
          Pulumi token - in case of using Pulumi cloud. (Optional)
      --s3-bucket <S3_BUCKET_NAME>
          S3 Bucket name - in case if backend is s3. exmaple: "s3://my-bucket"
  -b, --backend <BACKEND>
          backend type [possible values: pulumicloud, s3]
  -p, --path <STACK_PATH>
          Path to stack's index.ts
  -r, --runtime <RUNTIME>
          Path to stack's index.ts [possible values: typescript]
      --preview
          preview the stack
      --apply
          apply the stack
      --init
          init the stack if does not exist
      --passphrase <PASSPHRASE>
          stack passphrase
      --install-deps
          Install dependencies of language runtime, consider setting true only when you want to preview or apply the stack
  -h, --help
          Print help
  -V, --version
          Print version

Examples

For Github Actions usage

- name: preview stack
  uses: lowkey-who/pulumi-actions@main
   env:
    pulumi_cloud_token: ${{ secrets.PuluToken }}
    passphrase: ${{ secrets.Passphrase }}
   with:
    cmd: pulumi-actions --pulumi-cloud-token "$pulumi_cloud_token" -s test6 --backend pulumicloud --path "$GITHUB_WORKSPACE/examples/ts" --install-deps --preview --passphrase "$passphrase" --runtime typescript

Deploy infrastructure on AWS Cloud

name: Comment Workflow

on:
  issue_comment:
    types:
    - created

jobs:
  comment_job:
    permissions:
      id-token: write
      contents: read
    name: pulumi-actions
    if: github.event.issue.pull_request != '' && contains(github.event.comment.body, 'pulumi-actions')   
    runs-on: ubuntu-latest

    steps:
    - name: Checkout code
      uses: actions/checkout@v3

    - name: Configure AWS Credentials
      uses: aws-actions/configure-aws-credentials@v2
      with:
        role-to-assume: <role-arn>
        aws-region: <your-aws-region>

    - name: Run Pulumi actions 
      uses: lowkey-who/pulumi-actions@main
      env:
        passphrase: ${{ secrets.Passphrase }}
      with:
        cmd: ${{ github.event.comment.body }}

After setting up this workflow, make a PR on your repo and pass the somewhat similar command to work with s3 backend and AWS Cloud.

pulumi-actions -s ci-test --init --backend s3 --s3-bucket "s3://my-bucket-name" --runtime typescript --path "$GITHUB_WORKSPACE/examples/" --passphrase "$passphrase"

To work with aws-actions/configure-aws-credentials@v2 github action, you'll have to configure OIDC setup with AWS. Here is the doc for that.

Make this action run on PR when comment is issued. For this use-case check this workflow example

TL;DR Just comment the command that you need to run and action will run whatever fed into the comment. So make sure to check the comment else workflow might not run.

NOTE: Please test the following examples either in Github Actions or mount the dir when running the docker command.

Init the stack

pulumi-actions -s test6 --backend pulumicloud --path "/examples/ts" --runtime typescript --pulumi-cloud-token "pul-xxxxxxxxxxxxx" --init --passphrase "abceDDddsfdsfsdfdsadasd"

Preview the stack

pulumi-actions -s test6 --backend pulumicloud --path "/examples/ts" --runtime typescript --pulumi-cloud-token "pul-xxxxxxxxxxxxx" --preview --install-deps --passphrase "abceDDddsfdsfsdfdsadasd"

Apply the stack

pulumi-actions -s test6 --backend pulumicloud --path "/examples/ts" --runtime typescript --pulumi-cloud-token "pul-xxxxxxxxxxxxx" --apply --install-deps --passphrase "abceDDddsfdsfsdfdsadasd"

workflow examples

Crate of GitHub’s collection of gitignores, embedded, automatically updated

Gitignores GitHub’s collection of gitignores, embedded, automatically updated. API documentation. Public Domain via CC0-1.0 (same as source data). MSR

3 May 3, 2022

Make the github cli even better with fuzzy finding

github-repo-clone (grc) Github Repo Clone is a command line utility written in rust that leverages the power of fuzzy finding with the github cli Usag

2 Jul 9, 2022

Self-Hosted alternative to GitHub Gists

Gists Self-Hosted GitHub Gists Features Upload code snippets Syntax Highlighting Comments Versioning through Git Fork gists Gist privacy: public, unli

52 Dec 22, 2022

Github mirror of codeberg repo. Monitor live bandwidth usage/ network speed on PC. Native version also available for Android, separately.

Netspeed Monitor Netspeed is a cross-platform desktop application that shows the live upload speed, download speed and day's usage as an overlay. Feat

16 May 3, 2023

Twidge is a fresh approach to productivity. It integrates with your workflow and allows you to be your most productive self.

Twidge A productivity app which is an extension to your mind Twidge is a cross platform productivity app, powered by rust, tauri, prisma-client-rust T