runs init, preview and apply on pulumi stacks right in your Github Actions. Inspired from Atalantis for Terraform

Overview

pulumi-actions

runs init, preview and apply on pulumi stacks right in your Github-Actions. Inspired from Atlantis for Terraform

PREVIEW Release

Currently, In this release; the following are supported only for Pulumi Cloud and AWS S3 with Typescript runtime:

  • Init the stack if it does not exists
  • Preview the stack
  • Apply the stack

Future plans

Note: Strikethrough comments are already implemented.

  • Add support for AWS Infra, though we can write and use AWS modules and all. But it won't be able to authenticate with AWS Account.
  • Add support for AWS Backend (S3)
  • Add other runtime support i.e python, go

Usage

Usage: pulumi-actions [OPTIONS] --stack <STACK_NAME> --backend <BACKEND> --path <STACK_PATH> --runtime <RUNTIME> --passphrase <PASSPHRASE>

Options:
  -s, --stack <STACK_NAME>
          pulumi stack name
      --pulumi-cloud-token <PULUMI_CLOUD_TOKEN>
          Pulumi token - in case of using Pulumi cloud. (Optional)
      --s3-bucket <S3_BUCKET_NAME>
          S3 Bucket name - in case if backend is s3. exmaple: "s3://my-bucket"
  -b, --backend <BACKEND>
          backend type [possible values: pulumicloud, s3]
  -p, --path <STACK_PATH>
          Path to stack's index.ts
  -r, --runtime <RUNTIME>
          Path to stack's index.ts [possible values: typescript]
      --preview
          preview the stack
      --apply
          apply the stack
      --init
          init the stack if does not exist
      --passphrase <PASSPHRASE>
          stack passphrase
      --install-deps
          Install dependencies of language runtime, consider setting true only when you want to preview or apply the stack
  -h, --help
          Print help
  -V, --version
          Print version

Examples

  • For Github Actions usage

    - name: preview stack
      uses: lowkey-who/pulumi-actions@main
       env:
        pulumi_cloud_token: ${{ secrets.PuluToken }}
        passphrase: ${{ secrets.Passphrase }}
       with:
        cmd: pulumi-actions --pulumi-cloud-token "$pulumi_cloud_token" -s test6 --backend pulumicloud --path "$GITHUB_WORKSPACE/examples/ts" --install-deps --preview --passphrase "$passphrase" --runtime typescript
  • Deploy infrastructure on AWS Cloud

    name: Comment Workflow
    
    on:
      issue_comment:
        types:
        - created
    
    jobs:
      comment_job:
        permissions:
          id-token: write
          contents: read
        name: pulumi-actions
        if: github.event.issue.pull_request != '' && contains(github.event.comment.body, 'pulumi-actions')   
        runs-on: ubuntu-latest
    
        steps:
        - name: Checkout code
          uses: actions/checkout@v3
    
        - name: Configure AWS Credentials
          uses: aws-actions/configure-aws-credentials@v2
          with:
            role-to-assume: <role-arn>
            aws-region: <your-aws-region>
    
        - name: Run Pulumi actions 
          uses: lowkey-who/pulumi-actions@main
          env:
            passphrase: ${{ secrets.Passphrase }}
          with:
            cmd: ${{ github.event.comment.body }}
    

    After setting up this workflow, make a PR on your repo and pass the somewhat similar command to work with s3 backend and AWS Cloud.

    pulumi-actions -s ci-test --init --backend s3 --s3-bucket "s3://my-bucket-name" --runtime typescript --path "$GITHUB_WORKSPACE/examples/" --passphrase "$passphrase"
    

    To work with aws-actions/configure-aws-credentials@v2 github action, you'll have to configure OIDC setup with AWS. Here is the doc for that.

  • Make this action run on PR when comment is issued. For this use-case check this workflow example

    TL;DR Just comment the command that you need to run and action will run whatever fed into the comment. So make sure to check the comment else workflow might not run.

NOTE: Please test the following examples either in Github Actions or mount the dir when running the docker command.

  • Init the stack

    pulumi-actions -s test6 --backend pulumicloud --path "/examples/ts" --runtime typescript --pulumi-cloud-token "pul-xxxxxxxxxxxxx" --init --passphrase "abceDDddsfdsfsdfdsadasd"
    
  • Preview the stack

    pulumi-actions -s test6 --backend pulumicloud --path "/examples/ts" --runtime typescript --pulumi-cloud-token "pul-xxxxxxxxxxxxx" --preview --install-deps --passphrase "abceDDddsfdsfsdfdsadasd"
    
  • Apply the stack

    pulumi-actions -s test6 --backend pulumicloud --path "/examples/ts" --runtime typescript --pulumi-cloud-token "pul-xxxxxxxxxxxxx" --apply --install-deps --passphrase "abceDDddsfdsfsdfdsadasd"
    

workflow examples

You might also like...
Crate of GitHub’s collection of gitignores, embedded, automatically updated

Gitignores GitHub’s collection of gitignores, embedded, automatically updated. API documentation. Public Domain via CC0-1.0 (same as source data). MSR

Make the github cli even better with fuzzy finding
Make the github cli even better with fuzzy finding

github-repo-clone (grc) Github Repo Clone is a command line utility written in rust that leverages the power of fuzzy finding with the github cli Usag

tracing-glog is a glog-inspired formatter for tracing-subscriber.

tracing-glog tracing-glog is a glog-inspired formatter for tracing-subscriber. tracing-glog should be used with tracing-subscriber, as it is a formatt

Self-Hosted alternative to GitHub Gists

Gists Self-Hosted GitHub Gists Features Upload code snippets Syntax Highlighting Comments Versioning through Git Fork gists Gist privacy: public, unli

A rust `tracing` compatible framework inspired by log4rs.

trace4rs This crate allows users to configure output from tracing in the same way as you would configure the output of log4rs. Overview For a usage ex

Github mirror of codeberg repo. Monitor live bandwidth usage/ network speed on PC. Native version also available for Android, separately.
Github mirror of codeberg repo. Monitor live bandwidth usage/ network speed on PC. Native version also available for Android, separately.

Netspeed Monitor Netspeed is a cross-platform desktop application that shows the live upload speed, download speed and day's usage as an overlay. Feat

Rust port of the official Windows Driver Samples on Github. Leverages windows-drivers-rs

Rust Driver Samples This is a Rust port of the driver samples from the original Windows Driver Samples on Github. The repository provides examples and

This is the github repo for the Spot Lite protocol.

spot-contract This is the github repo for the Spot Lite protocol. Set up local Sei Please follow the documentation on the official Sei doc to set up y

Twidge is a fresh approach to productivity. It integrates with your workflow and allows you to be your most productive self.

Twidge A productivity app which is an extension to your mind Twidge is a cross platform productivity app, powered by rust, tauri, prisma-client-rust T

Releases(1.0.4)
Owner
Meet Vasani
DevOps Engineer
Meet Vasani
Open Source terraform provider registry

Terustry Simple configurable proxy that implement terraform provider registry protocol, to build your own terraform provider private registry. How it

Open-Source by Veepee 53 Nov 24, 2022
Demo Terraform Provider in Rust

terraform-provider-helloworld Welcome to a large pile of hacks masquerading as a PoC. This repository proves that it's possible to write a Terraform P

Tom Parker-Shemilt 25 Sep 15, 2022
A convenient tracing config and init lib, with symlinking and local timezone.

clia-tracing-config A convenient tracing config and init lib, with symlinking and local timezone. Use these formats default, and can be configured: pr

Cris Liao 5 Jan 3, 2023
A command-line tool which can move CloudFormation resources between stacks

cfn-teleport A command-line tool which can move CloudFormation resources between stacks. Installation On a Mac you can install via Homebrew: brew inst

Daniel Schroeder 19 Apr 2, 2023
BSV stdlib written in Rust and runs in WASM environments

BSV.WASM A Rust/WASM Library to interact with Bitcoin SV Installation NodeJS: npm i bsv-wasm --save Web: npm i bsv-wasm-web --save Rust: https://crate

null 56 Dec 15, 2022
Watches changes in a rust project, runs test and shows friendly notification

Cargo testify Automatically runs tests on your Rust project and notifies about the result. Install Install prerequisites (for Debian/Ubuntu): apt-get

Sergey Potapov 77 May 16, 2022
Sampling profiler and tracer for Ruby (CRuby) which runs in BPF

rbperf rbperf is a low-overhead sampling profiler and tracer for Ruby (CRuby) which runs in BPF Build To build rbperf you would need a Linux machine w

Javier Honduvilla Coto 75 Dec 19, 2022
A thin-hypervisor that runs on aarch64 CPUs.

How to build the hypervisor By Rust toolchain (TBD) By docker Requirements Docker (Tested by Docker version 20.10.8, build 3967b7d28e) I tested by non

RIKEN R-CCS 54 Dec 12, 2022
Creates a DLL that runs a payload once injected into a process.

Educational purposes only Don't use this project maliciously. Prerequisites Install rust Install windows toolchain Setup Run cargo run --bin builder -

RadonCoding 3 Aug 27, 2022
A small utility for tracking the change in opening and closing of issues in a GitHub repo

A small utility for tracking the change in opening and closing of issues in a GitHub repo. This tool can be used to build visualizations for issue triage over time with the hope of motivating closing more issues than are opened.

Ryan Levick 12 Sep 29, 2021